FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Asterisk -- multiple vulnerabilities

Affected packages
asterisk18 < 18.15.1

Details

VuXML ID 8dd438ed-a338-11ed-b48b-589cfc0f81b0
Discovery 2022-12-01
Entry 2023-02-02

The Asterisk project reports:

AST-2022-007: Remote Crash Vulnerability in H323 channel add on

AST-2022-008: Use after free in res_pjsip_pubsub.c

AST-2022-009: GetConfig AMI Action can read files outside of Asterisk directory

References

CVE Name CVE-2022-37325
CVE Name CVE-2022-42705
CVE Name CVE-2022-42706
URL https://downloads.asterisk.org/pub/security/AST-2022-007.html
URL https://downloads.asterisk.org/pub/security/AST-2022-008.html
URL https://downloads.asterisk.org/pub/security/AST-2022-009.html