Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/05/08 7:31 p.m.9 views

CVE-2026-42225

A flaw was found in PJSIP. On GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via verifyserver = PJTRUE or verifyclient = PJTRUE...

8.2CVSS5.7AI score0.00161EPSS
Exploits0References2
NVD
NVD
added 2026/05/07 8:16 p.m.15 views

CVE-2026-42225

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via...

8.2CVSS0.00161EPSS
Exploits0References3
CVE
CVE
added 2026/05/07 6:47 p.m.21 views

CVE-2026-42225

PJSIP’s GnuTLS-enabled SIP TLS transport (sip_transport_tls) in builds prior to version 2.17 can accept connections with invalid/untrusted certificates even when verify_server/verify_client are PJ_TRUE. The vulnerability arises from certificate verification being effectively skipped for those bui...

8.2CVSS5.7AI score0.00161EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/07 6:47 p.m.10 views

CVE-2026-42225

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via...

8.2CVSS5.7AI score0.00161EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.12 views

PJSIP 信任管理问题漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Prior to PJSIP version 2.17, there were vulnerabilities related to trust management. These vulnerabilities...

8.2CVSS5.8AI score0.00161EPSS
Exploits0References1
Veracode
Veracode
added 2021/02/25 4:59 p.m.35 views

Denial Of Service (DoS)

asterisk is vulnerable to denial of service DoS. A respjsipsession crash was discovered in Asterisk Open Source. Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This caused a gap between the creation of the dialog object, and its next use by the...

5.3CVSS0.8AI score0.01969EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder