CVE-2021-32611 — Vulnetix

CVE-2021-32611 PUBLISHED

A NULL pointer dereference vulnerability exists in eXcall_api.c in Antisip eXosip2 through 5.2.0 when handling certain 3xx redirect responses.

EPSS 0.34% · 56.7th percentile

Risk Scores

EPSS Score

0.34%

56.7th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:18.04:LTS	libexosip2	0, 4.1.0-2.1ubuntu1, 4.1.0-2.2~build1
Ubuntu:16.04:LTS	libexosip2	0, 4.1.0-2

Exploit Intelligence

http://git.savannah.nongnu.org/cgit/exosip.git/commit/?id=f2ed389fe84613512cc560127883e51e6cf8c054 (circl)

Timeline

May 12, 2021 CVE Published
May 13, 2021 EPSS Score
Jul 16, 2021 EPSS Score
Sep 15, 2021 EPSS Score
Nov 16, 2021 EPSS Score
Jan 17, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Mar 20, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 22, 2022 EPSS Score
Sep 22, 2022 EPSS Score

References

https://ubuntu.com/security/CVE-2021-32611 third-party-advisory
http://git.savannah.nongnu.org/cgit/exosip.git/commit/?id=f2ed389fe84613512cc560127883e51e6cf8c054 third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2021-32611 third-party-advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›