Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-23547HistoryDec 23, 2022 - 3:15 p.m.
CVE-2022-23547
2022-12-2315:15:00
Debian Security Bug Tracker
security-tracker.debian.org
15
0.002 Low
EPSS
Percentile
51.2%
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as commit in the master branch.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | all | asterisk | <Â 1:16.28.0~dfsg-0+deb11u2 | asterisk_1:16.28.0~dfsg-0+deb11u2_all.deb |
| Debian | 10 | all | asterisk | <Â 1:16.28.0~dfsg-0+deb10u2 | asterisk_1:16.28.0~dfsg-0+deb10u2_all.deb |
| Debian | 999 | all | asterisk | <Â 1:20.4.0~dfsg+~cs6.13.40431414-1 | asterisk_1:20.4.0~dfsg+~cs6.13.40431414-1_all.deb |
| Debian | 12 | all | ring | <Â 20230206.0~ds1-1 | ring_20230206.0~ds1-1_all.deb |
| Debian | 11 | all | ring | <=Â 20210112.2.b757bac~ds1-1 | ring_20210112.2.b757bac~ds1-1_all.deb |
| Debian | 10 | all | ring | <Â 20190215.1.f152c98~ds1-1+deb10u2 | ring_20190215.1.f152c98~ds1-1+deb10u2_all.deb |
| Debian | 999 | all | ring | <Â 20230206.0~ds1-1 | ring_20230206.0~ds1-1_all.deb |
| Debian | 13 | all | ring | <Â 20230206.0~ds1-1 | ring_20230206.0~ds1-1_all.deb |
Related
prion
prion
Design/Logic Flaw
2022-12-23 15:15:00
ubuntucve
ubuntucve
CVE-2022-23547
2022-12-23 00:00:00
veracode
veracode
Heap-Based Buffer Overflow
2023-02-14 05:57:28
cvelist
cvelist
CVE-2022-23547 Heap buffer overflow in pjproject when decoding STUN message
2022-12-23 14:00:22
cve
cve
CVE-2022-23547
2022-12-23 15:15:00
osv
osv
CVE-2022-23547
2022-12-23 15:15:14
CVE-2022-23537
2022-12-20 19:15:24
asterisk - security update
2023-02-23 00:00:00
redos
redos
ROS-20221227-02
2022-12-27 00:00:00
debian
debian
[SECURITY] [DLA 3335-1] asterisk security update
2023-02-22 22:37:04
[SECURITY] [DSA 5358-1] asterisk security update
2023-02-23 09:30:16
[SECURITY] [DLA 3549-1] ring security update
2023-08-29 21:30:29
nessus
nessus
Debian DLA-3335-1 : asterisk - LTS security update
2023-02-24 00:00:00
Debian DSA-5358-1 : asterisk - security update
2023-02-24 00:00:00
Debian DLA-3549-1 : ring - LTS security update
2023-08-30 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3335-1)
2023-02-23 00:00:00
Debian: Security Advisory (DSA-5358-1)
2023-02-24 00:00:00
Debian: Security Advisory (DLA-3549-1)
2023-08-31 00:00:00
ubuntu
ubuntu
Ring vulnerabilities
2023-10-09 00:00:00
Ring vulnerabilities
2023-10-24 00:00:00