CVE-2020-35776

2021-02-1820:15:12

Google

osv.dev

7.3 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.1%

JSON

A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote attacker to crash Asterisk by deliberately misusing SIP 181 responses.

CPENameOperatorVersion
asteriskeq10.4.1-r1
asteriskeq13.0.2-r0
asteriskeq12.5.1-r0
asteriskeq1.8.4-r0
asteriskeq1.6.0.9-r0
asteriskeq1.6.0.13-r0
asteriskeq1.6.0.18-r1
asteriskeq10.7.1-r3
asteriskeq11.5.1-r1
asteriskeq13.5.0-r0

Name	Operator	Version
asterisk	eq	10.4.1-r1
asterisk	eq	13.0.2-r0
asterisk	eq	12.5.1-r0
asterisk	eq	1.8.4-r0
asterisk	eq	1.6.0.9-r0
asterisk	eq	1.6.0.13-r0
asterisk	eq	1.6.0.18-r1
asterisk	eq	10.7.1-r3
asterisk	eq	11.5.1-r1
asterisk	eq	13.5.0-r0