CVSS: 9.1EPSS: 0%CPEs: 19EXPL: 0CVE-2022-21723 – Out-of-bounds read in multipart parsing in PJSIP
https://notcve.org/view.php?id=CVE-2022-21723
27 Jan 2022 — PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a malformed multipart can potentially cause out-of-bound read access. This issue affects all PJSIP users that accept SIP multipart. The patch is available as commit in the `master` branch. There are no known workarounds. • http://packetstormsecurity.com/files/166227/Asterisk-Project-Security-Advisory-AST-2022-006.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-41141 – Missing release of locks in PJSIP
https://notcve.org/view.php?id=CVE-2021-41141
04 Jan 2022 — PJSIP is a free and open source multimedia communication library written in the C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In various parts of PJSIP, when error/failure occurs, it is found that the function returns without releasing the currently held locks. This could result in a system deadlock, which cause a denial of service for the users. No release has yet been made which contains the linked fix commit. All versions up to an including 2.11.1 are affect... • https://github.com/pjsip/pjproject/commit/1aa2c0e0fb60a1b0bf793e0d834073ffe50fb196 • CWE-667: Improper Locking •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 1CVE-2021-43845 – Prevent out-of-bounds read in PJSIP
https://notcve.org/view.php?id=CVE-2021-43845
27 Dec 2021 — PJSIP is a free and open source multimedia communication library. In version 2.11.1 and prior, if incoming RTCP XR message contain block, the data field is not checked against the received packet size, potentially resulting in an out-of-bound read access. This affects all users that use PJMEDIA and RTCP XR. A malicious actor can send a RTCP XR message with an invalid packet size. PJSIP es una biblioteca de comunicación multimedia gratuita y de código abierto. • https://github.com/pjsip/pjproject/commit/f74c1fc22b760d2a24369aa72c74c4a9ab985859 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-43804 – Out-of-bounds read when parsing RTCP BYE message in PJSIP
https://notcve.org/view.php?id=CVE-2021-43804
22 Dec 2021 — PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming RTCP BYE message contains a reason's length, this declared length is not checked against the actual received packet size, potentially resulting in an out-of-bound read access. This issue affects all users that use PJMEDIA and RTCP. A malicious actor can send a RTCP BYE message with an invalid reason lengt... • https://github.com/pjsip/pjproject/commit/8b621f192cae14456ee0b0ade52ce6c6f258af1e • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 20EXPL: 0CVE-2021-37706 – Potential integer underflow upon receiving STUN message in PJSIP
https://notcve.org/view.php?id=CVE-2021-37706
22 Dec 2021 — PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before performing a subtraction operation, potentially resulting in an integer underflow scenario. This issue affects all users that use STUN. A malicious actor located within the victim’s network may forge and send a speciall... • http://packetstormsecurity.com/files/166225/Asterisk-Project-Security-Advisory-AST-2022-004.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2021-32686 – Denial of Service in PJSIP
https://notcve.org/view.php?id=CVE-2021-32686
22 Jul 2021 — PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback and destroy, due to the accepted socket having no group lock. Second, the SSL socket parent/listener may get destroyed during handshake. Both issues were reported to happen intermittently in heavy load TLS connection... • https://github.com/pjsip/pjproject/commit/d5f95aa066f878b0aef6a64e60b61e8626e664cd • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-21375 – Crash in receiving updated SDP answer after initial SDP negotiation failed
https://notcve.org/view.php?id=CVE-2021-21375
10 Mar 2021 — PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP version 2.10 and earlier, after an initial INVITE has been sent, when two 183 responses are received, with the first one causing negotiation failure, a crash will occur. This results in a denial of service. PJSIP es una biblioteca de comunicación multimedia de código abierto y gratuita escrita en lenguaje C que implementa protocolos... • https://github.com/pjsip/pjproject/commit/97b3d7addbaa720b7ddb0af9bf6f3e443e664365 • CWE-400: Uncontrolled Resource Consumption CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15260 – Existing TLS connections can be reused without checking remote hostname
https://notcve.org/view.php?id=CVE-2020-15260
10 Mar 2021 — PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.10 and earlier, PJSIP transport can be reused if they have the same IP address + port + protocol. However, this is insufficient for secure transport since it lacks remote hostname authentication. Suppose we have created a TLS connection to `sip.foo.com`, which has an IP address `100.1.1.1`. If we want to create a TLS connection ... • https://github.com/pjsip/pjproject/commit/67e46c1ac45ad784db5b9080f5ed8b133c122872 • CWE-295: Improper Certificate Validation CWE-297: Improper Validation of Certificate with Host Mismatch •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1000098 – Debian Security Advisory 4170-1
https://notcve.org/view.php?id=CVE-2018-1000098
13 Mar 2018 — Teluu PJSIP version 2.7.1 and earlier contains a Integer Overflow vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2. Teluu PJSIP, en versiones 2.7.1 y anteriores, contiene una vulnerabilidad de desbordamiento de enteros en el análisis SDP de pjmedia que puede resultar en un cierre inesperado. Este ataque parece ser explotable mediante el envío de un mensaje especi... • https://trac.pjsip.org/repos/milestone/release-2.7.2 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2018-1000099 – Debian Security Advisory 4170-1
https://notcve.org/view.php?id=CVE-2018-1000099
13 Mar 2018 — Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2. Teluu PJSIP, en versiones 2.7.1 y anteriores, contiene una vulnerabilidad de puntero null/no inicializado en el análisis SDP de pjmedia que puede resultar en un cierre inesperado. Este ataque parece ser explotable mediante el env... • https://trac.pjsip.org/repos/milestone/release-2.7.2 • CWE-824: Access of Uninitialized Pointer •