Aggregates CVE and security vulnerability intelligence across all resiprocate-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow and vendor risk input validation and related security problems, affecting vendor surface software deployment and vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2018-12584 | The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service (buffer overflow) or possibly execute arbitrary code when TLS communication is enabled. | [email protected] | 9.8 | 25.19% | 2018-07-16 | 2024-11-21 |
| CVE-2017-9454 | Buffer overflow in the ares_parse_a_reply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted DNS response. | [email protected] | 7.5 | 0.79% | 2017-08-18 | 2026-05-13 |
| CVE-2017-11521 | The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote attackers to cause a denial of service (memory consumption) by triggering many media connections. | [email protected] | 7.5 | 1.63% | 2017-07-22 | 2026-05-13 |
| CVE-2008-3210 | rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a denial of service (daemon crash) via a SIP (1) INVITE or (2) OPTIONS message with a long domain name in a request URI, which triggers an assert error. | [email protected] | 5.0 | 13.04% | 2008-07-18 | 2026-04-23 |
| CVE-2008-3199 | Multiple unspecified vulnerabilities in ReSIProcate before 1.3.4 allow remote attackers to cause a denial of service (stack consumption) via unknown network traffic with a large "bytes-in-memory/bytes-on-wire ratio." | [email protected] | 7.8 | 0.66% | 2008-07-17 | 2026-04-23 |