Lucene search

K
prionPRIOn knowledge basePRION:CVE-2022-23547
HistoryDec 23, 2022 - 3:15 p.m.

Design/Logic Flaw

2022-12-2315:15:00
PRIOn knowledge base
www.prio-n.com
7
pjsip
multimedia communication
buffer overread
stun
vulnerability
patch
master branch
protocols
sip
sdp
rtp
turn
ice
pjnath
pjsua-lib
nvd

AI Score

9.2

Confidence

High

EPSS

0.002

Percentile

53.2%

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as commit in the master branch.

CPENameOperatorVersion
pjsiplt2.13.1

AI Score

9.2

Confidence

High

EPSS

0.002

Percentile

53.2%