CVE-2022-23537 in PJSIPالمعلومات

الملخص

بحسب MITRE • 20/12/2022

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as a commit in the master branch (2.13.1).

If you want to get best quality of vulnerability data, you may have to visit VulDB.

مسؤول

GitHub, Inc.

حجز

19/01/2022

إفشاء

20/12/2022

الاعتدال

تمت الموافقة

إدخال

VDB-216370

EPSS

0.01026

KEV

لا

النشاطات

منخفض جدًا

المصادر

Want to know what is going to be exploited?

We predict KEV entries!