Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 18.26.4 and 18.9-cert17, RTP UDP ports and internal resources can leak due to a lack of session termination. This could result in leaks and resource exhaustion. This issue has been patched in versions 18.26.4 and 18.9-cert17.
2025-08-28T15:16:02.500
2025-11-03T18:17:00.357
Modified
CVSSv3.1: 6.5 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | sangoma | asterisk | < 18.26.4 | Yes |
| Application | sangoma | certified_asterisk | < 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |
| Application | sangoma | certified_asterisk | 18.9 | Yes |