VYPR

Pjproject

by Pjsip

Source repositories

CVEs (39)

  • CVE-2022-39244Oct 6, 2022
    risk 0.00cvss epss 0.01

    PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This…

  • CVE-2022-31031Jun 7, 2022
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability affects PJSIP users that use…

  • CVE-2022-24792Apr 25, 2022
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C. A denial-of-service vulnerability affects applications on a 32-bit systems that use PJSIP versions 2.12 and prior to play/read invalid WAV files. The vulnerability occurs when reading WAV file data…

  • CVE-2022-24793Apr 6, 2022
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.12 and prior affects applications that use PJSIP DNS resolution. It doesn't affect PJSIP users who utilize an external resolver. This vulnerability is…

  • CVE-2022-24786Apr 6, 2022
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI (Reference Picture Selection Indication) packet, but any app that directly uses pjmedia_rtcp_fb_parse_rpsi() will be affected. A…

  • CVE-2022-24764Mar 22, 2022
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affects PJSUA2 users or users that call the API `pjmedia_sdp_print(), pjmedia_sdp_media_print()`. Applications that do not…

  • CVE-2022-24754Mar 11, 2022
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials (credentials with data_type…

  • CVE-2022-23608Feb 22, 2022
    risk 0.00cvss epss 0.04

    PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set (or forking) scenario, a hash key shared by…

  • CVE-2021-43303Feb 16, 2022
    risk 0.00cvss epss 0.02

    Buffer overflow in PJSUA API when calling pjsua_call_dump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument supplied

  • CVE-2021-43300Feb 16, 2022
    risk 0.00cvss epss 0.02

    Stack overflow in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.

  • CVE-2022-21723Jan 27, 2022
    risk 0.00cvss epss 0.04

    PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a malformed multipart can…

  • CVE-2022-21722Jan 27, 2022
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.11.1 and prior, there are various cases where it is possible that certain incoming RTP/RTCP…

  • CVE-2021-41141Jan 4, 2022
    risk 0.00cvss epss 0.01

    PJSIP is a free and open source multimedia communication library written in the C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In various parts of PJSIP, when error/failure occurs, it is found that the function returns without…

  • CVE-2021-43845Dec 27, 2021
    risk 0.00cvss epss 0.04

    PJSIP is a free and open source multimedia communication library. In version 2.11.1 and prior, if incoming RTCP XR message contain block, the data field is not checked against the received packet size, potentially resulting in an out-of-bound read access. This affects all users…

  • CVE-2021-43804Dec 22, 2021
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming RTCP BYE message contains a reason's length, this declared length is not…

  • CVE-2021-37706Dec 22, 2021
    risk 0.00cvss epss 0.05

    PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not…

  • CVE-2021-32686Jul 23, 2021
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition…

  • CVE-2021-21375Mar 10, 2021
    risk 0.00cvss epss 0.02

    PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP version 2.10 and earlier, after an initial INVITE has been sent, when two 183 responses are received,…

  • CVE-2020-15260Mar 10, 2021
    risk 0.00cvss epss 0.01

    PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.10 and earlier, PJSIP transport can be reused if they have the same IP address + port + protocol.…

Page 2 of 2