Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

pjproject — Vulnerabilities & Security Advisories 37

All 37 CVE vulnerabilities found in pjproject, with AI-generated Chinese analysis, references, and POCs.

This page details known vulnerability aggregations for the pjproject library, a widely used open-source multimedia communication library often categorized under weakness types such as buffer overflows, memory corruption, and improper input validation. It systematically collects and organizes security issues affecting pjproject, covering advisory releases and public disclosures from the early 2000s through recent years up to the current date. By reviewing this curated data, users can efficiently track vendor security advisories to stay informed about critical patches and updates, gain a deeper understanding of specific weakness classes prevalent in this codebase, and examine the complete vulnerability history of the product to assess long-term security postures. The content is structured to help developers and system administrators identify patterns in reported flaws, understand the root causes of common exploitation vectors, and prioritize remediation efforts based on historical impact and severity. This resource serves as a centralized reference point for analyzing security trends specific to pjproject without requiring extensive manual search across multiple disparate sources. The aggregation includes details on affected versions, patch availability, and contextual risk assessments to facilitate informed decision-making regarding software maintenance and deployment strategies in environments relying on this multimedia framework.

Vendor: pjsip

CVE IDTitleCVSSSeverityPublished
CVE-2026-42225 GnuTLS backend silently skips certificate chain verification when verify_peer is false CWE-295 7.5AIHighAI2026-05-07
CVE-2026-41416 PJSIP: Asymmetric ptime integer overflow in Media Stream CWE-190 7.5AIHighAI2026-04-24
CVE-2026-41415 PJSIP: SIP Multipart CID URI Length Underflow CWE-125 9.1AICriticalAI2026-04-24
CVE-2026-40892 PJSIP: Stack buffer overflow in pjsip_auth_create_digest2() CWE-121 9.8AICriticalAI2026-04-21
CVE-2026-40614 PJSIP: Heap buffer overflow in Opus codec decoding CWE-122 7.5AIHighAI2026-04-21
CVE-2026-34235 PJSIP: Heap OOB read in VPX unpacketizer CWE-125 9.1AICriticalAI2026-03-31
CVE-2026-33069 PJSIP has an Out-of-bounds Read in SIP multipart parsing CWE-125 9.1 -2026-03-20
CVE-2026-32945 PJSIP is vulnerable to Heap-based Buffer Overflow through DNS parser CWE-122 9.1 -2026-03-20
CVE-2026-32942 PJSIP has ICE session use-after-free race conditions CWE-416 8.1 -2026-03-20
CVE-2026-28799 PJSIP: Heap use-after-free in PJSIP presence subscription termination handler CWE-416 9.8 -2026-03-06
CVE-2026-29068 PJSIP: Stack buffer overflow in Opus codec parser CWE-121 7.5 -2026-03-06
CVE-2026-26967 PJSIP has a Heap-based Buffer Overflow vulnerability in its H.264 unpacketizer CWE-122 9.8 -2026-02-20
CVE-2026-25994 PJSIP has a heap buffer overflow in ICE with long username CWE-120 9.8AICriticalAI2026-02-11
CVE-2025-65102 PJSIP is vulnerable to buffer overflow in Opus PLC CWE-120 6.5 -2025-11-21
CVE-2023-38703 PJSIP has use-after-free vulnerability in SRTP media transport CWE-416 9.8 Critical2023-10-06
CVE-2023-27585 PJSIP 安全漏洞 CWE-122 7.5 High2023-03-14
CVE-2022-23547 Heap buffer overflow in pjproject when decoding STUN message CWE-122 6.5 Medium2022-12-23
CVE-2022-23537 PJSIP vulnerable to heap buffer overflow when decoding STUN message CWE-122 6.5 Medium2022-12-20
CVE-2022-39244 Buffer overflow in pjlib scanner and pjmedia CWE-120 7.5 High2022-10-06
CVE-2022-39269 Media transport downgrade from the secure version (SRTP) to non-secure (RTP) in pjsip CWE-319 9.1 Critical2022-10-06
CVE-2022-31031 Potential stack buffer overflow when parsing message as a STUN client CWE-120 9.8 Critical2022-06-07
CVE-2022-24792 Potential infinite loop when parsing WAV format file in PJSIP CWE-835 7.5 High2022-04-25
CVE-2022-24793 Potential heap buffer overflow when parsing DNS packets in PJSIP CWE-120 7.5 High2022-04-06
CVE-2022-24786 Potential out-of-bound read/write in PJSIP CWE-125 9.8 Critical2022-04-06
CVE-2022-24763 Infinite Loop in PJSIP CWE-835 7.5 High2022-03-30
CVE-2022-24764 Stack buffer overflow in pjproject CWE-120 7.5 High2022-03-22
CVE-2022-24754 Buffer overflow in pjsip CWE-120 8.5 High2022-03-11
CVE-2022-23608 Use after free in PJSIP CWE-416 8.1 High2022-02-22
CVE-2022-21723 Out-of-bounds read in multipart parsing in PJSIP CWE-125 9.1 Critical2022-01-27
CVE-2022-21722 Potential out-of-bound read during RTP/RTCP parsing in PJSIP CWE-125 9.1 Critical2022-01-27

All 37 known CVE vulnerabilities affecting pjproject with full Chinese analysis, references, and POCs where available.