Resiprocate vulnerabilities
5 known vulnerabilities affecting resiprocate/resiprocate.
Total CVEs
5
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2018-12584P2CRITICALCVSS 9.8PoC≤ 1.10.22018-07-16
CVE-2018-12584 [CRITICAL] CWE-120 CVE-2018-12584: The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate throu
The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service (buffer overflow) or possibly execute arbitrary code when TLS communication is enabled.
nvd
CVE-2017-11521P3HIGHCVSS 7.5PoCv1.10.22017-07-22
CVE-2017-11521 [HIGH] CWE-400 CVE-2017-11521: The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1.10.
The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote attackers to cause a denial of service (memory consumption) by triggering many media connections.
nvd
CVE-2008-3210P4MEDIUMCVSS 5.0PoCv1.3.22008-07-18
CVE-2008-3210 [MEDIUM] CWE-20 CVE-2008-3210: rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a den
rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a denial of service (daemon crash) via a SIP (1) INVITE or (2) OPTIONS message with a long domain name in a request URI, which triggers an assert error.
nvd
CVE-2017-9454P4HIGHCVSS 7.5≤ 1.10.2v1.11.0+1 more2017-08-18
CVE-2017-9454 [HIGH] CWE-125 CVE-2017-9454: Buffer overflow in the ares_parse_a_reply function in the embedded ares library in ReSIProcate befor
Buffer overflow in the ares_parse_a_reply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted DNS response.
nvd
CVE-2008-3199P4HIGHCVSS 7.8≤ 1.3.3v1.3.0+2 more2008-07-17
CVE-2008-3199 [HIGH] CWE-20 CVE-2008-3199: Multiple unspecified vulnerabilities in ReSIProcate before 1.3.4 allow remote attackers to cause a d
Multiple unspecified vulnerabilities in ReSIProcate before 1.3.4 allow remote attackers to cause a denial of service (stack consumption) via unknown network traffic with a large "bytes-in-memory/bytes-on-wire ratio."
nvd