Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-p4m7-21w6-cqep
Vulnerability ID VCID-p4m7-21w6-cqep
Aliases CVE-2022-24793
Summary
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
System Score Found at
epss 0.00566 https://api.first.org/data/v1/epss?cve=CVE-2022-24793
cvssv3.1 7.5 https://github.com/pjsip/pjproject/commit/9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a
ssvc Track https://github.com/pjsip/pjproject/commit/9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a
cvssv3.1 7.5 https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4
ssvc Track https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4
cvssv3.1 7.5 https://lists.debian.org/debian-lts-announce/2022/05/msg00047.html
ssvc Track https://lists.debian.org/debian-lts-announce/2022/05/msg00047.html
cvssv3.1 7.5 https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html
ssvc Track https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html
cvssv3.1 7.5 https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html
ssvc Track https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html
cvssv3.1 7.5 https://security.gentoo.org/glsa/202210-37
ssvc Track https://security.gentoo.org/glsa/202210-37
cvssv3.1 7.5 https://www.debian.org/security/2022/dsa-5285
ssvc Track https://www.debian.org/security/2022/dsa-5285
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2022-24793
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
1014976 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976
1014998 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998
9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a https://github.com/pjsip/pjproject/commit/9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a
dsa-5285 https://www.debian.org/security/2022/dsa-5285
GHSA-p6g5-v97c-w5q4 https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4
GLSA-202210-37 https://security.gentoo.org/glsa/202210-37
msg00021.html https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html
msg00038.html https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html
msg00047.html https://lists.debian.org/debian-lts-announce/2022/05/msg00047.html
USN-6422-1 https://usn.ubuntu.com/6422-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/pjsip/pjproject/commit/9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/ Found at https://github.com/pjsip/pjproject/commit/9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/ Found at https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.debian.org/debian-lts-announce/2022/05/msg00047.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/ Found at https://lists.debian.org/debian-lts-announce/2022/05/msg00047.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/ Found at https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/ Found at https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://security.gentoo.org/glsa/202210-37
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/ Found at https://security.gentoo.org/glsa/202210-37
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.debian.org/security/2022/dsa-5285
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/ Found at https://www.debian.org/security/2022/dsa-5285
Exploit Prediction Scoring System (EPSS)
Percentile 0.68779
EPSS Score 0.00566
Published At May 29, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-29T09:40:37.258343+00:00 Alpine Linux Importer Import https://secdb.alpinelinux.org/v3.21/main.json 38.6.0