pkg:Debian/asterisk

All known vulnerabilities

• CRITICAL9.8CVE-2026-40892PJSIP is a free and open source multimedia communication library written in C.
  from 0
• CRITICAL9.8CVE-2026-32945PJSIP is a free and open source multimedia communication library written in C.
  from 0
• CRITICAL9.8CVE-2026-25994PJSIP is a free and open source multimedia communication library written in C.
  from 0
• CRITICAL9.8Insecure Permissions vulnerability in asterisk v22 allows a remote attacker to execute arbitrary code via the action_createconfig function.
  from 0
• CRITICAL9.8PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C#, and Python languages.
  from 0, < 1:16.28.0~dfsg-0+deb11u4
• CRITICAL9.8PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, S…
  from 0, < 1:16.28.0~dfsg-0+deb11u2
• CRITICAL9.8asterisk - security update
  from 0, < 1:16.28.0~dfsg-0+deb10u2
• CRITICAL9.8asterisk - security update
  from 0, < 1:16.28.0~dfsg-0+deb11u2
• CRITICAL9.8asterisk - security update
  from 0, < 1:16.28.0~dfsg-0+deb11u2
• CRITICAL9.8PJSIP is a free and open source multimedia communication library written in C.
  from 0, < 1:16.28.0~dfsg-0+deb11u2
• CRITICAL9.8PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, S…
  from 0, < 1:16.28.0~dfsg-0+deb11u2
• CRITICAL9.8An issue was discovered in Asterisk through 19.x and Certified Asterisk through 16.8-cert13.
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• CRITICAL9.8PJSIP is a free and open source multimedia communication library written in C.
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• CRITICAL9.8PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, S…
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• CRITICAL9.8Buffer overflow in PJSUA API when calling pjsua_call_dump.
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• CRITICAL9.8Stack overflow in PJSUA API when calling pjsua_playlist_create.
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• CRITICAL9.8Stack overflow in PJSUA API when calling pjsua_recorder_create.
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• CRITICAL9.8Stack overflow in PJSUA API when calling pjsua_player_create.
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• CRITICAL9.8asterisk - security update
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• CRITICAL9.8asterisk - security update
  from 0, < 1:16.28.0~dfsg-0+deb10u1
• CRITICAL9.8asterisk - security update
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• CRITICAL9.8asterisk - security update
  from 0, < 1:1.8.13.1~dfsg1-3+deb7u7
• CRITICAL9.8asterisk - security update
  from 0, < 1:13.17.1~dfsg-1
• CRITICAL9.1PJSIP is a free and open source multimedia communication library written in C.
  from 0
• CRITICAL9.1PJSIP is a free and open source multimedia communication library written in C.
  from 0
• CRITICAL9.1PJSIP is a free and open source multimedia communication library written in C.
  from 0, < 1:16.28.0~dfsg-0+deb11u2
• CRITICAL9.1An SSRF issue was discovered in Asterisk through 19.x.
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• CRITICAL9.1Read out-of-bounds in PJSUA API when calling pjsua_recorder_create.
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• CRITICAL9.1PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, S…
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• CRITICAL9.1PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, S…
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• CRITICAL9.1PJSIP is a free and open source multimedia communication library.
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• HIGH8.8PJSIP is a free and open source multimedia communication library written in C.
  from 0
• HIGH8.8Asterisk is an open source private branch exchange and telephony toolkit.
  from 0, < 1:16.28.0~dfsg-0+deb11u9
• HIGH8.8asterisk - security update
  from 0, < 1:16.28.0~dfsg-0+deb11u5
• HIGH8.8asterisk - security update
  from 0, < 1:16.28.0~dfsg-0+deb11u5
• HIGH8.8asterisk - security update
  from 0, < 1:16.10.0~dfsg-1
• HIGH8.8asterisk - security update
  from 0, < 1:11.13.1~dfsg-2+deb8u7
• HIGH8.8A Buffer Overflow issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Aste…
  from 0, < 1:13.18.1~dfsg-1
• HIGH8.8Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.1…
  from 0, < 1:13.14.1~dfsg-1
• HIGH8.2asterisk - security update
  from 0, < 1:16.28.0~dfsg-0+deb11u4
• HIGH8.2asterisk - security update
  from 0, < 1:16.28.0~dfsg-0+deb10u4
• HIGH8.2asterisk - security update
  from 0, < 1:16.28.0~dfsg-0+deb11u4
• HIGH8.1PJSIP is a free and open source multimedia communication library written in C.
  from 0
• HIGH7.8Asterisk is an open source private branch exchange and telephony toolkit.
  from 0, < 1:16.28.0~dfsg-0+deb11u9
• HIGH7.8asterisk - security update
  from 0, < 1:16.28.0~dfsg-0+deb11u8
• HIGH7.8asterisk - security update
  from 0, < 1:16.28.0~dfsg-0+deb11u8
• HIGH7.8Asterisk is an open-source private branch exchange (PBX).
  from 0, < 1:16.28.0~dfsg-0+deb11u7
• HIGH7.5PJSIP is a free and open source multimedia communication library written in C.
  from 0
• HIGH7.5PJSIP is a free and open source multimedia communication library written in C.
  from 0
• HIGH7.5PJSIP is a free and open source multimedia communication library written in C.
  from 0
• HIGH7.5PJSIP is a free and open source multimedia communication library written in C.
  from 0
• HIGH7.5Asterisk is an open source private branch exchange and telephony toolkit.
  from 0, < 1:16.28.0~dfsg-0+deb11u4
• HIGH7.5ring - security update
  from 0, < 1:16.28.0~dfsg-0+deb11u3
• HIGH7.5ring - security update
  from 0, < 1:16.28.0~dfsg-0+deb10u3
• HIGH7.5ring - security update
  from 0, < 1:16.28.0~dfsg-0+deb11u3
• HIGH7.5In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/sr…
  from 0, < 1:16.28.0~dfsg-0+deb11u2
• HIGH7.5PJSIP is a free and open source multimedia communication library written in C.
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• HIGH7.5An issue was discovered in Asterisk through 19.x.
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• HIGH7.5PJSIP is a free and open source multimedia communication library written in C.
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• HIGH7.5pjproject - security update
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• HIGH7.5PJSIP is a free and open source multimedia communication library written in C.
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• HIGH7.5asterisk - security update
  from 0, < 1:13.14.1~dfsg-2+deb9u5
• HIGH7.5asterisk - security update
  from 0, < 1:16.16.1~dfsg-1+deb11u1
• HIGH7.5asterisk - security update
  from 0, < 1:16.16.1~dfsg-1+deb11u1
• HIGH7.5An issue was discovered in Sangoma Asterisk 16.x before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 1…
  from 0, < 1:16.16.1~dfsg-1
• HIGH7.5An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through 13.x and Certified Asterisk through 13.21-x.
  from 0, < 1:16.1.1~dfsg-1
• HIGH7.5asterisk allows calls on prohibited networks
  from 0, < 1:1.6.2.0~rc3-2
• HIGH7.5asterisk 13.10.0 is affected by: denial of service issues in asterisk.
  from 0, < 1:13.11.2~dfsg-1
• HIGH7.5asterisk - security update
  from 0, < 1:13.23.1~dfsg-1
• HIGH7.5asterisk - security update
  from 0, < 1:11.13.1~dfsg-2+deb8u6
• HIGH7.5A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk th…
  from 0, < 1:13.20.0~dfsg-1
• HIGH7.5An issue was discovered in Asterisk 13.18.4 and older, 14.7.4 and older, 15.1.4 and older, and 13.18-cert1 and older.
  from 0, < 1:13.18.5~dfsg-1
• HIGH7.5asterisk - security update
  from 0, < 1:13.18.3~dfsg-1
• HIGH7.5asterisk - security update
  from 0, < 1:1.8.13.1~dfsg1-3+deb7u8
• HIGH7.5asterisk - security update
  from 0, < 1:11.13.1~dfsg-2+deb8u5
• HIGH7.5asterisk - security update
  from 0, < 1:13.17.2~dfsg-1
• HIGH7.5asterisk - security update
  from 0, < 1:11.13.1~dfsg-2+deb8u4
• HIGH7.5asterisk - security update
  from 0, < 1:13.17.1~dfsg-1
• HIGH7.5asterisk - security update
  from 0, < 1:11.13.1~dfsg-2+deb8u3
• HIGH7.5In the pjsip channel driver (res_pjsip) in Asterisk 13.x before 13.17.1 and 14.x before 14.6.1, a carefully crafted tel URI in a From, To,…
  from 0, < 1:13.17.1~dfsg-1
• HIGH7.5A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13 be…
  from 0, < 1:13.14.1~dfsg-2
• HIGH7.5chain_sip in Asterisk Open Source 11.x before 11.23.1 and 13.x 13.11.1 and Certified Asterisk 11.6 before 11.6-cert15 and 13.8 before 13.8-…
  from 0, < 1:13.11.2~dfsg-1
• HIGH7.5The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and Asterisk Appliance Developer Kit before 0…
  from 0, < 1:1.4.9~dfsg-1
• HIGH7.3PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, S…
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• MEDIUM6.5PJSIP is a free and open source multimedia communication library.
  from 0
• MEDIUM6.5Asterisk is an open source private branch exchange and telephony toolkit.
  from 0, < 1:16.28.0~dfsg-0+deb11u9
• MEDIUM6.5Asterisk is an open source private branch exchange and telephony toolkit.
  from 0, < 1:16.28.0~dfsg-0+deb11u8
• MEDIUM6.5asterisk - security update
  from 0, < 1:16.28.0~dfsg-0+deb11u7
• MEDIUM6.5asterisk - security update
  from 0, < 1:16.28.0~dfsg-0+deb11u7
• MEDIUM6.5A use-after-free in res_pjsip_pubsub.c in Sangoma Asterisk 16.28, 18.14, 19.6, and certified/18.9-cert2 may allow a remote authenticated at…
  from 0, < 1:16.28.0~dfsg-0+deb11u2
• MEDIUM6.5res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7…
  from 0, < 1:16.28.0~dfsg-0+deb11u1
• MEDIUM6.5A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote attacker to cras…
  from 0, < 1:16.16.1~dfsg-1
• MEDIUM6.5An issue was discovered in res_pjsip_diversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0,…
  from 0, < 1:16.15.1~dfsg-1
• MEDIUM6.5An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and Ce…
  from 0, < 1:16.15.0~dfsg-1
• MEDIUM6.5An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x before 13.29.2, 16.x before 16.6.2, and 17.x before 17.0.1, and Cer…
  from 0, < 1:16.10.0~dfsg-1
• MEDIUM6.5res_pjsip_t38 in Sangoma Asterisk 15.x before 15.7.4 and 16.x before 16.5.1 allows an attacker to trigger a crash by sending a declined str…
  from 0, < 1:16.10.0~dfsg-1
• MEDIUM6.5Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authentic…
  from 0, < 1:16.2.1~dfsg-2
• MEDIUM6.5An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 a…
  from 0, < 1:16.2.1~dfsg-1
• MEDIUM6.5An issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cer…
  from 0, < 1:13.20.0~dfsg-1
• MEDIUM6.5Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 1…
  from 0, < 1:13.7.2~dfsg-1