Search CVE reports
41 – 50 of 1338 results
CVE-2022-24763
Medium prioritySome fixes available 2 of 5
PJSIP is a free and open source multimedia communication library written in the C language. Versions 2.12 and prior contain a denial-of-service vulnerability that affects PJSIP users that consume PJSIP's XML parsing in their apps....
2 affected packages
pjproject, ring
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pjproject | — | — | — | Needs evaluation | Needs evaluation |
ring | Not in release | — | Fixed | Fixed | Ignored |
CVE-2022-24764
Medium prioritySome fixes available 2 of 5
PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affects PJSUA2 users or users that call the API...
2 affected packages
pjproject, ring
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pjproject | — | — | — | Needs evaluation | Needs evaluation |
ring | Not in release | — | Fixed | Fixed | Ignored |
CVE-2022-24754
Medium prioritySome fixes available 2 of 5
PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed...
2 affected packages
pjproject, ring
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pjproject | — | — | — | Needs evaluation | Needs evaluation |
ring | Not in release | — | Fixed | Fixed | Ignored |
CVE-2022-23608
Low prioritySome fixes available 2 of 15
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set...
3 affected packages
asterisk, pjproject, ring
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
asterisk | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
pjproject | — | — | — | Needs evaluation | Needs evaluation |
ring | Not in release | — | Fixed | Fixed | Ignored |
CVE-2021-43303
Medium prioritySome fixes available 2 of 15
Buffer overflow in PJSUA API when calling pjsua_call_dump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer,...
3 affected packages
asterisk, pjproject, ring
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
asterisk | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
pjproject | — | — | — | Needs evaluation | Needs evaluation |
ring | Not in release | — | Fixed | Fixed | Ignored |
CVE-2021-43302
Medium prioritySome fixes available 2 of 15
Read out-of-bounds in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause an out-of-bounds read when the filename is shorter than 4 characters.
3 affected packages
asterisk, pjproject, ring
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
asterisk | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
pjproject | — | — | — | Needs evaluation | Needs evaluation |
ring | Not in release | — | Fixed | Fixed | Ignored |
CVE-2021-43301
Medium prioritySome fixes available 2 of 15
Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled 'file_names' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.
3 affected packages
asterisk, pjproject, ring
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
asterisk | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
pjproject | — | — | — | Needs evaluation | Needs evaluation |
ring | Not in release | — | Fixed | Fixed | Ignored |
CVE-2021-43300
Medium prioritySome fixes available 2 of 15
Stack overflow in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.
3 affected packages
asterisk, pjproject, ring
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
asterisk | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
pjproject | — | — | — | Needs evaluation | Needs evaluation |
ring | Not in release | — | Fixed | Fixed | Ignored |
CVE-2021-43299
Medium prioritySome fixes available 2 of 15
Stack overflow in PJSUA API when calling pjsua_player_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.
3 affected packages
asterisk, pjproject, ring
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
asterisk | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
pjproject | — | — | — | Needs evaluation | Needs evaluation |
ring | Not in release | — | Fixed | Fixed | Ignored |
CVE-2022-21723
Medium prioritySome fixes available 2 of 5
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message...
2 affected packages
pjproject, ring
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pjproject | — | — | — | Needs evaluation | Needs evaluation |
ring | Not in release | — | Fixed | Fixed | Ignored |