Lucene search
K

4 matches found

OSV
OSV
added 2026/06/17 6:43 a.m.7 views

MGASA-2026-0217 Updated coturn packages fix security vulnerabilities

CVE-2026-40613 Coturn: Misaligned Memory Access in coturn STUN Attribute Parser Remote DoS on ARM64...

7.5CVSS5.3AI score0.01123EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/21 6:0 p.m.6 views

CVE-2026-40613 Coturn: Misaligned Memory Access in coturn STUN Attribute Parser (Remote DoS on ARM64)

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.10.0, the STUN/TURN attribute parsing functions in coturn perform unsafe pointer casts from uint8t to uint16t without alignment checks. When processing a crafted STUN message with odd-aligned attribute boundaries, thi...

7.5CVSS5.8AI score0.01123EPSS
Exploits1References1
CVE
CVE
added 2026/04/21 6:0 p.m.24 views

CVE-2026-40613

CVE-2026-40613 affects coturn prior to 4.10.0, where STUN/TURN attribute parsing in ns_turn_msg.c performs unsafe pointer casts from uint8_t* to uint16_t* without alignment checks. On ARM64 (AArch64) with strict alignment, processing crafted STUN messages with odd-aligned attribute boundaries tri...

7.5CVSS5.8AI score0.01123EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2023/01/19 10:15 p.m.3 views

ALPINE-CVE-2023-22741

Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. In affected versions Sofia-SIP lacks both message length and attributes length checks when it handles STUN packets, leading to controllable heap-over-flow. For example, in stunparseattribute, after ...

9.8CVSS8.1AI score0.0238EPSS
Exploits1References1
Rows per page
Query Builder