Lucene search
PRIOn knowledge basePRION:CVE-2022-26498HistoryApr 15, 2022 - 5:15 a.m.
Code injection
2022-04-1505:15:00
PRIOn knowledge base
www.prio-n.com
6
An issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it is possible to download files that are not certificates. These files could be much larger than what one would expect to download, leading to Resource Exhaustion. This is fixed in 16.25.2, 18.11.2, and 19.3.2.
References
packetstormsecurity.com/files/166744/Asterisk-Project-Security-Advisory-AST-2022-001.html
packetstormsecurity.com/files/172139/Shannon-Baseband-chatroom-SDP-Attribute-Memory-Corruption.html
downloads.asterisk.org/pub/security/
downloads.asterisk.org/pub/security/AST-2022-001.html
lists.debian.org/debian-lts-announce/2022/11/msg00021.html
www.debian.org/security/2022/dsa-5285
Related
alpinelinux
alpinelinux
CVE-2022-26498
2022-04-15 05:15:06
osv
osv
CVE-2022-26498
2022-04-15 05:15:06
asterisk - security update
2022-11-17 00:00:00
asterisk - security update
2022-11-17 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-04-22 19:26:30
ubuntucve
ubuntucve
CVE-2022-26498
2022-04-15 00:00:00
nvd
nvd
CVE-2022-26498
2022-04-15 05:15:06
cve
cve
CVE-2022-26498
2022-04-15 05:15:06
debiancve
debiancve
CVE-2022-26498
2022-04-15 05:15:06
cvelist
cvelist
CVE-2022-26498
2022-04-15 00:00:00
freebsd
freebsd
Asterisk -- multiple vulnerabilities
2022-04-14 00:00:00
openvas
openvas
Asterisk Multiple Vulnerabilities (AST-2022-001, AST-2022-002)
2022-03-08 00:00:00
Debian: Security Advisory (DSA-5285-1)
2022-11-19 00:00:00
Debian: Security Advisory (DLA-3194-1)
2022-11-18 00:00:00
nessus
nessus
FreeBSD : Asterisk -- multiple vulnerabilities (8838abf0-bc47-11ec-b516-0897988a1c07)
2022-04-14 00:00:00
Debian DLA-3194-1 : asterisk - LTS security update
2022-11-19 00:00:00
Debian DSA-5285-1 : asterisk - security update
2022-11-18 00:00:00
debian
debian
[SECURITY] [DLA 3194-1] asterisk security update
2022-11-17 11:35:25
[SECURITY] [DSA 5285-1] asterisk security update
2022-11-17 21:42:58