Lucene search
GoogleOSV:CVE-2022-31001HistoryMay 31, 2022 - 8:15 p.m.
CVE-2022-31001
2022-05-3120:15:07
Google
osv.dev
4
0.002 Low
EPSS
Percentile
52.1%
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by #define MATCH(s, m) (strncmp(s, m, n = sizeof(m) - 1) == 0), which will make n bigger and trigger out-of-bound access when IS_NON_WS(s[n]). Version 1.13.8 contains a patch for this issue.
Related
prion
prion
Design/Logic Flaw
2022-05-31 20:15:00
debiancve
debiancve
CVE-2022-31001
2022-05-31 20:15:07
alpinelinux
alpinelinux
CVE-2022-31001
2022-05-31 20:15:07
cvelist
cvelist
CVE-2022-31001 Out-of-bounds Read in Sofia-SIP
2022-05-31 00:00:00
cve
cve
CVE-2022-31001
2022-05-31 20:15:07
ubuntucve
ubuntucve
CVE-2022-31001
2022-05-31 00:00:00
veracode
veracode
Out Of Bounds Read
2023-03-22 09:05:27
nvd
nvd
CVE-2022-31001
2022-05-31 20:15:07
nessus
nessus
Debian DLA-3091-1 : sofia-sip - LTS security update
2022-09-02 00:00:00
GLSA-202210-18 : Sofia-SIP: Multiple Vulnerabilities
2022-10-31 00:00:00
Debian DSA-5410-1 : sofia-sip - security update
2023-05-24 00:00:00
gentoo
gentoo
Sofia-SIP: Multiple Vulnerabilities
2022-10-31 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3091-1)
2022-09-03 00:00:00
Mageia: Security Advisory (MGASA-2022-0343)
2022-09-22 00:00:00
Debian: Security Advisory (DSA-5410-1)
2023-05-25 00:00:00
mageia
mageia
Updated sofia-sip packages fix security vulnerability
2022-09-21 21:15:27
debian
debian
[SECURITY] [DLA 3091-1] sofia-sip security update
2022-09-02 05:45:22
[SECURITY] [DSA 5410-1] sofia-sip
2023-05-24 10:39:40
osv
osv
sofia-sip - security update
2022-09-02 00:00:00
sofia-sip vulnerabilities
2023-03-07 14:34:13
sofia-sip - security update
2023-05-24 00:00:00
ubuntu
ubuntu
Sofia-SIP vulnerabilities
2023-03-07 00:00:00