Package Instance

reference_id

dsa-5285

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:53Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-ffff-m5fm-qm62

reference_url

reference_id

GHSA-ffff-m5fm-qm62

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:53Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-ffff-m5fm-qm62

reference_url

reference_id

GLSA-202210-37

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:53Z/

url

https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html

reference_url

reference_id

msg00021.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:53Z/

url

https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html

reference_url

https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html

reference_id

msg00035.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:53Z/

url

https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_id

msg00038.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:53Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_url

https://lists.debian.org/debian-lts-announce/2022/03/msg00040.html

reference_id

msg00040.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:53Z/

url

https://lists.debian.org/debian-lts-announce/2022/03/msg00040.html

reference_url	https://usn.ubuntu.com/6422-1/
reference_id	USN-6422-1
reference_type
scores
url	https://usn.ubuntu.com/6422-1/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2022-23608

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-48pt-6j6q-jbcn

url VCID-5yue-52xt-ryhw

vulnerability_id VCID-5yue-52xt-ryhw

summary An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated Asterisk Manager Interface (AMI) user without system authorization could use a specially crafted Originate AMI request to execute arbitrary system commands.

references

reference_url	http://downloads.asterisk.org/pub/security/AST-2019-007.html
reference_id
reference_type
scores
url	http://downloads.asterisk.org/pub/security/AST-2019-007.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-18610

reference_id

reference_type

scores

value	0.41891
scoring_system	epss
scoring_elements	0.97439
published_at	2026-04-24T12:55:00Z

value	0.41891
scoring_system	epss
scoring_elements	0.9744
published_at	2026-04-18T12:55:00Z

value	0.41891
scoring_system	epss
scoring_elements	0.97401
published_at	2026-04-01T12:55:00Z

value	0.41891
scoring_system	epss
scoring_elements	0.97408
published_at	2026-04-02T12:55:00Z

value	0.41891
scoring_system	epss
scoring_elements	0.97412
published_at	2026-04-04T12:55:00Z

value	0.41891
scoring_system	epss
scoring_elements	0.97415
published_at	2026-04-07T12:55:00Z

value	0.41891
scoring_system	epss
scoring_elements	0.97421
published_at	2026-04-08T12:55:00Z

value	0.41891
scoring_system	epss
scoring_elements	0.97423
published_at	2026-04-09T12:55:00Z

value	0.41891
scoring_system	epss
scoring_elements	0.97425
published_at	2026-04-11T12:55:00Z

value	0.41891
scoring_system	epss
scoring_elements	0.97427
published_at	2026-04-13T12:55:00Z

value	0.41891
scoring_system	epss
scoring_elements	0.97435
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-18610

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18610
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18610

reference_url	https://lists.debian.org/debian-lts-announce/2019/11/msg00038.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/11/msg00038.html

reference_url	https://lists.debian.org/debian-lts-announce/2022/04/msg00001.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2022/04/msg00001.html

reference_url	https://www.asterisk.org/downloads/security-advisories
reference_id
reference_type
scores
url	https://www.asterisk.org/downloads/security-advisories

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947377
reference_id	947377
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947377

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:asterisk::::::::
reference_id	cpe:2.3:a:digium:asterisk::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:asterisk::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:certified_asterisk:13.21.0:::::::*
reference_id	cpe:2.3:a:digium:certified_asterisk:13.21.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:certified_asterisk:13.21.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:certified_asterisk:13.21.0:cert1::::::
reference_id	cpe:2.3:a:digium:certified_asterisk:13.21.0:cert1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:certified_asterisk:13.21.0:cert1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:certified_asterisk:13.21.0:cert2::::::
reference_id	cpe:2.3:a:digium:certified_asterisk:13.21.0:cert2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:certified_asterisk:13.21.0:cert2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:certified_asterisk:13.21.0:cert3::::::
reference_id	cpe:2.3:a:digium:certified_asterisk:13.21.0:cert3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:certified_asterisk:13.21.0:cert3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:certified_asterisk:13.21.0:cert4::::::
reference_id	cpe:2.3:a:digium:certified_asterisk:13.21.0:cert4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:certified_asterisk:13.21.0:cert4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:certified_asterisk:13.21.0:rc1::::::
reference_id	cpe:2.3:a:digium:certified_asterisk:13.21.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:certified_asterisk:13.21.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-18610

