Sangoma Certified_asterisk
15 CVEs affecting Sangoma Certified_asterisk. Latest disclosed: 2026-02-06. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-1131 | High | 7.8 | 2025-09-23 | A local privilege escalation vulnerability exists in the safe_asterisk script included with the Asterisk toolkit package. When Asterisk is started via this scr… |
CVE-2025-47780 | High | 7.8 | 2025-05-22 | Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-… |
CVE-2025-47779 | High | 7.7 | 2025-05-22 | Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-… |
CVE-2023-49786 | High | 7.5 | 2023-12-14 | Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1; as well as certified-aster… |
CVE-2023-37457 | High | 7.5 | 2023-12-14 | Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as ceri… |
CVE-2025-54995 | Medium | 6.5 | 2025-08-28 | Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 18.26.4 and 18.9-cert17, RTP UDP ports and internal resources can l… |
CVE-2025-49832 | Medium | 6.5 | 2025-08-01 | Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including 18.26.2, between 20.00.0 and 20.15.0, 20.7-cert6, 21… |
CVE-2022-42705 | Medium | 6.5 | 2022-12-05 | A use-after-free in res_pjsip_pubsub.c in Sangoma Asterisk 16.28, 18.14, 19.6, and certified/18.9-cert2 may allow a remote authenticated attacker to crash Aste… |
CVE-2024-42491 | Medium | 5.7 | 2024-09-05 | Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.24.3, 20.9.3, and 21.4.3 of Asterisk and versions 18.9-cert12 and 20.7-cert2 of… |
CVE-2023-49294 | Medium | 4.9 | 2023-12-14 | Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-aster… |
CVE-2022-42706 | Medium | 4.9 | 2022-12-05 | An issue was discovered in Sangoma Asterisk through 16.28, 17 and 18 through 18.14, 19 through 19.6, and certified through 18.9-cert1. GetConfig, via Asterisk… |
CVE-2026-23738 | Low | 3.5 | 2026-02-06 | Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, user supplied/con… |
CVE-2026-23739 | Low | 2.0 | 2026-02-06 | Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the ast_xml_open(… |
CVE-2026-23741 | Unrated | | 2026-02-06 | Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the asterisk/cont… |
CVE-2026-23740 | Unrated | | 2026-02-06 | Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, when ast_coredump… |