CVE-2023-27597
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-27597
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-27597.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-27597
- Aliases
-
- GHSA-358f-935m-7p9c
- Downstream
- Published
- 2023-03-15T20:17:20.536Z
- Modified
- 2025-12-04T23:44:45.014036Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- OpenSIPS has vulnerability in the parse_uri() function
- Details
-
OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.8 and 3.2.5, when a specially crafted SIP message is processed by the function
rewrite_ruri, a crash occurs due to a segmentation fault. This issue causes the server to crash. It affects configurations containing functions that make use of the affected code, such as the functionsetport. This issue has been fixed in version 3.1.8 and 3.2.5. - Database specific
{ "cwe_ids": [ "CWE-20" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/27xxx/CVE-2023-27597.json", "cna_assigner": "GitHub_M" }- References