QwikSec

Security Database

CVE

CWE

Training

CVE-2021-43303

Published: Feb 16, 2022

Modified: Nov 4, 2025

PUBLISHED

Description

Buffer overflow in PJSUA API when calling pjsua_call_dump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument supplied

Vendor	Product	Versions
teluu	pjsip	affected `unspecified - <= 2.11.1`

Weaknesses (CWE)

References

https://github.com/pjsip/pjproject/security/advisories/GHSA-qcvw-h34v-c7r9

[debian-lts-announce] 20220328 [SECURITY] [DLA 2962-1] pjproject security update

mailing-list

[debian-lts-announce] 20221117 [SECURITY] [DLA 3194-1] asterisk security update

mailing-list

vendor-advisory

[debian-lts-announce] 20230829 [SECURITY] [DLA 3549-1] ring security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.