Security Advisories

Stay up to date with the latest security advisories for the
Asterisk Project.

Heap buffer overflow when decoding STUN message in pjproject (GHSA-4xjp-22g4-9fxm)

July 7, 2023

https://github.com/asterisk/asterisk/security/advisories/GHSA-4xjp-22g4-9fxm

https://github.com/asterisk/asterisk/issues/188

AST-2022-009: GetConfig AMI Action can read files outside of Asterisk directory

December 1, 2022

http://downloads.asterisk.org/pub/security/AST-2022-009.html

http://issues.asterisk.org/jira/browse/ASTERISK-30176

AST-2022-008: Use after free in res_pjsip_pubsub.c

December 1, 2022

https://downloads.asterisk.org/pub/security/AST-2022-008.html

https://issues.asterisk.org/jira/browse/ASTERISK-30244

AST-2022-007: Remote Crash Vulnerability in H323 channel add on

December 1, 2022

https://downloads.asterisk.org/pub/security/AST-2022-007.html

https://issues.asterisk.org/jira/browse/ASTERISK-30103

AST-2022-001: res_stir_shaken – Resource exhaustion with large files

April 14, 2022

https://downloads.asterisk.org/pub/security/AST-2022-001.html

https://issues.asterisk.org/jira/browse/ASTERISK-29872