2 matches found
ALPINE-CVE-2022-31002
Sofia-SIP is an open-source Session Initiation Protocol SIP User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be caused by a URL ending with %. Version 1.13.8 contains a patch for this issue...
PT-2025-39959
Name of the Vulnerable Software and Affected Versions node-static affected versions not specified @nubosoftware/node-static affected versions not specified Description The software does not properly handle user input containing null bytes. This can allow attackers to access http://host/%00 and...