Lucene search
Veracode Vulnerability DatabaseVERACODE:35520HistoryMay 14, 2022 - 7:56 p.m.
Buffer Overflow
2022-05-1419:56:16
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
pjsip
buffer overflow
vulnerability
dns resolution
memory corruption
application crash
software
EPSS
0.003
Percentile
69.9%
PJSIP is vulnerable to buffer overflow. The vulnerability exists because the DNS resolution in PJSIP config is not disabled which allows an attacker to cause a memory corruption which leads to an application crash.
References
github.com/pjsip/pjproject/commit/9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a
github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4
lists.debian.org/debian-lts-announce/2022/05/msg00047.html
lists.debian.org/debian-lts-announce/2022/11/msg00021.html
secdb.alpinelinux.org/edge/main.yaml
security.gentoo.org/glsa/202210-37
www.debian.org/security/2022/dsa-5285
Related
nessus
nessus
Debian DSA-5438-1 : asterisk - security update
2023-06-23 00:00:00
Debian DLA-3394-1 : asterisk - LTS security update
2023-04-25 00:00:00
Ubuntu 23.10 : Ring vulnerabilities (USN-6422-2)
2023-10-24 00:00:00
cvelist
cvelist
CVE-2023-27585
2023-03-14 00:00:00
alpinelinux
alpinelinux
CVE-2022-24793
2022-04-06 14:15:08
CVE-2023-27585
2023-03-14 17:15:19
osv
osv
CVE-2023-27585
2023-03-14 17:15:19
CVE-2022-24793
2022-04-06 14:15:08
pjproject - security update
2022-05-31 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3394-1)
2023-04-24 00:00:00
Debian: Security Advisory (DSA-5438-1)
2023-06-26 00:00:00
Debian: Security Advisory (DLA-3036-1)
2022-06-01 00:00:00
prion
prion
Buffer overflow
2023-03-14 17:15:00
Buffer overflow
2022-04-06 14:15:00
ubuntucve
ubuntucve
CVE-2023-27585
2023-03-14 00:00:00
CVE-2022-24793
2022-04-06 00:00:00
nvd
nvd
CVE-2022-24793
2022-04-06 14:15:08
CVE-2023-27585
2023-03-14 17:15:19
debian
debian
[SECURITY] [DSA 5438-1] asterisk security update
2023-06-22 21:52:51
[SECURITY] [DLA 3394-1] asterisk security update
2023-04-18 22:22:46
[SECURITY] [DLA 3036-1] pjproject security update
2022-05-31 09:08:35
debiancve
debiancve
CVE-2023-27585
2023-03-14 17:15:19
CVE-2022-24793
2022-04-06 14:15:08
cve
cve
CVE-2023-27585
2023-03-14 17:15:19
CVE-2022-24793
2022-04-06 14:15:08
redos
redos
ROS-20220518-03
2022-05-18 00:00:00
gentoo
gentoo
PJSIP: Multiple Vulnerabilities
2022-10-31 00:00:00
ubuntu
ubuntu
Ring vulnerabilities
2023-10-09 00:00:00
Ring vulnerabilities
2023-10-24 00:00:00