CVE-2026-34235 in pjsip pjprojectinformação

Sumário (Inglês)

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap out-of-bounds read vulnerability exists in PJSIP's VP9 RTP unpacketizer that occurs when parsing crafted VP9 Scalability Structure (SS) data. Insufficient bounds checking on the payload descriptor length may cause reads beyond the allocated RTP payload buffer. This issue has been patched in version 2.17. A workaround for this issue involves disabling VP9 codec if not needed.

Responsável

GitHub_M

Reservar

26/03/2026

Divulgação

31/03/2026

Inscrições

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilidadeCWEExpConCVE
354434pjsip pjproject Divulgação de Informação125Não definidoCorreção oficialCVE-2026-34235

Descrição

CPE

CWE

CVSS

Explorações

História

Diferença

Relacionar

Inteligência de ameaças

API JSON

API XML

API CSV

VoltarVisão GeralPróximo

Do you need the next level of professionalism?

Upgrade your account now!