Lucene search
GoogleOSV:CVE-2022-26499HistoryApr 15, 2022 - 5:15 a.m.
CVE-2022-26499
2022-04-1505:15:06
Google
osv.dev
22
0.007 Low
EPSS
Percentile
80.2%
An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it’s possible to send arbitrary requests (such as GET) to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2.
Related
cve
cve
CVE-2022-26499
2022-04-15 05:15:06
debiancve
debiancve
CVE-2022-26499
2022-04-15 05:15:06
prion
prion
Server side request forgery (ssrf)
2022-04-15 05:15:00
ubuntucve
ubuntucve
CVE-2022-26499
2022-04-15 00:00:00
nvd
nvd
CVE-2022-26499
2022-04-15 05:15:06
cvelist
cvelist
CVE-2022-26499
2022-04-15 00:00:00
alpinelinux
alpinelinux
CVE-2022-26499
2022-04-15 05:15:06
veracode
veracode
Server-side Request Forgery (SSRF)
2022-04-22 19:26:35
nessus
nessus
FreeBSD : Asterisk -- multiple vulnerabilities (8838abf0-bc47-11ec-b516-0897988a1c07)
2022-04-14 00:00:00
Debian DSA-5285-1 : asterisk - security update
2022-11-18 00:00:00
Debian DLA-3194-1 : asterisk - LTS security update
2022-11-19 00:00:00
freebsd
freebsd
Asterisk -- multiple vulnerabilities
2022-04-14 00:00:00
openvas
openvas
Asterisk Multiple Vulnerabilities (AST-2022-001, AST-2022-002)
2022-03-08 00:00:00
Debian: Security Advisory (DSA-5285-1)
2022-11-19 00:00:00
Debian: Security Advisory (DLA-3194-1)
2022-11-18 00:00:00
osv
osv
asterisk - security update
2022-11-17 00:00:00
asterisk - security update
2022-11-17 00:00:00
debian
debian
[SECURITY] [DSA 5285-1] asterisk security update
2022-11-17 21:42:58
[SECURITY] [DLA 3194-1] asterisk security update
2022-11-17 11:35:25