ALPINE-CVE-2022-21722

See a problem?
Please try reporting it to the source first.

Source

https://security.alpinelinux.org/vuln/CVE-2022-21722

Import Source

https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2022-21722.json

JSON Data

https://api.osv.dev/v1/vulns/ALPINE-CVE-2022-21722

Upstream

CVE-2022-21722

Published

2022-01-27T00:15:07.653Z

Modified

2025-11-19T06:19:46.914484Z

Severity

9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVSS Calculator

Summary

[none]

Details

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.11.1 and prior, there are various cases where it is possible that certain incoming RTP/RTCP packets can potentially cause out-of-bound read access. This issue affects all users that use PJMEDIA and accept incoming RTP/RTCP. A patch is available as a commit in the master branch. There are no known workarounds.

References

https://security.alpinelinux.org/vuln/CVE-2022-21722

Affected packages

Alpine:v3.16

pjproject

Package

Name: pjproject
Purl: pkg:apk/alpine/pjproject?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.12-r0

Affected versions

1.*

1.0.1-r0

1.4-r0

1.4-r1

1.6-r0

1.6-r1

1.6-r2

1.10-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.2.1-r0

2.3-r0

2.4-r0

2.4.5-r0

2.5.5-r0

2.5.5-r1

2.5.5-r2

2.5.5-r3

2.5.5-r4

2.7.2-r0

2.7.2-r1

2.7.2-r2

2.7.2-r3

2.7.2-r4

2.8-r0

2.9-r0

2.11-r0

2.11.1-r0

2.11.1-r1

2.11.1-r2

Alpine:v3.17

pjproject

Package

Name: pjproject
Purl: pkg:apk/alpine/pjproject?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.12-r0

Affected versions

1.*

1.0.1-r0

1.4-r0

1.4-r1

1.6-r0

1.6-r1

1.6-r2

1.10-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.2.1-r0

2.3-r0

2.4-r0

2.4.5-r0

2.5.5-r0

2.5.5-r1

2.5.5-r2

2.5.5-r3

2.5.5-r4

2.7.2-r0

2.7.2-r1

2.7.2-r2

2.7.2-r3

2.7.2-r4

2.8-r0

2.9-r0

2.11-r0

2.11.1-r0

2.11.1-r1

2.11.1-r2

Alpine:v3.18

pjproject

Package

Name: pjproject
Purl: pkg:apk/alpine/pjproject?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.12-r0

Affected versions

1.*

1.0.1-r0

1.4-r0

1.4-r1

1.6-r0

1.6-r1

1.6-r2

1.10-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.2.1-r0

2.3-r0

2.4-r0

2.4.5-r0

2.5.5-r0

2.5.5-r1

2.5.5-r2

2.5.5-r3

2.5.5-r4

2.7.2-r0

2.7.2-r1

2.7.2-r2

2.7.2-r3

2.7.2-r4

2.8-r0

2.9-r0

2.11-r0

2.11.1-r0

2.11.1-r1

2.11.1-r2

Alpine:v3.19

pjproject

Package

Name: pjproject
Purl: pkg:apk/alpine/pjproject?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.12-r0

Affected versions

1.*

1.0.1-r0

1.4-r0

1.4-r1

1.6-r0

1.6-r1

1.6-r2

1.10-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.2.1-r0

2.3-r0

2.4-r0

2.4.5-r0

2.5.5-r0

2.5.5-r1

2.5.5-r2

2.5.5-r3

2.5.5-r4

2.7.2-r0

2.7.2-r1

2.7.2-r2

2.7.2-r3

2.7.2-r4

2.8-r0

2.9-r0

2.11-r0

2.11.1-r0

2.11.1-r1

2.11.1-r2

Alpine:v3.20

pjproject

Package

Name: pjproject
Purl: pkg:apk/alpine/pjproject?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.12-r0

Affected versions

1.*

1.0.1-r0

1.4-r0

1.4-r1

1.6-r0

1.6-r1

1.6-r2

1.10-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.2.1-r0

2.3-r0

2.4-r0

2.4.5-r0

2.5.5-r0

2.5.5-r1

2.5.5-r2

2.5.5-r3

2.5.5-r4

2.7.2-r0

2.7.2-r1

2.7.2-r2

2.7.2-r3

2.7.2-r4

2.8-r0

2.9-r0

2.11-r0

2.11.1-r0

2.11.1-r1

2.11.1-r2

Alpine:v3.21

pjproject

Package

Name: pjproject
Purl: pkg:apk/alpine/pjproject?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.12-r0

Affected versions

1.*

1.0.1-r0

1.4-r0

1.4-r1

1.6-r0

1.6-r1

1.6-r2

1.10-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.2.1-r0

2.3-r0

2.4-r0

2.4.5-r0

2.5.5-r0

2.5.5-r1

2.5.5-r2

2.5.5-r3

2.5.5-r4

2.7.2-r0

2.7.2-r1

2.7.2-r2

2.7.2-r3

2.7.2-r4

2.8-r0

2.9-r0

2.11-r0

2.11.1-r0

2.11.1-r1

2.11.1-r2

Alpine:v3.22

pjproject

Package

Name: pjproject
Purl: pkg:apk/alpine/pjproject?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.12-r0

Affected versions

1.*

1.0.1-r0

1.4-r0

1.4-r1

1.6-r0

1.6-r1

1.6-r2

1.10-r0

2.*

2.0-r0

2.1-r0

2.2-r0

2.2.1-r0

2.3-r0

2.4-r0

2.4.5-r0

2.5.5-r0

2.5.5-r1

2.5.5-r2

2.5.5-r3

2.5.5-r4

2.7.2-r0

2.7.2-r1

2.7.2-r2

2.7.2-r3

2.7.2-r4

2.8-r0

2.9-r0

2.11-r0

2.11.1-r0

2.11.1-r1

2.11.1-r2