Lucene search
Veracode Vulnerability DatabaseVERACODE:35521HistoryMay 14, 2022 - 7:56 p.m.
Denial Of Service (DoS)
2022-05-1419:56:17
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
19
denial of service
vulnerability
wav file
pjproject
software
EPSS
0.002
Percentile
61.9%
pjproject is vulnerable to denial of service. The vulnerability exists due to the library does not properly check the WAV file data length when it greater than 31-bit, allowing an attacker to crash the application by providing malicious WAV files.
References
github.com/pjsip/pjproject/commit/947bc1ee6d05be10204b918df75a503415fd3213
github.com/pjsip/pjproject/security/advisories/GHSA-rwgw-vwxg-q799
lists.debian.org/debian-lts-announce/2022/05/msg00047.html
lists.debian.org/debian-lts-announce/2022/11/msg00021.html
secdb.alpinelinux.org/edge/main.yaml
security.gentoo.org/glsa/202210-37
www.debian.org/security/2022/dsa-5285
Related
alpinelinux
alpinelinux
CVE-2022-24792
2022-04-25 16:16:09
cvelist
cvelist
CVE-2022-24792 Potential infinite loop when parsing WAV format file in PJSIP
2022-04-25 00:00:00
debiancve
debiancve
CVE-2022-24792
2022-04-25 16:16:09
cve
cve
CVE-2022-24792
2022-04-25 16:16:09
ubuntucve
ubuntucve
CVE-2022-24792
2022-04-25 00:00:00
nvd
nvd
CVE-2022-24792
2022-04-25 16:16:09
osv
osv
CVE-2022-24792
2022-04-25 16:16:00
pjproject - security update
2022-05-31 00:00:00
asterisk - security update
2022-11-17 00:00:00
prion
prion
Design/Logic Flaw
2022-04-25 16:16:00
debian
debian
[SECURITY] [DLA 3036-1] pjproject security update
2022-05-31 09:08:35
[SECURITY] [DLA 3194-1] asterisk security update
2022-11-17 11:35:25
[SECURITY] [DSA 5285-1] asterisk security update
2022-11-17 21:42:58
openvas
openvas
Debian: Security Advisory (DLA-3036-1)
2022-06-01 00:00:00
Debian: Security Advisory (DSA-5285-1)
2022-11-19 00:00:00
Debian: Security Advisory (DLA-3194-1)
2022-11-18 00:00:00
nessus
nessus
Debian DLA-3036-1 : pjproject - LTS security update
2022-06-02 00:00:00
GLSA-202210-37 : PJSIP: Multiple Vulnerabilities
2022-10-31 00:00:00
Debian DLA-3194-1 : asterisk - LTS security update
2022-11-19 00:00:00
redos
redos
ROS-20220518-03
2022-05-18 00:00:00
gentoo
gentoo
PJSIP: Multiple Vulnerabilities
2022-10-31 00:00:00