Skip to main content

Belle Sip

3 CVEs product

Monthly

CVE-2021-43611 HIGH PATCH This Week

Belledonne Belle-sip before 5.0.20 can crash applications such as Linphone via " \ " in the display name of a From header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Belle Sip
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-43610 HIGH PATCH This Week

Belledonne Belle-sip before 5.0.20 can crash applications such as Linphone via an invalid From header (request URI without a parameter) in an unauthenticated SIP message, a different issue than. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

Request Smuggling Denial Of Service Belle Sip
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-33056 HIGH PATCH This Week

Belledonne Belle-sip before 4.5.20, as used in Linphone and other products, can crash via an invalid From header in a SIP message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

Request Smuggling Denial Of Service Belle Sip
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Belledonne Belle-sip before 5.0.20 can crash applications such as Linphone via " \ " in the display name of a From header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Belle Sip
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Belledonne Belle-sip before 5.0.20 can crash applications such as Linphone via an invalid From header (request URI without a parameter) in an unauthenticated SIP message, a different issue than. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

Request Smuggling Denial Of Service Belle Sip
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Belledonne Belle-sip before 4.5.20, as used in Linphone and other products, can crash via an invalid From header in a SIP message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

Request Smuggling Denial Of Service Belle Sip
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy