VYPR

Freeswitch

by Signalwire

Source repositories

CVEs (23)

  • CVE-2021-41157MedOct 26, 2021
    risk 0.00cvss 5.3epss 0.02

    FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. By default, SIP requests of the type SUBSCRIBE are not authenticated in the affected versions of…

  • CVE-2015-7392Oct 5, 2015
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in the parse_string function in libs/esl/src/esl_json.c in FreeSWITCH before 1.4.23 and 1.6.x before 1.6.2 allows remote attackers to execute arbitrary code via a trailing \u in a json string to cJSON_Parse.

  • CVE-2013-2238Sep 30, 2013
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in the switch_perform_substitution function in switch_regex.c in FreeSWITCH 1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the index and substituted variables.

Page 2 of 2