14 matches found
CVE-2022-24793
CVE-2022-24793 affects PJSIP’s DNS resolver. A buffer overflow is triggered in parsing the query record (parse_rr) for versions ≤ 2.12. A fix exists in the pjproject master branch; a workaround is to disable DNS resolution in PJSIP (set nameserver_count to 0) or use an external resolver. The issu...
CVE-2022-24786
CVE-2022-24786 affects PJSIP (PJPROJECT) versions 2.12 and earlier. The root cause is that PJMEDIA RTC PTS/RPSI feedback parsing does not correctly handle RTCP RPSI packets, enabling an impact to applications that directly call pjmedia_rtcp_fb_parse_rpsi(). The issue is documented with a patch av...
CVE-2022-39244
CVE-2022-39244 affects the PJSIP/Pjproject stack prior to 2.13. The vulnerability is a buffer overflow in the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser. This could put users connecting to untrusted clients at risk. The issue has been patched in commit c4d3498 and will be included ...
CVE-2022-23547
CVE-2022-23547 is a vulnerability in the pjproject/PJSIP stack used by Ring and related components. It describes a possible buffer overread when parsing a STUN message. Affected products/areas: embedded pjproject components in Ring (PJSIP/PJNATH/PJSUA-LIB use), with the issue arising during STUN ...
CVE-2026-26967
PJSIP Vulnerability CVE-2026-26967: In 2.16 and earlier, the H.264 unpacketizer can overflow the heap when processing malformed SRTP packets, due to reading a 2-byte NAL unit size without validating bounds within the payload. Affected: PJSIP-based applications handling H.264 video streams. Impact...
CVE-2026-28799
CVE-2026-28799 affects the PJSIP multimedia library (up to version 2.16). A heap use-after-free flaw exists in PJSIP’s event subscription framework (evsub.c) and is triggered during presence unsubscription with SubSCRIBE and Expires=0. The issue can impact availability (high impact) with negligib...
CVE-2026-25994
CVE-2026-25994 affects PJSIP’s PJNATH ICE Session in 2.16 and earlier. The vulnerability is a buffer overflow triggered when processing credentials with excessively long usernames. According to the description, this can impact confidentiality, integrity, and availability (high impact) and is expl...
CVE-2026-33069
PJSIP versions 2.16 and earlier are affected by a cascading out-of-bounds heap read in pjsip_multipart_parse(), where after boundary matching curptr is advanced past the delimiter without ensuring it is within the buffer, allowing 1–2 bytes of adjacent heap memory to be read. This affects applica...
CVE-2026-40614
Summary of CVE-2026-40614 (PJSIP): PJSIP (2.16 and earlier) has a heap buffer overflow in Opus decoding due to insufficient bounds checking in the codec_decode path. The FEC decode buffers (dec_frame[].buf) are allocated using a PCM-derived size, which at 8 kHz mono yields 960 bytes, but codec_pa...
CVE-2026-29068
PJSIP is affected by a stack buffer overflow in the pjmedia-codec RTP payload parser when a payload contains more frames than the caller-provided frames can hold. This impacts versions prior to 2.17. The vulnerability, with a CVSS 4.0 base score of 8.7 (Network attack vector, no user interaction,...
CVE-2026-32945
CVE-2026-32945 affects PJSIP 2.16 and earlier; the DNS parser’s name-length handling in pjlib-util (get_name_len/get_name) allows a heap-based buffer overflow via a crafted DNS response, enabling remote DoS. The issue is fixed in PJSIP 2.17. Mitigations/workarounds: upgrade to 2.17, or avoid DNS ...
CVE-2026-26203
PJSIP (pjproject) versions prior to 2.17 contain a heap buffer underflow in the H.264 packetizer when processing malformed bitstreams without NAL unit start codes. The packetizer performs unchecked pointer arithmetic, potentially reading memory before the allocated buffer. A patch is available in...
CVE-2026-32942
PJSIP (C library) contains a heap use-after-free in the ICE session for versions 2.16 and earlier, caused by race conditions between session destruction and callbacks. This may lead to crashes; upgrading to version 2.17 fixes the issue. References confirm affected versions and fix.
CVE-2026-40892
CVE-2026-40892 (PJSIP) : A stack buffer overflow exists in pjsip_auth_create_digest2() for 2.16 and earlier when using pre-computed digest credentials (PJSIP_CRED_DATA_DIGEST). The function copies cred_info->data.slen without an upper-bound check, which can overflow the fixed-size ha1 buffer (...