Lucene search
+L

7 matches found

debian
debian
added 2022/03/28 2:23 p.m.44 views

[SECURITY] [DLA 2962-1] pjproject security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2962-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA March 28, 2022 https://wiki.debian.org/LTS -...

9.8CVSS10AI score0.0462EPSS
Exploits1
openvas
openvas
added 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2021-0559)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.2AI score0.02082EPSS
Exploits0References3
osv
osv
added 2021/12/19 12:26 p.m.17 views

MGASA-2021-0559 Updated pjproject packages fix security vulnerability

Updated pjproject packages fix security vulnerability: In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback and destroy, due to the accepted socket having no group lock. Second, the SSL socket parent/ listener may get...

5.9CVSS6.5AI score0.02082EPSS
Exploits0References2
nessus
nessus
added 2021/07/26 12:0 a.m.33 views

FreeBSD : asterisk -- pjproject/pjsip: crash when SSL socket destroyed during handshake (53fbffe6-ebf7-11eb-aef1-0897988a1c07)

The Asterisk project reports : Depending on the timing, it's possible for Asterisk to crash when using a TLS connection if the underlying socket parent/listener gets destroyed during the handshake. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

5.9CVSS6.5AI score0.02082EPSS
Exploits0References3
nessus
nessus
added 2021/07/26 12:0 a.m.29 views

FreeBSD : pjsip -- Race condition in SSL socket server (92ad12b8-ec09-11eb-aef1-0897988a1c07)

pjsip reports : There are a couple of issues found in the SSL socket : - A race condition between callback and destroy, due to the accepted socket having no group lock. - SSL socket parent/listener may get destroyed during handshake. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

5.9CVSS6.4AI score0.02082EPSS
Exploits0References3
cve
cve
added 2021/07/23 12:0 a.m.185 views

CVE-2021-32686

CVE-2021-32686 affects the PJSIP pjproject library prior to 2.11.1. The issue is a race condition in the SSL socket: (1) the accepted socket lacks a group lock, causing a race between callback and destroy, and (2) the SSL socket parent/listener may be destroyed during TLS handshake. These intermi...

5.9CVSS5.8AI score0.02082EPSS
Exploits0References8Affected Software1
openvas
openvas
added 2021/07/23 12:0 a.m.19 views

Asterisk Multiple DoS Vulnerabilities (AST-2021-008, AST-2021-009)

Asterisk is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS6.7AI score0.0911EPSS
Exploits1References2
Rows per page
Query Builder