reference_id

CVE-2019-18610

reference_type

scores

value	9.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:C/I:C/A:C

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-18610

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2019-18610

risk_score 4.0

exploitability 0.5

weighted_severity 8.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5yue-52xt-ryhw

url VCID-6rhm-xrwe-x7af

vulnerability_id VCID-6rhm-xrwe-x7af

summary Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-26717

reference_id

reference_type

scores

value	0.00421
scoring_system	epss
scoring_elements	0.61896
published_at	2026-04-01T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61969
published_at	2026-04-02T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62001
published_at	2026-04-04T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.6197
published_at	2026-04-07T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.6202
published_at	2026-04-08T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62036
published_at	2026-04-09T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62057
published_at	2026-04-11T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62046
published_at	2026-04-12T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62025
published_at	2026-04-13T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62067
published_at	2026-04-16T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62073
published_at	2026-04-18T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62055
published_at	2026-04-21T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62052
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-26717

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26717
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26717

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983157
reference_id	983157
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983157

reference_url	https://security.gentoo.org/glsa/202412-03
reference_id	GLSA-202412-03
reference_type
scores
url	https://security.gentoo.org/glsa/202412-03

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2021-26717

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6rhm-xrwe-x7af

url VCID-7kus-4n4f-myd1

vulnerability_id VCID-7kus-4n4f-myd1

summary Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-26498

reference_id

reference_type

scores

value	0.00308
scoring_system	epss
scoring_elements	0.53919
published_at	2026-04-02T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61596
published_at	2026-04-04T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61567
published_at	2026-04-07T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61615
published_at	2026-04-08T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61629
published_at	2026-04-09T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.6165
published_at	2026-04-11T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61639
published_at	2026-04-12T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61619
published_at	2026-04-13T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61661
published_at	2026-04-16T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61666
published_at	2026-04-18T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61651
published_at	2026-04-21T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61644
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url	https://security.gentoo.org/glsa/202412-03
reference_id	GLSA-202412-03
reference_type
scores
url	https://security.gentoo.org/glsa/202412-03

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2022-26498

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7kus-4n4f-myd1

url VCID-7m8s-6ydk-gbgr

vulnerability_id VCID-7m8s-6ydk-gbgr

summary Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-37706

reference_id

reference_type

scores

value	0.00243
scoring_system	epss
scoring_elements	0.47593
published_at	2026-04-21T12:55:00Z

value	0.00243
scoring_system	epss
scoring_elements	0.47585
published_at	2026-04-24T12:55:00Z

value	0.00243
scoring_system	epss
scoring_elements	0.47648
published_at	2026-04-16T12:55:00Z

value	0.00243
scoring_system	epss
scoring_elements	0.4764
published_at	2026-04-18T12:55:00Z

value	0.0025
scoring_system	epss
scoring_elements	0.48285
published_at	2026-04-09T12:55:00Z

value	0.0025
scoring_system	epss
scoring_elements	0.48294
published_at	2026-04-13T12:55:00Z

value	0.0025
scoring_system	epss
scoring_elements	0.48309
published_at	2026-04-11T12:55:00Z

value	0.0025
scoring_system	epss
scoring_elements	0.48283
published_at	2026-04-12T12:55:00Z

value	0.0025
scoring_system	epss
scoring_elements	0.48234
published_at	2026-04-07T12:55:00Z

value	0.0025
scoring_system	epss
scoring_elements	0.4829
published_at	2026-04-08T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48566
published_at	2026-04-01T12:55:00Z

value	0.00253
scoring_system	epss
scoring_elements	0.48607
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998
reference_id	1014998
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998

reference_url	https://security.gentoo.org/glsa/202210-37
reference_id	GLSA-202210-37
reference_type
scores
url	https://security.gentoo.org/glsa/202210-37

reference_url	https://usn.ubuntu.com/6422-1/
reference_id	USN-6422-1
reference_type
scores
url	https://usn.ubuntu.com/6422-1/

reference_url	https://usn.ubuntu.com/6422-2/
reference_id	USN-6422-2
reference_type
scores
url	https://usn.ubuntu.com/6422-2/

reference_url	https://usn.ubuntu.com/8122-1/
reference_id	USN-8122-1
reference_type
scores
url	https://usn.ubuntu.com/8122-1/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2021-37706

