CVE-2022-21723

2022-01-2700:15:00

Alpine Linux Development Team

security.alpinelinux.org

0.005 Low

EPSS

Percentile

75.2%

JSON

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a malformed multipart can potentially cause out-of-bound read access. This issue affects all PJSIP users that accept SIP multipart. The patch is available as commit in the master branch. There are no known workarounds.

OSVersionArchitecturePackageVersionFilename
Alpineedge-mainnoarchpjproject< 2.12-r0UNKNOWN
Alpine3.16-mainnoarchpjproject< 2.12-r0UNKNOWN
Alpine3.17-mainnoarchpjproject< 2.12-r0UNKNOWN
Alpine3.18-mainnoarchpjproject< 2.12-r0UNKNOWN
Alpine3.19-mainnoarchpjproject< 2.12-r0UNKNOWN
Alpine3.20-mainnoarchpjproject< 2.12-r0UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	edge-main	noarch	pjproject	< 2.12-r0	UNKNOWN
Alpine	3.16-main	noarch	pjproject	< 2.12-r0	UNKNOWN
Alpine	3.17-main	noarch	pjproject	< 2.12-r0	UNKNOWN
Alpine	3.18-main	noarch	pjproject	< 2.12-r0	UNKNOWN
Alpine	3.19-main	noarch	pjproject	< 2.12-r0	UNKNOWN
Alpine	3.20-main	noarch	pjproject	< 2.12-r0	UNKNOWN

0.005 Low

EPSS

Percentile

75.2%

JSON

Related for ALPINE:CVE-2022-21723