Lucene search

K
redhatcveRedhat.comRH:CVE-2022-21723
HistoryMay 20, 2022 - 11:43 p.m.

CVE-2022-21723

2022-05-2023:43:44
redhat.com
access.redhat.com
18
pjsip
multimedia communication
sip
sdp
rtp
stun
turn
ice
vulnerability
parsing
out-of-bound access

EPSS

0.005

Percentile

77.6%

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a malformed multipart can potentially cause out-of-bound read access. This issue affects all PJSIP users that accept SIP multipart. The patch is available as commit in the master branch. There are no known workarounds.