Lucene search
Veracode Vulnerability DatabaseVERACODE:35211HistoryApr 22, 2022 - 7:26 p.m.
Denial Of Service (DoS)
2022-04-2219:26:30
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
0.029 Low
EPSS
Percentile
90.9%
asterisk is vulnerable to denial of service. The vulnerability exists due to a lack of sanitization which allows files that are not certificates to be downloaded allowing an attacker to crash the system by making the users download a larger than expected file.
References
packetstormsecurity.com/files/166744/Asterisk-Project-Security-Advisory-AST-2022-001.html
downloads.asterisk.org/pub/security/
downloads.asterisk.org/pub/security/AST-2022-001.html
lists.debian.org/debian-lts-announce/2022/11/msg00021.html
security-tracker.debian.org/tracker/CVE-2022-26498
www.debian.org/security/2022/dsa-5285
Related
ubuntucve
ubuntucve
CVE-2022-26498
2022-04-15 00:00:00
nvd
nvd
CVE-2022-26498
2022-04-15 05:15:06
cve
cve
CVE-2022-26498
2022-04-15 05:15:06
prion
prion
Code injection
2022-04-15 05:15:00
alpinelinux
alpinelinux
CVE-2022-26498
2022-04-15 05:15:06
osv
osv
CVE-2022-26498
2022-04-15 05:15:06
asterisk - security update
2022-11-17 00:00:00
asterisk - security update
2022-11-17 00:00:00
debiancve
debiancve
CVE-2022-26498
2022-04-15 05:15:06
cvelist
cvelist
CVE-2022-26498
2022-04-15 00:00:00
freebsd
freebsd
Asterisk -- multiple vulnerabilities
2022-04-14 00:00:00
openvas
openvas
Asterisk Multiple Vulnerabilities (AST-2022-001, AST-2022-002)
2022-03-08 00:00:00
Debian: Security Advisory (DLA-3194-1)
2022-11-18 00:00:00
Debian: Security Advisory (DSA-5285-1)
2022-11-19 00:00:00
nessus
nessus
FreeBSD : Asterisk -- multiple vulnerabilities (8838abf0-bc47-11ec-b516-0897988a1c07)
2022-04-14 00:00:00
Debian DSA-5285-1 : asterisk - security update
2022-11-18 00:00:00
Debian DLA-3194-1 : asterisk - LTS security update
2022-11-19 00:00:00
debian
debian
[SECURITY] [DSA 5285-1] asterisk security update
2022-11-17 21:42:58
[SECURITY] [DLA 3194-1] asterisk security update
2022-11-17 11:35:25