Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Certified_asterisk
(Digium)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 51 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-04-15 | CVE-2022-26651 | An issue was discovered in Asterisk through 19.x and Certified Asterisk through 16.8-cert13. The func_odbc module provides possibly inadequate escaping functionality for backslash characters in SQL queries, resulting in user-provided data creating a broken SQL query or possibly a SQL injection. This is fixed in 16.25.2, 18.11.2, and 19.3.2, and 16.8-cert14. | Debian_linux, Asterisk, Certified_asterisk | 9.8 | ||
2019-11-22 | CVE-2019-18610 | An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated Asterisk Manager Interface (AMI) user without system authorization could use a specially crafted Originate AMI request to execute arbitrary system commands. | Debian_linux, Asterisk, Certified_asterisk | 8.8 |