CVE-2021-43610

HIGH

Belledonne Belle-sip <5.0.20 - DoS

Title source: llm

Description

Belledonne Belle-sip before 5.0.20 can crash applications such as Linphone via an invalid From header (request URI without a parameter) in an unauthenticated SIP message, a different issue than CVE-2021-33056.

References (2)

[Patch, Third Party Advisory] https://github.com/BelledonneCommunications/belle-sip/commit/d3f0651531e45e91c2e60f3a16a8b612802e5d2d

View Patch ZIP pw:eip

[Patch, Third Party Advisory] https://github.com/BelledonneCommunications/belle-sip/compare/5.0.18...5.0.20

Scores

CVSS v3 7.5

EPSS 0.0053

EPSS Percentile 67.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-444

Status published

Products (1)

linphone/belle-sip < 5.0.20

Published Nov 12, 2021

Tracked Since Feb 18, 2026