3 matches found
CVE-2022-26498
An issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it is possible to download files that are not certificates. These files could be much larger than what one would expect to download, leading to Resource Exhaustion. This is fixed in 16.25.2, 18.11.2, and 19.3.2...
CVE-2022-26498
CVE-2022-26498 affects Asterisk up to 19.x. STIR/SHAKEN handling may allow downloading non-certificate files, leading to Resource Exhaustion . This is fixed in 16.25.2, 18.11.2, and 19.3.2 ; upgrade to one of these versions to remediate.
Asterisk Multiple Vulnerabilities (AST-2022-001, AST-2022-002)
Asterisk is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:digium:asterisk"; if description...