Lucene search
+L

35 matches found

OSV
OSV
added 2025/08/01 6:15 p.m.2 views

DEBIAN-CVE-2025-49832

Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including 18.26.2, between 20.00.0 and 20.15.0, 20.7-cert6, 21.00.0, 22.00.0 through 22.5.0, there is a remote DoS and possible RCE condition in asterisk/res/resstirshaken /verification.c that can be...

6.5CVSS6.2AI score0.00446EPSS
Exploits1References1
OSV
OSV
added 2025/08/01 6:15 p.m.4 views

UBUNTU-CVE-2025-49832

Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including 18.26.2, between 20.00.0 and 20.15.0, 20.7-cert6, 21.00.0, 22.00.0 through 22.5.0, there is a remote DoS and possible RCE condition in asterisk/res/resstirshaken /verification.c that can be...

6.5CVSS5.9AI score0.00446EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2025/08/01 5:57 p.m.7 views

CVE-2025-49832

Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including 18.26.2, between 20.00.0 and 20.15.0, 20.7-cert6, 21.00.0, 22.00.0 through 22.5.0, there is a remote DoS and possible RCE condition in asterisk/res/resstirshaken /verification.c that can be...

6.5CVSS5.6AI score0.00446EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2025/08/01 5:57 p.m.8 views

CVE-2025-49832

Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including 18.26.2, between 20.00.0 and 20.15.0, 20.7-cert6, 21.00.0, 22.00.0 through 22.5.0, there is a remote DoS and possible RCE condition in asterisk/res/resstirshaken /verification.c that can be...

6.5CVSS7.2AI score0.00446EPSS
Exploits1References1
NVD
NVD
added 2022/04/15 5:15 a.m.22 views

CVE-2022-26499

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

9.1CVSS0.0768EPSS
Exploits0References5
OSV
OSV
added 2022/04/15 5:15 a.m.4 views

ALPINE-CVE-2022-26499

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

9.1CVSS7AI score0.0768EPSS
Exploits0References1
Prion
Prion
added 2022/04/15 5:15 a.m.26 views

Server side request forgery (ssrf)

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

6.4CVSS8.8AI score0.0768EPSS
Exploits0References5Affected Software2
UbuntuCve
UbuntuCve
added 2022/04/15 5:15 a.m.42 views

CVE-2022-26499

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

9.1CVSS7.3AI score0.0768EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2022/04/15 5:15 a.m.3 views

CVE-2022-26499

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

9.1CVSS7.3AI score0.0768EPSS
Exploits0References6
OSV
OSV
added 2022/04/15 5:15 a.m.5 views

UBUNTU-CVE-2022-26499

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

9.1CVSS5.9AI score0.0768EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/04/15 12:0 a.m.5 views

Asterisk 代码问题漏洞

Asterisk is software for a PBX system that runs on Linux and supports IP calls using SIP, IAX, and H323 protocols. Asterisk version 19.x and prior versions of STIR/SHAKEN contain a security vulnerability that originates from the ability to send arbitrary requests e.g., GET to interfaces such as...

9.1CVSS8.1AI score0.0768EPSS
Exploits0References10
Cvelist
Cvelist
added 2022/04/15 12:0 a.m.45 views

CVE-2022-26499

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

9.2AI score0.0768EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/04/15 12:0 a.m.4 views

PT-2022-17903 · Asterisk · Asterisk

Name of the Vulnerable Software and Affected Versions: Asterisk versions prior to 16.25.2 Asterisk versions prior to 18.11.2 Asterisk versions prior to 19.3.2 Description: An issue was discovered in Asterisk. When using STIR/SHAKEN, it's possible to send arbitrary requests, such as GET, to...

9.8CVSS8.3AI score0.16406EPSS
Exploits2References62
Debian CVE
Debian CVE
added 2022/04/15 12:0 a.m.77 views

CVE-2022-26499

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

9.1CVSS8.6AI score0.0768EPSS
Exploits0
OSV
OSV
added 2022/04/15 12:0 a.m.46 views

CVE-2022-26499

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests such as GET to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2...

9.1CVSS1.6AI score0.0768EPSS
Exploits0References7
Rows per page
Query Builder