CVE-2020-13901

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-13901
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-13901.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-13901
Downstream
Published
2020-06-10T22:15:11.467Z
Modified
2025-11-14T10:40:30.142675Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janussdpmerge in sdp.c has a stack-based buffer overflow.

References

Affected packages

Git / github.com/meetecho/janus-gateway

Affected ranges

Type
GIT
Repo
https://github.com/meetecho/janus-gateway
Events
Introduced
6435c70839f1f1abe72f4e9ff0091f09ded8ef15
Last affected
30316fb78720bcf3b12cecea314e16a93915128a

Affected versions

v0.*
v0.10.0
v0.3.0
v0.3.1
v0.4.0-broken
v0.4.1
v0.4.2
v0.4.3
v0.4.4
v0.4.5
v0.5.0
v0.6.0
v0.6.1
v0.6.2
v0.6.3
v0.7.0
v0.7.1
v0.7.2
v0.7.3
v0.7.4
v0.7.5
v0.7.6
v0.8.0
v0.8.1
v0.8.2
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-13901.json"