Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-202407-10
HistoryJul 05, 2024 - 12:00 a.m.

Sofia-SIP: Multiple Vulnerabilities

2024-07-0500:00:00
Gentoo Foundation
security.gentoo.org
1
sofia-sip
vulnerabilities
rfc3261
sip
library
cve
gentoo
discontinued support

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

Low

JSON

Background

Sofia-SIP is an RFC3261 compliant SIP User-Agent library.

Description

Multiple vulnerabilities have been discovered in Sofia-SIP. Please review the CVE identifiers referenced below for details.

Impact

Multiple vulnerabilities have been discovered in Sofia-SIP. Please review the CVE identifiers referenced below for details.

Workaround

There is no known workaround at this time.

Resolution

Gentoo has discontinued support for the Sofia-SIP package. We recommend that users unmerge it:

 # emerge --ask --depclean "net-libs/sofia-sip"
OSVersionArchitecturePackageVersionFilename
Gentooanyallnet-libs/sofia-sip< 1.13.16UNKNOWN

Related

nessus 8
fedora 1
debian 4
osv 8
openvas 9
cvelist 2
ubuntu 2
debiancve 2
mageia 2
alpinelinux 2
cve 2
ubuntucve 2
prion 2
nvd 2
veracode 1
nessus
nessus
GLSA-202407-10 : Sofia-SIP: Multiple Vulnerabilities
2024-07-05 00:00:00
Debian DSA-5431-1 : sofia-sip - security update
2023-06-17 00:00:00
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Sofia-SIP vulnerability (USN-6448-1)
2023-10-24 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: sofia-sip-1.13.12-2.fc38
2024-02-27 01:45:19
debian
debian
[SECURITY] [DLA 3441-1] sofia-sip security update
2023-06-02 16:10:34
[SECURITY] [DSA 5431-1] sofia-sip security update
2023-06-16 14:44:18
[SECURITY] [DLA 3292-1] sofia-sip security update
2023-01-29 21:05:24
osv
osv
sofia-sip - security update
2023-06-02 00:00:00
sofia-sip - security update
2023-06-16 00:00:00
CVE-2023-32307
2023-05-26 23:15:10
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0209)
2023-06-29 00:00:00
Ubuntu: Security Advisory (USN-6448-1)
2023-10-25 00:00:00
Debian: Security Advisory (DLA-3441-1)
2023-06-05 00:00:00
cvelist
cvelist
CVE-2023-32307 heap-over-flow and integer-overflow in sofia-sip
2023-05-26 22:11:16
CVE-2023-22741 heap-over-flow in stun_parse_attribute in sofia-sip
2023-01-19 21:20:22
ubuntu
ubuntu
Sofia-SIP vulnerability
2023-10-24 00:00:00
Sofia-SIP vulnerabilities
2023-03-07 00:00:00
debiancve
debiancve
CVE-2023-32307
2023-05-26 23:15:10
CVE-2023-22741
2023-01-19 22:15:11
mageia
mageia
Updated sofia-sip packages fix security vulnerability
2023-06-28 08:21:41
Updated sofia-sip packages fix security vulnerability
2023-02-07 03:06:39
alpinelinux
alpinelinux
CVE-2023-32307
2023-05-26 23:15:00
CVE-2023-22741
2023-01-19 22:15:11
cve
cve
CVE-2023-32307
2023-05-26 23:15:10
CVE-2023-22741
2023-01-19 22:15:11
ubuntucve
ubuntucve
CVE-2023-32307
2023-05-26 00:00:00
CVE-2023-22741
2023-01-19 00:00:00
prion
prion
Integer overflow
2023-05-26 23:15:00
Heap overflow
2023-01-19 22:15:00
nvd
nvd
CVE-2023-32307
2023-05-26 23:15:10
CVE-2023-22741
2023-01-19 22:15:11
veracode
veracode
Out Of Bounds Write
2023-03-20 19:51:51

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

Low

JSON
Related for GLSA-202407-10
nessus8fedora1debian4osv8openvas9cvelist2ubuntu2debiancve2mageia2alpinelinux2cve2ubuntucve2prion2nvd2veracode1