asterisk is vulnerable to denial of service. The vulnerability exists due to a lack of sanitization which allows files that are not certificates to be downloaded allowing an attacker to crash the system by making the users download a larger than expected file.
packetstormsecurity.com/files/166744/Asterisk-Project-Security-Advisory-AST-2022-001.html
downloads.asterisk.org/pub/security/
downloads.asterisk.org/pub/security/AST-2022-001.html
lists.debian.org/debian-lts-announce/2022/11/msg00021.html
security-tracker.debian.org/tracker/CVE-2022-26498
www.debian.org/security/2022/dsa-5285