VYPR

Pjsip

by Pjsip

Source repositories

CVEs (48)

  • CVE-2026-26967Feb 20, 2026
    risk 0.00cvss epss 0.00

    PJSIP is a free and open source multimedia communication library written in C. In versions 2.16 and below, there is a critical Heap-based Buffer Overflow vulnerability in PJSIP's H.264 unpacketizer. The bug occurs when processing malformed SRTP packets, where the unpacketizer…

  • CVE-2026-26203Feb 19, 2026
    risk 0.00cvss epss 0.00

    PJSIP is a free and open source multimedia communication library. Versions prior to 2.17 have a critical heap buffer underflow vulnerability in PJSIP's H.264 packetizer. The bug occurs when processing malformed H.264 bitstreams without NAL unit start codes, where the packetizer…

  • CVE-2023-38703Oct 6, 2023
    risk 0.00cvss epss 0.01

    PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C#, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level…

  • CVE-2023-27585Mar 14, 2023
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is…

  • CVE-2022-23547Dec 23, 2022
    risk 0.00cvss epss 0.01

    PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message.…

  • CVE-2022-23537Dec 20, 2022
    risk 0.00cvss epss 0.01

    PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The…

  • CVE-2022-39244Oct 6, 2022
    risk 0.00cvss epss 0.01

    PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This…

  • CVE-2022-31031Jun 7, 2022
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability affects PJSIP users that use…

  • CVE-2022-24792Apr 25, 2022
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C. A denial-of-service vulnerability affects applications on a 32-bit systems that use PJSIP versions 2.12 and prior to play/read invalid WAV files. The vulnerability occurs when reading WAV file data…

  • CVE-2022-24793Apr 6, 2022
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.12 and prior affects applications that use PJSIP DNS resolution. It doesn't affect PJSIP users who utilize an external resolver. This vulnerability is…

  • CVE-2022-24786Apr 6, 2022
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI (Reference Picture Selection Indication) packet, but any app that directly uses pjmedia_rtcp_fb_parse_rpsi() will be affected. A…

  • CVE-2022-24764Mar 22, 2022
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affects PJSUA2 users or users that call the API `pjmedia_sdp_print(), pjmedia_sdp_media_print()`. Applications that do not…

  • CVE-2022-24754Mar 11, 2022
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials (credentials with data_type…

  • CVE-2022-23608Feb 22, 2022
    risk 0.00cvss epss 0.04

    PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set (or forking) scenario, a hash key shared by…

  • CVE-2021-43302Feb 16, 2022
    risk 0.00cvss epss 0.02

    Read out-of-bounds in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause an out-of-bounds read when the filename is shorter than 4 characters.

  • CVE-2021-43299Feb 16, 2022
    risk 0.00cvss epss 0.02

    Stack overflow in PJSUA API when calling pjsua_player_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.

  • CVE-2021-43300Feb 16, 2022
    risk 0.00cvss epss 0.02

    Stack overflow in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.

  • CVE-2021-43303Feb 16, 2022
    risk 0.00cvss epss 0.02

    Buffer overflow in PJSUA API when calling pjsua_call_dump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument supplied

  • CVE-2021-43301Feb 16, 2022
    risk 0.00cvss epss 0.02

    Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled 'file_names' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.

  • CVE-2022-21722Jan 27, 2022
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.11.1 and prior, there are various cases where it is possible that certain incoming RTP/RTCP…