CVE-2020-35776

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-35776
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-35776.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-35776
Downstream
Published
2021-02-18T20:15:12.447Z
Modified
2026-03-20T11:37:14.566001Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A buffer overflow in respjsipdiversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote attacker to crash Asterisk by deliberately misusing SIP 181 responses.

References

Affected packages

Git / github.com/asterisk/asterisk

Affected ranges

Type
GIT
Repo
https://github.com/asterisk/asterisk
Events
Introduced
85335355efb2d7914a1fe20ed31afcef15fd210c
Last affected
3f100c22d4664012247efed391c595833a15d7ee
Introduced
a65908f83e2f17a3aca7eb39c8e06045aca02674
Last affected
105df4b089e19c7e296d425965623f3428720cd1
Introduced
5ffe12b6ef30cd503f85d75745fd8d9c2cfafe47
Last affected
1edb44b2a9e6d68cfccf4339044751c8830e1d14
Introduced
2c1bba3cbec008c8ce35c78a2c79f9f207ea58bc
Last affected
fd5b3a1b6f686db27f98281ec21a9c8fb04a787c
Database specific 
{
    "versions": [
        {
            "introduced": "13.0.0"
        },
        {
            "last_affected": "13.38.1"
        },
        {
            "introduced": "16.0.0"
        },
        {
            "last_affected": "16.15.1"
        },
        {
            "introduced": "17.0.0"
        },
        {
            "last_affected": "17.9.1"
        },
        {
            "introduced": "18.0"
        },
        {
            "last_affected": "18.1.1"
        }
    ]
}

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-35776.json"