Pjsip Security Vulnerabilities and Issues — Pjsip CVE List

Lucene search

TeluuPjsip

8 matches found

CVE•added 2023/03/14 5:15 p.m.•145 views

CVE-2023-27585

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to CVE-2022-...

7.5CVSS7.5AI score0.00363EPSS

CVE•added 2022/03/22 5:15 p.m.•136 views

CVE-2022-24764

PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affects PJSUA2 users or users that call the API pjmedia_sdp_print(), pjmedia_sdp_media_print(). Applications that do not use PJSUA2 and do not di...

7.5CVSS8.8AI score0.00312EPSS

CVE•added 2022/04/25 4:16 p.m.•123 views

CVE-2022-24792

PJSIP is a free and open source multimedia communication library written in C. A denial-of-service vulnerability affects applications on a 32-bit systems that use PJSIP versions 2.12 and prior to play/read invalid WAV files. The vulnerability occurs when reading WAV file data chunks with length gre...

7.5CVSS7.5AI score0.00241EPSS

CVE•added 2021/12/22 6:15 p.m.•101 views

CVE-2021-43804

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming RTCP BYE message contains a reason's length, this declared length is not checked against the ...

7.5CVSS8.1AI score0.00299EPSS

CVE•added 2022/01/04 7:15 p.m.•86 views

CVE-2021-41141

PJSIP is a free and open source multimedia communication library written in the C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In various parts of PJSIP, when error/failure occurs, it is found that the function returns without releasing the currently he...

7.8CVSS6.3AI score0.00314EPSS

CVE•added 2017/11/17 4:29 p.m.•56 views

CVE-2017-16875

An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1. The ioqueue component may issue a double key unregistration after an attacker initiates a socket connection with specific settings and sequences. Such double key unregistration will trigger an integer overflow,...

7.5CVSS7.7AI score0.00529EPSS

CVE•added 2018/03/13 1:29 a.m.•53 views

CVE-2018-1000099

Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2.

7.5CVSS7.5AI score0.0097EPSS

CVE•added 2018/03/13 1:29 a.m.•51 views

CVE-2018-1000098

Teluu PJSIP version 2.7.1 and earlier contains a Integer Overflow vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2.

7.5CVSS7.8AI score0.00704EPSS