sofia-sip is vulnerable to Denial of Service (DoS) attacks. An attacker is able to send a message with evil sdp to FreeSWITCH, which may cause an application crash with the use of a URL ending with %
.
github.com/freeswitch/sofia-sip/commit/51841eb53679434a386fb2dcbca925dcc48d58ba
github.com/freeswitch/sofia-sip/security/advisories/GHSA-g3x6-p824-x6hm
lists.debian.org/debian-lts-announce/2022/09/msg00001.html
secdb.alpinelinux.org/edge/main.yaml
secdb.alpinelinux.org/v3.14/main.yaml
secdb.alpinelinux.org/v3.15/main.yaml
secdb.alpinelinux.org/v3.16/main.yaml
secdb.alpinelinux.org/v3.17/main.yaml
security.gentoo.org/glsa/202210-18
www.debian.org/security/2023/dsa-5410