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7m8s-6ydk-gbgr

url VCID-8pdp-epea-juhj

vulnerability_id VCID-8pdp-epea-juhj

summary Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-26499

reference_id

reference_type

scores

value	0.00362
scoring_system	epss
scoring_elements	0.58287
published_at	2026-04-02T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65447
published_at	2026-04-04T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.6541
published_at	2026-04-07T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65463
published_at	2026-04-08T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65474
published_at	2026-04-09T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65493
published_at	2026-04-11T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65479
published_at	2026-04-12T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65451
published_at	2026-04-13T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65489
published_at	2026-04-16T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.655
published_at	2026-04-18T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65484
published_at	2026-04-21T12:55:00Z

value	0.00487
scoring_system	epss
scoring_elements	0.65501
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url	https://security.gentoo.org/glsa/202412-03
reference_id	GLSA-202412-03
reference_type
scores
url	https://security.gentoo.org/glsa/202412-03

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2022-26499

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8pdp-epea-juhj

url VCID-8sys-3sj7-c3h6

vulnerability_id VCID-8sys-3sj7-c3h6

summary Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-21722

reference_id

reference_type

scores

value	0.00462
scoring_system	epss
scoring_elements	0.64147
published_at	2026-04-02T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64175
published_at	2026-04-13T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64135
published_at	2026-04-07T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64185
published_at	2026-04-08T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64201
published_at	2026-04-09T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64215
published_at	2026-04-11T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64204
published_at	2026-04-12T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.6421
published_at	2026-04-21T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64222
published_at	2026-04-18T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.6423
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998
reference_id	1014998
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998

reference_url

https://github.com/pjsip/pjproject/commit/22af44e68a0c7d190ac1e25075e1382f77e9397a

reference_id

22af44e68a0c7d190ac1e25075e1382f77e9397a

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:54Z/

url

https://github.com/pjsip/pjproject/commit/22af44e68a0c7d190ac1e25075e1382f77e9397a

reference_url

reference_id

dsa-5285

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:54Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-m66q-q64c-hv36

reference_url

reference_id

GHSA-m66q-q64c-hv36

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:54Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-m66q-q64c-hv36

reference_url

reference_id

GLSA-202210-37

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:54Z/

url

https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html

reference_url

reference_id

msg00021.html

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:54Z/

url

https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html

reference_url

https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html

reference_id

msg00035.html

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:54Z/

url

https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_id

msg00038.html

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:54Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_url	https://usn.ubuntu.com/6422-1/
reference_id	USN-6422-1
reference_type
scores
url	https://usn.ubuntu.com/6422-1/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2022-21722

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8sys-3sj7-c3h6

url VCID-8yav-jpp1-rfbe

vulnerability_id VCID-8yav-jpp1-rfbe

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43299

reference_id

reference_type

scores

value	0.00275
scoring_system	epss
scoring_elements	0.51026
published_at	2026-04-18T12:55:00Z

value	0.00275
scoring_system	epss
scoring_elements	0.51019
published_at	2026-04-16T12:55:00Z

value	0.00275
scoring_system	epss
scoring_elements	0.50952
published_at	2026-04-24T12:55:00Z

value	0.00275
scoring_system	epss
scoring_elements	0.51004
published_at	2026-04-21T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55471
published_at	2026-04-01T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55583
published_at	2026-04-02T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.5943
published_at	2026-04-11T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59414
published_at	2026-04-12T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59396
published_at	2026-04-13T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59412
published_at	2026-04-09T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59397
published_at	2026-04-08T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59346
published_at	2026-04-07T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.5938
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998
reference_id	1014998
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998

reference_url	https://usn.ubuntu.com/6422-1/
reference_id	USN-6422-1
reference_type
scores
url	https://usn.ubuntu.com/6422-1/

reference_url	https://usn.ubuntu.com/8122-1/
reference_id	USN-8122-1
reference_type
scores
url	https://usn.ubuntu.com/8122-1/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2021-43299

