CVE-2024-53566

An issue in the action_listcategories() function of Sangoma Asterisk v22/22.0.0/22.0.0-rc1/22.0.0-rc2/22.0.0-pre1 allows attackers to execute a path traversal.

References

Affected packages

Git / github.com/asterisk/asterisk

Affected ranges

Type

GIT

Repo

https://github.com/asterisk/asterisk

Events

Introduced

Last affected

8e4a09f71162ebc1e4bb2159dfc638aa2328047c

Introduced

Last affected

31b8dc09238d916be18d93dc7dda30711e636c17

Introduced

Last affected

7c1687ba12c7a16c53d3a169eb997fae74c6037e

Introduced

Last affected

4473ed52563f683c45637919f9b4330457a33814

Introduced

Last affected

affbc6907eb544bc6e049085de91002ca24ff930

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "22.0.0-NA"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "22.0.0-pre1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "22.0.0-rc1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "22.0.0-rc2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "11.0"
        }
    ]
}

Affected versions

22.*

22.0.0

22.0.0-pre1

22.0.0-rc1

22.0.0-rc2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-53566.json"