Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 12 results


CVE-2023-28099

Medium priority
Needs evaluation

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.9 and 3.2.6, if `ds_is_in_list()` is used with an invalid IP address string (`NULL` is illegal input), OpenSIPS will attempt to print a...

1 affected packages

opensips

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
opensips Not in release Not in release Needs evaluation Ignored
Show less packages

CVE-2023-28098

Medium priority
Needs evaluation

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, a specially crafted Authorization header causes OpenSIPS to crash or behave in an unexpected way due to a bug in...

1 affected packages

opensips

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
opensips Not in release Not in release Needs evaluation Ignored
Show less packages

CVE-2023-28097

Medium priority
Needs evaluation

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.9 and 3.2.6, a malformed SIP message containing a large _Content-Length_ value and a specially crafted Request-URI causes a segmentation...

1 affected packages

opensips

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
opensips Not in release Not in release Needs evaluation Ignored
Show less packages

CVE-2023-28096

Medium priority
Needs evaluation

OpenSIPS, a Session Initiation Protocol (SIP) server implementation, has a memory leak starting in the 2.3 branch and priot to versions 3.1.8 and 3.2.5. The memory leak was detected in the function `parse_mi_request` while...

1 affected packages

opensips

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
opensips Not in release Not in release Needs evaluation Ignored
Show less packages

CVE-2023-28095

Low priority
Needs evaluation

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Versions prior to 3.1.7 and 3.2.4 have a potential issue in `msg_translator.c:2628` which might lead to a server crash. This issue was found while fuzzing the...

1 affected packages

opensips

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
opensips Not in release Not in release Needs evaluation Ignored
Show less packages

CVE-2023-27601

Medium priority
Needs evaluation

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, OpenSIPS crashes when a malformed SDP body is received and is processed by the `delete_sdp_line` function in the sipmsgops...

1 affected packages

opensips

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
opensips Not in release Not in release Needs evaluation Ignored
Show less packages

CVE-2023-27600

Medium priority
Needs evaluation

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, OpenSIPS crashes when a malformed SDP body is received and is processed by the `delete_sdp_line` function in the sipmsgops...

1 affected packages

opensips

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
opensips Not in release Not in release Needs evaluation Ignored
Show less packages

CVE-2023-27599

Medium priority
Needs evaluation

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, when the function `append_hf` handles a SIP message with a malformed To header, a call to the function `abort()`...

1 affected packages

opensips

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
opensips Not in release Not in release Needs evaluation Ignored
Show less packages

CVE-2023-27598

Medium priority
Needs evaluation

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, sending a malformed `Via` header to OpenSIPS triggers a segmentation fault when the function `calc_tag_suffix` is called. A...

1 affected packages

opensips

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
opensips Not in release Not in release Needs evaluation Ignored
Show less packages

CVE-2023-27597

Medium priority
Needs evaluation

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.8 and 3.2.5, when a specially crafted SIP message is processed by the function `rewrite_ruri`, a crash occurs due to a segmentation...

1 affected packages

opensips

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
opensips Not in release Not in release Needs evaluation Ignored
Show less packages