{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T19:46:17.310","vulnerabilities":[{"cve":{"id":"CVE-2025-57767","sourceIdentifier":"security-advisories@github.com","published":"2025-08-28T16:15:35.410","lastModified":"2025-10-20T17:51:12.860","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.15.2, 21.10.2, and 22.5.2, if a SIP request is received with an Authorization header that contains a realm that wasn't in a previous 401 response's WWW-Authenticate header, or an Authorization header with an incorrect realm was received without a previous 401 response being sent, the get_authorization_header() function in res_pjsip_authenticator_digest will return a NULL. This wasn't being checked before attempting to get the digest algorithm from the header which causes a SEGV. This issue has been patched in versions 20.15.2, 21.10.2, and 22.5.2. There are no workarounds."},{"lang":"es","value":"Asterisk es una centralita privada y un kit de herramientas de telefonía de código abierto. Antes de las versiones 20.15.2, 21.10.2 y 22.5.2, si se recibe una solicitud SIP con una cabecera de autorización que contiene un *realm* que no estaba en la cabecera WWW-Authenticate de una respuesta 401 anterior, o si se recibe una cabecera de autorización con un *realm* incorrecto sin que se haya enviado una respuesta 401 anterior, la función 'get_authorization_header()' en 'res_pjsip_authenticator_digest' devolverá un valor NULL. Esto no se estaba verificando antes de intentar obtener el algoritmo de *digest* de la cabecera, lo que provoca un SEGV. Este problema ha sido parcheado en las versiones 20.15.2, 21.10.2 y 22.5.2. No hay soluciones alternativas."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-253"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*","versionEndExcluding":"20.15.2","matchCriteriaId":"3B5E2999-8025-49CD-8667-A65ABD7F008F"},{"vulnerable":true,"criteria":"cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*","versionStartIncluding":"21.0.0","versionEndExcluding":"21.10.2","matchCriteriaId":"F46E463F-50A4-46C8-85EE-A60428426BD9"},{"vulnerable":true,"criteria":"cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*","versionStartIncluding":"22.0.0","versionEndExcluding":"22.5.2","matchCriteriaId":"B2B756F9-32E5-4A5C-A25A-9FE9364B0BAB"}]}]}],"references":[{"url":"https://github.com/asterisk/asterisk/commit/02993717b08f899d4aca9888062f35dfb198584f","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/asterisk/asterisk/pull/1407","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-64qc-9x89-rx5j","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}