vulnerability
FreeBSD: VID-8DD438ED-A338-11ED-B48B-589CFC0F81B0 (CVE-2022-37325): Asterisk -- multiple vulnerabilities
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Dec 1, 2022 | Feb 4, 2023 | Jan 28, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Dec 1, 2022
Added
Feb 4, 2023
Modified
Jan 28, 2025
Description
In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/src/ooq931.c with a malformed Calling or Called Party IE can cause a crash.
Solution
freebsd-upgrade-package-asterisk18
References

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.