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8yav-jpp1-rfbe

url VCID-917e-7kp2-y3hw

vulnerability_id VCID-917e-7kp2-y3hw

summary res_pjsip_t38 in Sangoma Asterisk 15.x before 15.7.4 and 16.x before 16.5.1 allows an attacker to trigger a crash by sending a declined stream in a response to a T.38 re-invite initiated by Asterisk. The crash occurs because of a NULL session media object dereference.

references

reference_url	http://downloads.asterisk.org/pub/security/AST-2019-004.html
reference_id
reference_type
scores
url	http://downloads.asterisk.org/pub/security/AST-2019-004.html

reference_url	http://packetstormsecurity.com/files/154371/Asterisk-Project-Security-Advisory-AST-2019-004.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/154371/Asterisk-Project-Security-Advisory-AST-2019-004.html

reference_url	http://packetstormsecurity.com/files/161671/Asterisk-Project-Security-Advisory-AST-2021-006.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/161671/Asterisk-Project-Security-Advisory-AST-2021-006.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-15297

reference_id

reference_type

scores

value	0.01814
scoring_system	epss
scoring_elements	0.82905
published_at	2026-04-24T12:55:00Z

value	0.01814
scoring_system	epss
scoring_elements	0.82883
published_at	2026-04-21T12:55:00Z

value	0.01814
scoring_system	epss
scoring_elements	0.82779
published_at	2026-04-01T12:55:00Z

value	0.01814
scoring_system	epss
scoring_elements	0.82795
published_at	2026-04-02T12:55:00Z

value	0.01814
scoring_system	epss
scoring_elements	0.82809
published_at	2026-04-04T12:55:00Z

value	0.01814
scoring_system	epss
scoring_elements	0.82804
published_at	2026-04-07T12:55:00Z

value	0.01814
scoring_system	epss
scoring_elements	0.8283
published_at	2026-04-08T12:55:00Z

value	0.01814
scoring_system	epss
scoring_elements	0.82836
published_at	2026-04-09T12:55:00Z

value	0.01814
scoring_system	epss
scoring_elements	0.82852
published_at	2026-04-11T12:55:00Z

value	0.01814
scoring_system	epss
scoring_elements	0.82847
published_at	2026-04-12T12:55:00Z

value	0.01814
scoring_system	epss
scoring_elements	0.82843
published_at	2026-04-13T12:55:00Z

value	0.01814
scoring_system	epss
scoring_elements	0.82882
published_at	2026-04-16T12:55:00Z

value	0.01814
scoring_system	epss
scoring_elements	0.82881
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-15297

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15297
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15297

reference_url	http://seclists.org/fulldisclosure/2021/Mar/5
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2021/Mar/5

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940060
reference_id	940060
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940060

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:asterisk::::::::
reference_id	cpe:2.3:a:digium:asterisk::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:asterisk::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-15297

reference_id

CVE-2019-15297

reference_type

scores

value	4.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-15297

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2019-15297

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-917e-7kp2-y3hw

url VCID-9at6-bgzv-gue3

vulnerability_id VCID-9at6-bgzv-gue3

summary Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-39269

reference_id

reference_type

scores

value	0.00217
scoring_system	epss
scoring_elements	0.44229
published_at	2026-04-24T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44535
published_at	2026-04-04T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44472
published_at	2026-04-07T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44523
published_at	2026-04-08T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44529
published_at	2026-04-09T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44545
published_at	2026-04-11T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44513
published_at	2026-04-02T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44516
published_at	2026-04-13T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44572
published_at	2026-04-16T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44563
published_at	2026-04-18T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44494
published_at	2026-04-21T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44515
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-39269

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032092
reference_id	1032092
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032092

reference_url	https://security.gentoo.org/glsa/202210-37
reference_id	GLSA-202210-37
reference_type
scores
url	https://security.gentoo.org/glsa/202210-37

