What the vulnerability does

01Description

Buffer overflow in PJSUA API when calling pjsua_call_dump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument supplied

Key dates

02Disclosure timeline

February 16, 2022 CVE published
November 4, 2025 Record updated