Teluu

Pjsip

26 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.1

CVE-2021-43302

  • EPSS 0.16%
  • Published 16.02.2022 21:15:07
  • Last modified 21.11.2024 06:29:02

Read out-of-bounds in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause an out-of-bounds read when the filename is shorter than 4 characters.

9.8

CVE-2021-43301

  • EPSS 0.33%
  • Published 16.02.2022 21:15:07
  • Last modified 21.11.2024 06:29:02

Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled 'file_names' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.

9.8

CVE-2021-43300

  • EPSS 0.33%
  • Published 16.02.2022 21:15:07
  • Last modified 21.11.2024 06:29:02

Stack overflow in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.

9.1

CVE-2022-21723

  • EPSS 0.27%
  • Published 27.01.2022 00:15:07
  • Last modified 21.11.2024 06:45:18

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a mal...

9.1

CVE-2022-21722

  • EPSS 0.2%
  • Published 27.01.2022 00:15:07
  • Last modified 21.11.2024 06:45:18

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.11.1 and prior, there are various cases where it is possible that ce...

7.8

CVE-2021-41141

  • EPSS 0.31%
  • Published 04.01.2022 19:15:14
  • Last modified 21.11.2024 06:25:34

PJSIP is a free and open source multimedia communication library written in the C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In various parts of PJSIP, when error/failure occurs, it is found that the fu...

9.1

CVE-2021-43845

Exploit
  • EPSS 0.12%
  • Published 27.12.2021 18:15:07
  • Last modified 21.11.2024 06:29:55

PJSIP is a free and open source multimedia communication library. In version 2.11.1 and prior, if incoming RTCP XR message contain block, the data field is not checked against the received packet size, potentially resulting in an out-of-bound read ac...

7.5

CVE-2021-43804

  • EPSS 0.26%
  • Published 22.12.2021 18:15:07
  • Last modified 21.11.2024 06:29:49

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming RTCP BYE message contains a reason's length,...

9.8

CVE-2021-37706

  • EPSS 0.1%
  • Published 22.12.2021 18:15:07
  • Last modified 21.11.2024 06:15:45

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribut...

5.9

CVE-2021-32686

  • EPSS 0.33%
  • Published 23.07.2021 22:15:08
  • Last modified 21.11.2024 06:07:31

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL soc...