Vulnerabilities > Asterisk > Certified Asterisk > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-30 | CVE-2021-46837 | NULL Pointer Dereference vulnerability in multiple products res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7, allows an attacker to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by Asterisk. | 6.5 |
| 2020-11-06 | CVE-2020-28242 | Uncontrolled Recursion vulnerability in multiple products An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and Certified Asterisk before 16.8-cert5. | 6.5 |