rpm package
opensuse/libsrtp&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/libsrtp&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-6360 | Hig | 7.5 | < 1.5.4-2.1 | 1.5.4-2.1 | Apr 21, 2016 | The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686. | |
| CVE-2013-2139 | — | < 1.5.4-2.1 | 1.5.4-2.1 | Jan 16, 2014 | Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service (crash) via vectors related to a length inconsistency in the crypto_policy_set_from_profile_for_rtp and srtp_protect functions. |
- affected < 1.5.4-2.1fixed 1.5.4-2.1
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.
- CVE-2013-2139Jan 16, 2014affected < 1.5.4-2.1fixed 1.5.4-2.1
Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service (crash) via vectors related to a length inconsistency in the crypto_policy_set_from_profile_for_rtp and srtp_protect functions.