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2022-39269

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9at6-bgzv-gue3

url VCID-9f9j-z7y7-sffy

vulnerability_id VCID-9f9j-z7y7-sffy

summary Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43845

reference_id

reference_type

scores

value	0.00285
scoring_system	epss
scoring_elements	0.51925
published_at	2026-04-01T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.51973
published_at	2026-04-02T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.51999
published_at	2026-04-04T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.51965
published_at	2026-04-07T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.52019
published_at	2026-04-08T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.52018
published_at	2026-04-09T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.5207
published_at	2026-04-11T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.52052
published_at	2026-04-12T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.52036
published_at	2026-04-13T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.52076
published_at	2026-04-16T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.52082
published_at	2026-04-18T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.52063
published_at	2026-04-21T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.5201
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998
reference_id	1014998
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998

reference_url	https://security.gentoo.org/glsa/202210-37
reference_id	GLSA-202210-37
reference_type
scores
url	https://security.gentoo.org/glsa/202210-37

reference_url	https://usn.ubuntu.com/6422-1/
reference_id	USN-6422-1
reference_type
scores
url	https://usn.ubuntu.com/6422-1/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2021-43845

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9f9j-z7y7-sffy

url VCID-ap3n-99gn-aucs

vulnerability_id VCID-ap3n-99gn-aucs

summary A vulnerability has been discovered in PJSIP, which could lead to arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-27585

reference_id

reference_type

scores

value	0.00446
scoring_system	epss
scoring_elements	0.6349
published_at	2026-04-21T12:55:00Z

value	0.00446
scoring_system	epss
scoring_elements	0.63509
published_at	2026-04-24T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.6572
published_at	2026-04-02T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.6575
published_at	2026-04-04T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65716
published_at	2026-04-07T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.6577
published_at	2026-04-08T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.6578
published_at	2026-04-09T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65801
published_at	2026-04-11T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65787
published_at	2026-04-12T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65757
published_at	2026-04-13T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65792
published_at	2026-04-16T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65806
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-27585

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27585
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27585

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036697
reference_id	1036697
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036697

reference_url

https://github.com/pjsip/pjproject/commit/d1c5e4da5bae7f220bc30719888bb389c905c0c5

reference_id

d1c5e4da5bae7f220bc30719888bb389c905c0c5

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:31:09Z/

url

https://github.com/pjsip/pjproject/commit/d1c5e4da5bae7f220bc30719888bb389c905c0c5

reference_url

https://www.debian.org/security/2023/dsa-5438

reference_id

dsa-5438

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:31:09Z/

url

https://www.debian.org/security/2023/dsa-5438

reference_url

https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4

reference_id

GHSA-p6g5-v97c-w5q4

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:31:09Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4

reference_url

https://github.com/pjsip/pjproject/security/advisories/GHSA-q9cp-8wcq-7pfr

reference_id

GHSA-q9cp-8wcq-7pfr

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:31:09Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-q9cp-8wcq-7pfr

reference_url	https://security.gentoo.org/glsa/202409-05
reference_id	GLSA-202409-05
reference_type
scores
url	https://security.gentoo.org/glsa/202409-05

reference_url

https://www.pjsip.org/pjlib-util/docs/html/group__PJ__DNS__RESOLVER.htm

reference_id

group__PJ__DNS__RESOLVER.htm

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:31:09Z/

url

https://www.pjsip.org/pjlib-util/docs/html/group__PJ__DNS__RESOLVER.htm

reference_url

https://lists.debian.org/debian-lts-announce/2023/04/msg00020.html

reference_id

msg00020.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:31:09Z/

url

https://lists.debian.org/debian-lts-announce/2023/04/msg00020.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_id

msg00038.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:31:09Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_url	https://usn.ubuntu.com/6422-1/
reference_id	USN-6422-1
reference_type
scores
url	https://usn.ubuntu.com/6422-1/

reference_url	https://usn.ubuntu.com/6422-2/
reference_id	USN-6422-2
reference_type
scores
url	https://usn.ubuntu.com/6422-2/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2023-27585

