Latest digium certified asterisk Vulnerabilities

● CVE-2022-26651

An issue was discovered in Asterisk through 19.x and Certified Asterisk through 16.8-cert13. The func_odbc module provides possibly inadequate escaping functionality for backslash characters in SQL qu...

Digium Asterisk>=16.0.0<16.25.2

Digium Asterisk>=18.0<18.11.2

Digium Asterisk>=19.0.0<19.3.2

Digium Certified Asterisk=16.8

Digium Certified Asterisk=16.8-cert1-rc1

Digium Certified Asterisk=16.8-cert1-rc2

and 21 more

● CVE-2021-32558

An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before 16.8-cert10. If the IAX2 channel driver ...

debian/asterisk<=1:16.2.1~dfsg-1+deb10u2

Digium Asterisk>=13.0.0<13.38.3

Digium Asterisk>=16.0.0<16.19.1

Digium Asterisk>=17.0.0<17.9.4

Digium Asterisk>=18.0.0<18.15.1

Digium Certified Asterisk=16.8

and 18 more

● CVE-2021-26713

A stack-based buffer overflow in res_rtp_asterisk.c in Sangoma Asterisk before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6 allows an authenticated WebR...

Digium Asterisk>=16.0.0<16.16.1

Digium Asterisk>=17.0.0<17.9.2

Digium Asterisk>=18.0.0<18.2.1

Digium Certified Asterisk=16.8

Digium Certified Asterisk=16.8-cert1-rc1

Digium Certified Asterisk=16.8-cert1-rc2

and 10 more

● CVE-2021-26712

Incorrect access controls in res_srtp.c in Sangoma Asterisk 13.38.1, 16.16.0, 17.9.1, and 18.2.0 and Certified Asterisk 16.8-cert5 allow a remote unauthenticated attacker to prematurely terminate secu...

Digium Asterisk>=13.0.0<=13.38.2

Digium Asterisk>=16.0.0<16.16.1

Digium Asterisk>=17.0.0<17.9.2

Digium Asterisk>=18.0<18.2.1

Digium Certified Asterisk=16.8

Digium Certified Asterisk=16.8-cert1-rc1

and 11 more

● CVE-2021-26906

An issue was discovered in res_pjsip_session.c in Digium Asterisk through 13.38.1; 14.x, 15.x, and 16.x through 16.16.0; 17.x through 17.9.1; and 18.x through 18.2.0, and Certified Asterisk through 16...

Digium Asterisk>=13.0.0<13.38.2

Digium Asterisk>=16.0.0<16.16.1

Digium Asterisk>=17.0.0<17.9.2

Digium Asterisk>=18.0<18.2.1

Digium Certified Asterisk=16.8

Digium Certified Asterisk=16.8-cert1-rc1

and 11 more

● CVE-2021-26717

An issue was discovered in Sangoma Asterisk 16.x before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6. When re-negotiating for T.38, if the initial remot...

Digium Asterisk>=16.0.0<16.16.1

Digium Asterisk>=17.0.0<17.9.2

Digium Asterisk>=18.0<18.2.1

Digium Certified Asterisk=16.8

Digium Certified Asterisk=16.8-cert1-rc1

Digium Certified Asterisk=16.8-cert1-rc2

and 10 more

● CVE-2020-28327

A res_pjsip_session crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. and Certified Asterisk before 16.8-cert5. Upon re...

Asterisk Open Source>=13.0.0<13.37.1

Asterisk Open Source>=16.0.0<16.14.1

Asterisk Open Source>=17.0.0<17.8.1

Asterisk Open Source>=18.0.0<18.0.1

Digium Certified Asterisk=16.8

Digium Certified Asterisk=16.8-cert1-rc1

and 10 more

● CVE-2019-18610

An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated Asterisk Manager Interface (AMI) user without...

Digium Asterisk>=13.0.0<13.29.2

Digium Asterisk>=16.0.0<16.6.2

Digium Asterisk>=17.0.0<17.0.1

Digium Certified Asterisk=13.21.0

Digium Certified Asterisk=13.21.0-cert1

Digium Certified Asterisk=13.21.0-cert2

and 5 more

● CVE-2019-18790

An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x before 13.29.2, 16.x before 16.6.2, and 17.x before 17.0.1, and Certified Asterisk 13.21 before cert5. A SIP request can be sent...

Digium Asterisk>=13.0.0<13.29.2

Digium Asterisk>=16.0.0<16.6.2

Digium Asterisk>=17.0.0<17.0.1

Digium Certified Asterisk=13.21.0

Digium Certified Asterisk=13.21.0-cert1

Digium Certified Asterisk=13.21.0-cert2

and 5 more

● CVE-2019-18976

An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through 13.x and Certified Asterisk through 13.21-x. If it receives a re-invite initiating T.38 faxing and has a port of 0 and no c line ...

Digium Asterisk>=13.0.0<=13.29.1

Digium Certified Asterisk=13.21

Digium Certified Asterisk=13.21-cert1

Digium Certified Asterisk=13.21-cert2

Digium Certified Asterisk=13.21-cert3

Digium Certified Asterisk=13.21-cert4

and 1 more

● CVE-2019-13161

An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chan_sip wh...

Digium Certified Asterisk=1.8.0.0

Digium Certified Asterisk=1.8.0.0-beta1

Digium Certified Asterisk=1.8.0.0-beta2

Digium Certified Asterisk=1.8.0.0-beta3

Digium Certified Asterisk=1.8.0.0-beta4

Digium Certified Asterisk=1.8.0.0-beta5

and 211 more

● CVE-2018-17281

There is a stack consumption vulnerability in the res_http_websocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. I...

debian/asterisk<=1:13.22.0~dfsg-2<=1:13.14.1~dfsg-1

Digium Asterisk>=13.0.0<=13.23.0

Digium Asterisk>=14.0.0<=14.7.7

Digium Asterisk>=15.0.0<=15.6.0

Digium Certified Asterisk=11.6-cert12

Digium Certified Asterisk=11.6-cert13

and 29 more

● CVE-2018-12227

An issue was discovered in Asterisk Open Source 13.x before 13.21.1, 14.x before 14.7.7, and 15.x before 15.4.1 and Certified Asterisk 13.18-cert before 13.18-cert4 and 13.21-cert before 13.21-cert2. ...

debian/asterisk

Digium Asterisk>=13.0.0<13.21.1

Digium Asterisk>14.0.0<14.7.7

Digium Asterisk>=15.0.0<15.4.1

Digium Certified Asterisk=13.18-cert1

Digium Certified Asterisk=13.18-cert2

and 3 more

Latest digium certified asterisk Vulnerabilities

Company

Resources

Contact