ГлавнаяУязвимости → CVE-2026-32942
8.1высокая

CVE-2026-32942

Описание

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between session destruction and the callbacks. This issue has been fixed in version 2.17.

Затрагиваемое ПО
Pjsip Pjsip
CVSS
Балл8.1 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/pjsip/pjproject/commit/c9caceddabda7f18337b2a82d25d65f6224b450ahttps://github.com/pjsip/pjproject/issues/1451https://github.com/pjsip/pjproject/security/advisories/GHSA-g88q-c2hm-q7p7