Search CVE reports
41 – 50 of 1332 results
CVE-2021-43301
Medium prioritySome fixes available 2 of 14
Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled 'file_names' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.
3 affected packages
asterisk, pjproject, ring
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| asterisk | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| pjproject | — | — | — | Needs evaluation | Needs evaluation |
| ring | Not in release | — | Fixed | Fixed | Ignored |
CVE-2021-43300
Medium prioritySome fixes available 2 of 14
Stack overflow in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.
3 affected packages
asterisk, pjproject, ring
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| asterisk | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| pjproject | — | — | — | Needs evaluation | Needs evaluation |
| ring | Not in release | — | Fixed | Fixed | Ignored |
CVE-2021-43299
Medium prioritySome fixes available 2 of 14
Stack overflow in PJSUA API when calling pjsua_player_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.
3 affected packages
asterisk, pjproject, ring
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| asterisk | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| pjproject | — | — | — | Needs evaluation | Needs evaluation |
| ring | Not in release | — | Fixed | Fixed | Ignored |
CVE-2022-21723
Medium prioritySome fixes available 2 of 5
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message...
2 affected packages
pjproject, ring
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| pjproject | — | — | — | Needs evaluation | Needs evaluation |
| ring | Not in release | — | Fixed | Fixed | Ignored |
CVE-2022-21722
Medium prioritySome fixes available 1 of 4
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.11.1 and prior, there are various cases where it...
2 affected packages
pjproject, ring
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| pjproject | — | — | — | Needs evaluation | Needs evaluation |
| ring | Not in release | — | Fixed | Not affected | Ignored |
CVE-2021-22060
Low priorityIn Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up...
1 affected packages
libspring-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libspring-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-41141
Low priorityPJSIP is a free and open source multimedia communication library written in the C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In various parts of PJSIP, when error/failure occurs, it...
1 affected packages
ring
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ring | Not in release | Not in release | Needs evaluation | Needs evaluation | Ignored |
CVE-2021-43845
Medium prioritySome fixes available 2 of 14
PJSIP is a free and open source multimedia communication library. In version 2.11.1 and prior, if incoming RTCP XR message contain block, the data field is not checked against the received packet size, potentially resulting in an...
3 affected packages
asterisk, pjproject, ring
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| asterisk | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| pjproject | — | — | — | Needs evaluation | Needs evaluation |
| ring | Not in release | — | Fixed | Fixed | Ignored |
CVE-2021-43804
Medium prioritySome fixes available 2 of 5
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming RTCP BYE...
2 affected packages
pjproject, ring
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| pjproject | — | — | — | Needs evaluation | Needs evaluation |
| ring | Not in release | — | Fixed | Fixed | Ignored |
CVE-2021-37706
Medium prioritySome fixes available 4 of 7
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an...
2 affected packages
pjproject, ring
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| pjproject | — | — | — | Needs evaluation | Needs evaluation |
| ring | Not in release | — | Fixed | Fixed | Ignored |