Security Advisories

Stay up to date with the latest security advisories for the
Asterisk Project.

PJSIP_HEADER dialplan function can overwrite memory/cause crash when using ‘update’ (GHSA-98rc-4j27-74hh)

December 20, 2023

PJSIP logging allows attacker to inject fake Asterisk log entries (GHSA-5743-x3p5-3rg7)

December 20, 2023

Asterisk susceptible to Denial of Service via DTLS Hello packets during call initiation (GHSA-hxj9-xwr8-w8pq)

December 20, 2023

Path traversal via AMI GetConfig allows access to outside files (GHSA-8857-hfmw-vg8f)

December 20, 2023

Heap buffer overflow when decoding STUN message in pjproject (GHSA-4xjp-22g4-9fxm)

July 7, 2023

What can we help you find?