Dhkts1

**Name of the Vulnerable Software and Affected Versions** PJSIP versions prior to 2.17 **Description** An out-of-bounds read occurs when parsing a malformed Content-ID URI in a SIP multipart message body. This is caused by insufficient length validation, which allows reads to extend beyond the intended buffer bounds. **Recommendations** Update to version 2.17.

**Name of the Vulnerable Software and Affected Versions** PJSIP versions prior to 2.17 **Description** An integer overflow occurs in the media stream buffer size calculation when processing Session Description Protocol (SDP) with asymmetric ptime configuration. This overflow can lead to an undersized buffer allocation, potentially resulting in memory corruption or unexpected application termination. **Recommendations** Update to version 2.17.

**Name of the Vulnerable Software and Affected Versions** PJSIP versions 2.16 and below **Description** PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free issue in the ICE session. This occurs when race conditions happen between session destruction and callbacks. **Recommendations** Update to version 2.17 or later.