Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 32 results


CVE-2023-27585

Medium priority

Some fixes available 4 of 7

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not...

2 affected packages

pjproject, ring

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pjproject Not in release Not in release Needs evaluation Needs evaluation
ring Not in release Fixed Fixed Ignored
Show less packages

CVE-2022-23547

Medium priority

Some fixes available 2 of 5

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer...

2 affected packages

pjproject, ring

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pjproject Not in release Not in release Needs evaluation Needs evaluation
ring Not in release Fixed Fixed Ignored
Show less packages

CVE-2022-23537

Medium priority

Some fixes available 2 of 9

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted...

4 affected packages

asterisk, pjproject, ring, sip

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
asterisk Needs evaluation Vulnerable Not affected Not affected Needs evaluation
pjproject Not in release Not in release Vulnerable Needs evaluation
ring Not in release Not in release Fixed Fixed Ignored
sip Not in release Not in release Not in release Ignored
Show less packages

CVE-2022-39269

Medium priority
Needs evaluation

PJSIP is a free and open source multimedia communication library written in C. When processing certain packets, PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart, causing the media...

3 affected packages

asterisk, pjproject, ring

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
asterisk Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
pjproject Not in release Not in release Needs evaluation Needs evaluation
ring Not in release Not in release Needs evaluation Needs evaluation Ignored
Show less packages

CVE-2022-39244

Medium priority

Some fixes available 2 of 12

PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users...

3 affected packages

asterisk, pjproject, ring

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
asterisk Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
pjproject Not in release Not in release Needs evaluation Needs evaluation
ring Not in release Not in release Fixed Fixed Ignored
Show less packages

CVE-2022-31031

Medium priority

Some fixes available 2 of 5

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer...

2 affected packages

pjproject, ring

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pjproject Not in release Not in release Not in release Vulnerable Vulnerable
ring Not in release Fixed Fixed Ignored
Show less packages

CVE-2022-24792

Medium priority
Needs evaluation

PJSIP is a free and open source multimedia communication library written in C. A denial-of-service vulnerability affects applications on a 32-bit systems that use PJSIP versions 2.12 and prior to play/read invalid WAV files. The...

3 affected packages

asterisk, pjproject, ring

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
asterisk Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
pjproject Needs evaluation Needs evaluation
ring Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2022-24793

Medium priority

Some fixes available 2 of 5

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.12 and prior affects applications that use PJSIP DNS resolution. It doesn't affect PJSIP users who...

3 affected packages

pjproject, ring, sflphone

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pjproject Needs evaluation Needs evaluation
ring Not in release Fixed Fixed Ignored
sflphone Ignored
Show less packages

CVE-2022-24786

Medium priority
Needs evaluation

PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI (Reference Picture Selection Indication) packet, but any app that directly uses...

3 affected packages

pjproject, ring, sflphone

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pjproject Needs evaluation Needs evaluation
ring Not in release Needs evaluation Needs evaluation Ignored
sflphone Ignored
Show less packages

CVE-2022-24763

Medium priority

Some fixes available 2 of 5

PJSIP is a free and open source multimedia communication library written in the C language. Versions 2.12 and prior contain a denial-of-service vulnerability that affects PJSIP users that consume PJSIP's XML parsing in their apps....

2 affected packages

pjproject, ring

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pjproject Needs evaluation Needs evaluation
ring Not in release Fixed Fixed Ignored
Show less packages