Lucene search
Veracode Vulnerability DatabaseVERACODE:37544HistoryOct 13, 2022 - 10:03 a.m.
Information Disclosure
2022-10-1310:03:26
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
information disclosure
packet processing
vulnerability
srtp
media transport
plain texts
pjsip
EPSS
0.001
Percentile
49.6%
libpjsip.so is vulnerable to information disclosure. The vulnerability exists during packet processing in the function srtp_rtp_cb in transport_srtp.c because PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart which allows an attacker to gain access to information of insecurely transmitted plain texts.
Related
osv
osv
CVE-2022-39269
2022-10-06 18:16:13
asterisk - security update
2023-02-23 00:00:00
asterisk - security update
2023-02-22 00:00:00
nvd
nvd
CVE-2022-39269
2022-10-06 18:16:13
cve
cve
CVE-2022-39269
2022-10-06 18:16:13
alpinelinux
alpinelinux
CVE-2022-39269
2022-10-06 18:16:13
debiancve
debiancve
CVE-2022-39269
2022-10-06 18:16:13
prion
prion
Design/Logic Flaw
2022-10-06 18:16:00
ubuntucve
ubuntucve
CVE-2022-39269
2022-10-06 00:00:00
cvelist
cvelist
redos
redos
ROS-20221103-02
2022-11-03 00:00:00
debian
debian
[SECURITY] [DLA 3335-1] asterisk security update
2023-02-22 22:36:41
[SECURITY] [DSA 5358-1] asterisk security update
2023-02-23 09:14:43
openvas
openvas
Debian: Security Advisory (DSA-5358-1)
2023-02-24 00:00:00
Debian: Security Advisory (DLA-3335-1)
2023-02-23 00:00:00
nessus
nessus
Debian DLA-3335-1 : asterisk - LTS security update
2023-02-24 00:00:00
Debian DSA-5358-1 : asterisk - security update
2023-02-24 00:00:00
GLSA-202210-37 : PJSIP: Multiple Vulnerabilities
2022-10-31 00:00:00
gentoo
gentoo
PJSIP: Multiple Vulnerabilities
2022-10-31 00:00:00