GCVE - cpe:2.3:a:digium:certified_asterisk:1.8.28:-:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:digium:certified_asterisk:1.8.28:-:*:*:*:*:*:*

part: a version: 1.8.28 update: -

Vendor	Digium (`05ad29b7-5b41-56d5-935d-a279ab7f14bc`)
Product	Certified Asterisk (`28acf01c-dbb1-5902-9616-b4c28682b220`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:asterisk/telephony/certified-asterisk`	purl2cpe	2026-06-01 10:15:42.119236
`pkg:github/asterisk/asterisk`	purl2cpe	2026-06-01 10:15:42.119238

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2016-2316`	vulnerable	2026-06-08 05:07:34.129796	Details available chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3, when the timert1 sip.conf configuration is set to a value greater than 1245, allows remote attackers to cause a denial of service (file descriptor consumption) via vectors related to large retransmit timeout values. Published: 2016-02-22T15:05:00.000Z Updated: 2024-08-05T23:24:48.520Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/82651 http://www.securitytracker.com/id/1034930 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177409.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177422.html http://www.debian.org/security/2016/dsa-3700	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.