Digium Certified Asterisk 13.13.0 Cert3
Approved changes feed: RSS · Atom
cpe:2.3:a:digium:certified_asterisk:13.13.0:cert3:*:*:*:*:*:*
part: a version: 13.13.0 update: cert3
| Vendor | Digium (05ad29b7-5b41-56d5-935d-a279ab7f14bc) |
|---|---|
| Product | Certified Asterisk (28acf01c-dbb1-5902-9616-b4c28682b220) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:asterisk/telephony/certified-asterisk |
purl2cpe | 2026-06-01 10:15:42.007790 |
pkg:github/asterisk/asterisk |
purl2cpe | 2026-06-01 10:15:42.007792 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2017-9372 |
vulnerable | 2026-06-08 05:10:09.814690 |
Details available
PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service (buffer overflow and application crash) via a SIP packet with a crafted CSeq header in conjunction with a Via header that lacks a branch parameter.
Published: 2017-06-02T14:00:00.000Z
Updated: 2024-08-05T17:02:44.358Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-9359 |
vulnerable | 2026-06-08 05:10:09.773023 |
Details available
The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
Published: 2017-06-02T05:04:00.000Z
Updated: 2024-08-05T17:02:44.361Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16672 |
vulnerable | 2026-06-08 05:09:00.716891 |
Details available
An issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Asterisk 13.13 before 13.13-cert7. A memory leak occurs when an Asterisk pjsip session object is created and that call gets rejected before the session itself is fully established. When this happens the session object never gets destroyed. Eventually Asterisk can run out of memory and crash.
Published: 2017-11-09T00:00:00.000Z
Updated: 2024-08-05T20:35:19.786Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16671 |
vulnerable | 2026-06-08 05:09:00.714721 |
Details available
A Buffer Overflow issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Asterisk 13.13 before 13.13-cert7. No size checking is done when setting the user field for Party B on a CDR. Thus, it is possible for someone to use an arbitrarily large string and write past the end of the user field storage buffer. NOTE: this is different from CVE-2017-7617, which was only about the Party A buffer.
Published: 2017-11-09T00:00:00.000Z
Updated: 2024-08-05T20:35:19.933Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.