Lucene search
Veracode Vulnerability DatabaseVERACODE:34629HistoryMar 12, 2022 - 12:52 p.m.
Remote Code Execution (RCE)
2022-03-1212:52:40
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18
pjproject
vulnerability
remote code execution
udp message
EPSS
0.022
Percentile
89.6%
pjproject is vulnerable to remote code execution. An attacker may exploit the vulnerability by sending a specially crafted UDP (STUN) message that could remotely execute arbitrary code on the victims machine.
References
packetstormsecurity.com/files/166225/Asterisk-Project-Security-Advisory-AST-2022-004.html
seclists.org/fulldisclosure/2022/Mar/0
github.com/pjsip/pjproject/commit/15663e3f37091069b8c98a7fce680dc04bc8e865
github.com/pjsip/pjproject/security/advisories/GHSA-2qpg-f6wf-w984
lists.debian.org/debian-lts-announce/2022/03/msg00035.html
lists.debian.org/debian-lts-announce/2022/11/msg00021.html
secdb.alpinelinux.org/edge/main.yaml
security.gentoo.org/glsa/202210-37
www.debian.org/security/2022/dsa-5285
Related
osv
osv
CVE-2021-37706
2021-12-22 18:15:07
pjproject - security update
2022-03-28 00:00:00
ring vulnerabilities
2023-10-09 15:09:52
cve
cve
CVE-2021-37706
2021-12-22 18:15:07
nvd
nvd
CVE-2021-37706
2021-12-22 18:15:07
debiancve
debiancve
CVE-2021-37706
2021-12-22 18:15:07
prion
prion
Integer overflow
2021-12-22 18:15:00
cvelist
cvelist
alpinelinux
alpinelinux
CVE-2021-37706
2021-12-22 18:15:07
ubuntucve
ubuntucve
CVE-2021-37706
2021-12-22 00:00:00
freebsd
freebsd
asterisk -- multiple vulnerabilities
2022-03-03 00:00:00
openvas
openvas
Asterisk Multiple Vulnerabilities (AST-2022-004, AST-2022-005, AST-2022-006)
2022-03-08 00:00:00
Debian: Security Advisory (DLA-2962-1)
2022-03-29 00:00:00
Ubuntu: Security Advisory (USN-6422-2)
2023-10-25 00:00:00
nessus
nessus
FreeBSD : asterisk -- multiple vulnerabilities (964c5460-9c66-11ec-ad3a-001999f8d30b)
2022-03-05 00:00:00
Debian DLA-2962-1 : pjproject - LTS security update
2022-03-30 00:00:00
GLSA-202210-37 : PJSIP: Multiple Vulnerabilities
2022-10-31 00:00:00
fortinet
fortinet
Multiple vulnerabilities in PJSIP library
2022-05-03 00:00:00
debian
debian
[SECURITY] [DLA 2962-1] pjproject security update
2022-03-28 14:23:21
[SECURITY] [DSA 5285-1] asterisk security update
2022-11-17 21:42:58
[SECURITY] [DLA 3194-1] asterisk security update
2022-11-17 11:35:25
gentoo
gentoo
PJSIP: Multiple Vulnerabilities
2022-10-31 00:00:00
ubuntu
ubuntu
Ring vulnerabilities
2023-10-09 00:00:00
Ring vulnerabilities
2023-10-24 00:00:00