Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:35523
HistoryMay 14, 2022 - 8:06 p.m.

Buffer Overflow

2022-05-1420:06:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18
pjsip
multimedia communication
stack-buffer overflow
vulnerability
hashed digest credentials
data_type
pjsip_cred_data_digest
patched
master branch
upgrade
pjsip_md5strlen

EPSS

0.007

Percentile

80.9%

JSON

PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials (credentials with data_type PJSIP_CRED_DATA_DIGEST). This issue has been patched in the master branch of the PJSIP repository and will be included with the next release. Users unable to upgrade need to check that the hashed digest data length must be equal to PJSIP_MD5STRLEN before passing to PJSIP.

Related

cvelist 1
osv 6
alpinelinux 1
nvd 1
prion 1
ubuntucve 1
debiancve 1
cve 1
redos 1
nessus 6
debian 2
openvas 5
gentoo 1
ubuntu 2
cvelist
cvelist
CVE-2022-24754 Buffer overflow in pjsip
2022-03-11 00:00:00
osv
osv
CVE-2022-24754
2022-03-11 20:15:08
pjproject - security update
2022-03-28 00:00:00
ring - security update
2024-09-14 00:00:00
alpinelinux
alpinelinux
CVE-2022-24754
2022-03-11 20:15:08
nvd
nvd
CVE-2022-24754
2022-03-11 20:15:08
prion
prion
Stack overflow
2022-03-11 20:15:00
ubuntucve
ubuntucve
CVE-2022-24754
2022-03-11 00:00:00
debiancve
debiancve
CVE-2022-24754
2022-03-11 20:15:08
cve
cve
CVE-2022-24754
2022-03-11 20:15:08
redos
redos
ROS-20220518-03
2022-05-18 00:00:00
nessus
nessus
Debian DLA-2962-1 : pjproject - LTS security update
2022-03-30 00:00:00
GLSA-202210-37 : PJSIP: Multiple Vulnerabilities
2022-10-31 00:00:00
Ubuntu 23.10 : Ring vulnerabilities (USN-6422-2)
2023-10-24 00:00:00
debian
debian
[SECURITY] [DLA 2962-1] pjproject security update
2022-03-28 14:23:21
[SECURITY] [DLA 3549-1] ring security update
2023-08-29 21:15:19
openvas
openvas
Debian: Security Advisory (DLA-2962-1)
2022-03-29 00:00:00
Ubuntu: Security Advisory (USN-6422-1)
2023-10-10 00:00:00
Ubuntu: Security Advisory (USN-6422-2)
2023-10-25 00:00:00
gentoo
gentoo
PJSIP: Multiple Vulnerabilities
2022-10-31 00:00:00
ubuntu
ubuntu
Ring vulnerabilities
2023-10-24 00:00:00
Ring vulnerabilities
2023-10-09 00:00:00

EPSS

0.007

Percentile

80.9%

JSON
Related for VERACODE:35523
cvelist1osv6alpinelinux1nvd1prion1ubuntucve1debiancve1cve1redos1nessus6debian2openvas5gentoo1ubuntu2