Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-12207

Опубликовано: 27 окт. 2025
Источник: ubuntu
Приоритет: medium
CVSS2: 1.7
CVSS3: 3.3

Описание

A vulnerability has been found in Kamailio 5.5. This affects the function yyerror_at of the file src/core/cfg.y of the component Grammar Rule Handler. Such manipulation leads to null pointer dereference. The attack needs to be performed locally. The exploit has been disclosed to the public and may be used. The actual existence of this vulnerability is currently in question. This attack requires manipulating config files which might not be a realistic scenario in many cases. The vendor was contacted early about this disclosure but did not respond in any way.

РелизСтатусПримечание
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

jammy

needs-triage

noble

needs-triage

plucky

ignored

end of life, was needs-triage
questing

needs-triage

Показывать по

Ссылки на источники

1.7 Low

CVSS2

3.3 Low

CVSS3

Связанные уязвимости

nvd логотип

CVE-2025-12207

CVSS3: 3.3
nvd
3 месяца назад

A vulnerability has been found in Kamailio 5.5. This affects the function yyerror_at of the file src/core/cfg.y of the component Grammar Rule Handler. Such manipulation leads to null pointer dereference. The attack needs to be performed locally. The exploit has been disclosed to the public and may be used. The actual existence of this vulnerability is currently in question. This attack requires manipulating config files which might not be a realistic scenario in many cases. The vendor was contacted early about this disclosure but did not respond in any way.

debian логотип

CVE-2025-12207

CVSS3: 3.3
debian
3 месяца назад

A vulnerability has been found in Kamailio 5.5. This affects the funct ...

github логотип

GHSA-c7cc-4r75-qhxm

CVSS3: 3.3
github
3 месяца назад

A vulnerability has been found in Kamailio 5.5. This affects the function yyerror_at of the file src/core/cfg.y of the component Grammar Rule Handler. Such manipulation leads to null pointer dereference. The attack needs to be performed locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

1.7 Low

CVSS2

3.3 Low

CVSS3