GCVE - cpe:2.3:a:asterisk:open_source:10.3:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:asterisk:open_source:10.3:*:*:*:*:*:*:*

part: a version: 10.3 update: *

Vendor	Asterisk (`8cf0208b-fb97-57c9-94a0-6da40e548dcd`)
Product	Open Source (`8a2c0991-ed09-534c-8225-148908a50b94`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:deb/debian/asterisk`	purl2cpe	2026-06-01 10:15:23.026753
`pkg:deb/ubuntu/asterisk`	purl2cpe	2026-06-01 10:15:23.026755
`pkg:github/asterisk/asterisk`	purl2cpe	2026-06-01 10:15:23.026756
`pkg:rpm/fedora/asterisk`	purl2cpe	2026-06-01 10:15:23.026758
`pkg:rpm/opensuse/asterisk`	purl2cpe	2026-06-01 10:15:23.026759

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2012-2948`	vulnerable	2026-06-03 14:31:55.969586	Details available chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by closing a connection in off-hook mode. Published: 2012-06-02T15:00:00.000Z Updated: 2024-08-06T19:50:05.178Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/75937 http://www.securitytracker.com/id?1027103 http://www.debian.org/security/2012/dsa-2493 http://www.securityfocus.com/bid/53723 http://downloads.asterisk.org/pub/security/AST-2012-008.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-2186`	vulnerable	2026-06-03 14:31:46.822408	Details available Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action. Published: 2012-08-31T14:00:00.000Z Updated: 2024-08-06T19:26:08.975Z Open on db.gcve.eu Reference links http://secunia.com/advisories/50687 http://secunia.com/advisories/50756 http://www.debian.org/security/2012/dsa-2550 http://downloads.asterisk.org/pub/security/AST-2012-012.html http://www.securitytracker.com/id?1027460	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.