Lucene search
GoogleOSV:CVE-2022-31003HistoryMay 31, 2022 - 8:15 p.m.
CVE-2022-31003
2022-05-3120:15:07
Google
osv.dev
10
0.027 Low
EPSS
Percentile
90.6%
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, when parsing each line of a sdp message, rest = record + 2 will access the memory behind \0 and cause an out-of-bounds write. An attacker can send a message with evil sdp to FreeSWITCH, causing a crash or more serious consequence, such as remote code execution. Version 1.13.8 contains a patch for this issue.
Related
alpinelinux
alpinelinux
CVE-2022-31003
2022-05-31 20:15:07
veracode
veracode
Remote Code Execution (RCE)
2023-03-22 04:52:06
debiancve
debiancve
CVE-2022-31003
2022-05-31 20:15:07
cve
cve
CVE-2022-31003
2022-05-31 20:15:07
ubuntucve
ubuntucve
CVE-2022-31003
2022-05-31 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2022-31003
2022-05-31 20:15:07
prion
prion
Out-of-bounds
2022-05-31 20:15:00
mageia
mageia
Updated sofia-sip packages fix security vulnerability
2022-09-21 21:15:27
openvas
openvas
Debian: Security Advisory (DLA-3091-1)
2022-09-03 00:00:00
Mageia: Security Advisory (MGASA-2022-0343)
2022-09-22 00:00:00
Debian: Security Advisory (DSA-5410-1)
2023-05-25 00:00:00
gentoo
gentoo
Sofia-SIP: Multiple Vulnerabilities
2022-10-31 00:00:00
nessus
nessus
Debian DLA-3091-1 : sofia-sip - LTS security update
2022-09-02 00:00:00
GLSA-202210-18 : Sofia-SIP: Multiple Vulnerabilities
2022-10-31 00:00:00
debian
debian
[SECURITY] [DLA 3091-1] sofia-sip security update
2022-09-02 05:45:22
[SECURITY] [DSA 5410-1] sofia-sip
2023-05-24 10:39:40
osv
osv
sofia-sip - security update
2022-09-02 00:00:00
sofia-sip vulnerabilities
2023-03-07 14:34:13
sofia-sip - security update
2023-05-24 00:00:00
ubuntu
ubuntu
Sofia-SIP vulnerabilities
2023-03-07 00:00:00