CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2021-32686 – Denial of Service in PJSIP
https://notcve.org/view.php?id=CVE-2021-32686
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback and destroy, due to the accepted socket having no group lock. Second, the SSL socket parent/listener may get destroyed during handshake. Both issues were reported to happen intermittently in heavy load TLS connections. • https://github.com/pjsip/pjproject/commit/d5f95aa066f878b0aef6a64e60b61e8626e664cd https://github.com/pjsip/pjproject/pull/2716 https://github.com/pjsip/pjproject/releases/tag/2.11.1 https://github.com/pjsip/pjproject/security/advisories/GHSA-cv8x-p47p-99wr https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html https://security.gentoo.org/glsa/202210-37 https://www.debian.org/security/2021/dsa-4999 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-21375 – Crash in receiving updated SDP answer after initial SDP negotiation failed
https://notcve.org/view.php?id=CVE-2021-21375
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP version 2.10 and earlier, after an initial INVITE has been sent, when two 183 responses are received, with the first one causing negotiation failure, a crash will occur. This results in a denial of service. PJSIP es una biblioteca de comunicación multimedia de código abierto y gratuita escrita en lenguaje C que implementa protocolos basados ??en estándares como SIP, SDP, RTP, STUN, TURN e ICE. • https://github.com/pjsip/pjproject/commit/97b3d7addbaa720b7ddb0af9bf6f3e443e664365 https://github.com/pjsip/pjproject/security/advisories/GHSA-hvq6-f89p-frvp https://lists.debian.org/debian-lts-announce/2021/04/msg00023.html https://lists.debian.org/debian-lts-announce/2021/05/msg00020.html https://security.gentoo.org/glsa/202107-42 • CWE-400: Uncontrolled Resource Consumption CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15260 – Existing TLS connections can be reused without checking remote hostname
https://notcve.org/view.php?id=CVE-2020-15260
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.10 and earlier, PJSIP transport can be reused if they have the same IP address + port + protocol. However, this is insufficient for secure transport since it lacks remote hostname authentication. Suppose we have created a TLS connection to `sip.foo.com`, which has an IP address `100.1.1.1`. If we want to create a TLS connection to another hostname, say `sip.bar.com`, which has the same IP address, then it will reuse that existing connection, even though `100.1.1.1` does not have certificate to authenticate as `sip.bar.com`. • https://github.com/pjsip/pjproject/commit/67e46c1ac45ad784db5b9080f5ed8b133c122872 https://github.com/pjsip/pjproject/pull/2663 https://github.com/pjsip/pjproject/security/advisories/GHSA-8hcp-hm38-mfph https://security.gentoo.org/glsa/202107-42 • CWE-295: Improper Certificate Validation CWE-297: Improper Validation of Certificate with Host Mismatch •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1000098
https://notcve.org/view.php?id=CVE-2018-1000098
Teluu PJSIP version 2.7.1 and earlier contains a Integer Overflow vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2. Teluu PJSIP, en versiones 2.7.1 y anteriores, contiene una vulnerabilidad de desbordamiento de enteros en el análisis SDP de pjmedia que puede resultar en un cierre inesperado. Este ataque parece ser explotable mediante el envío de un mensaje especialmente manipulado. • https://trac.pjsip.org/repos/milestone/release-2.7.2 https://trac.pjsip.org/repos/ticket/2093 https://www.debian.org/security/2018/dsa-4170 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 34%CPEs: 2EXPL: 0CVE-2018-1000099
https://notcve.org/view.php?id=CVE-2018-1000099
Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2. Teluu PJSIP, en versiones 2.7.1 y anteriores, contiene una vulnerabilidad de puntero null/no inicializado en el análisis SDP de pjmedia que puede resultar en un cierre inesperado. Este ataque parece ser explotable mediante el envío de un mensaje especialmente manipulado. • https://trac.pjsip.org/repos/milestone/release-2.7.2 https://trac.pjsip.org/repos/ticket/2092 https://trac.pjsip.org/repos/ticket/2094 https://www.debian.org/security/2018/dsa-4170 • CWE-824: Access of Uninitialized Pointer •