{"vulnerability": "cve-2023-38703", "sightings": [{"uuid": "f617b83d-60d8-4043-bcc4-9f9c5e472ea3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38703", "type": "seen", "source": "https://t.me/cibsecurity/71732", "content": "\u203c CVE-2023-38703 \u203c\n\nPJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C#, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not synchronized with its lower level transport that may introduce use-after-free issue. This vulnerability affects applications that have SRTP capability (`PJMEDIA_HAS_SRTP` is set) and use underlying media transport other than UDP. This vulnerability\u00e2\u20ac\u2122s impact may range from unexpected application termination to control flow hijack/memory corruption. The patch is available as a commit in the master branch.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-06T18:13:46.000000Z"}]}