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ap3n-99gn-aucs

url VCID-b4z5-5hbq-5ka8

vulnerability_id VCID-b4z5-5hbq-5ka8

summary Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-42706

reference_id

reference_type

scores

value	0.0081
scoring_system	epss
scoring_elements	0.74298
published_at	2026-04-24T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.74231
published_at	2026-04-12T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.74224
published_at	2026-04-13T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.74262
published_at	2026-04-16T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.74272
published_at	2026-04-18T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.74264
published_at	2026-04-21T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.74181
published_at	2026-04-07T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.74208
published_at	2026-04-04T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.74214
published_at	2026-04-08T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.74228
published_at	2026-04-09T12:55:00Z

value	0.0081
scoring_system	epss
scoring_elements	0.7425
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-42706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706

reference_url

https://downloads.asterisk.org/pub/security/AST-2022-009.html

reference_id

AST-2022-009.html

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:23:22Z/

url

https://downloads.asterisk.org/pub/security/AST-2022-009.html

reference_url

reference_id

dsa-5358

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:23:22Z/

url

https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html

reference_url	https://security.gentoo.org/glsa/202412-03
reference_id	GLSA-202412-03
reference_type
scores
url	https://security.gentoo.org/glsa/202412-03

reference_url

reference_id

msg00029.html

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:23:22Z/

url

https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2022-42706

risk_score 2.2

exploitability 0.5

weighted_severity 4.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b4z5-5hbq-5ka8

url VCID-byqv-c5jp-6ybg

vulnerability_id VCID-byqv-c5jp-6ybg

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43301

reference_id

reference_type

scores

value	0.00406
scoring_system	epss
scoring_elements	0.61133
published_at	2026-04-18T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61127
published_at	2026-04-16T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61105
published_at	2026-04-24T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61116
published_at	2026-04-21T12:55:00Z

value	0.00482
scoring_system	epss
scoring_elements	0.65068
published_at	2026-04-01T12:55:00Z

value	0.00482
scoring_system	epss
scoring_elements	0.65118
published_at	2026-04-02T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68284
published_at	2026-04-11T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68272
published_at	2026-04-12T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68238
published_at	2026-04-13T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68259
published_at	2026-04-09T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68244
published_at	2026-04-08T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68193
published_at	2026-04-07T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68217
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998
reference_id	1014998
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998

reference_url	https://usn.ubuntu.com/6422-1/
reference_id	USN-6422-1
reference_type
scores
url	https://usn.ubuntu.com/6422-1/

reference_url	https://usn.ubuntu.com/8122-1/
reference_id	USN-8122-1
reference_type
scores
url	https://usn.ubuntu.com/8122-1/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2021-43301

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-byqv-c5jp-6ybg

url VCID-cupt-538a-z3fp

vulnerability_id VCID-cupt-538a-z3fp

summary Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-37325

reference_id

reference_type

scores

value	0.0068
scoring_system	epss
scoring_elements	0.7166
published_at	2026-04-24T12:55:00Z

value	0.0068
scoring_system	epss
scoring_elements	0.71598
published_at	2026-04-12T12:55:00Z

value	0.0068
scoring_system	epss
scoring_elements	0.71579
published_at	2026-04-13T12:55:00Z

value	0.0068
scoring_system	epss
scoring_elements	0.71624
published_at	2026-04-16T12:55:00Z

value	0.0068
scoring_system	epss
scoring_elements	0.71629
published_at	2026-04-18T12:55:00Z

value	0.0068
scoring_system	epss
scoring_elements	0.7161
published_at	2026-04-21T12:55:00Z

value	0.0068
scoring_system	epss
scoring_elements	0.71549
published_at	2026-04-02T12:55:00Z

value	0.0068
scoring_system	epss
scoring_elements	0.71567
published_at	2026-04-04T12:55:00Z

value	0.0068
scoring_system	epss
scoring_elements	0.7154
published_at	2026-04-07T12:55:00Z

value	0.0068
scoring_system	epss
scoring_elements	0.7158
published_at	2026-04-08T12:55:00Z

value	0.0068
scoring_system	epss
scoring_elements	0.7159
published_at	2026-04-09T12:55:00Z

value	0.0068
scoring_system	epss
scoring_elements	0.71613
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-37325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706

reference_url

https://downloads.asterisk.org/pub/security/AST-2022-007.html

reference_id

AST-2022-007.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:38:25Z/

url

https://downloads.asterisk.org/pub/security/AST-2022-007.html

reference_url

reference_id

dsa-5358

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:38:25Z/

url

https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html

reference_url	https://security.gentoo.org/glsa/202412-03
reference_id	GLSA-202412-03
reference_type
scores
url	https://security.gentoo.org/glsa/202412-03

reference_url

reference_id

msg00029.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:38:25Z/

url

https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2022-37325

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cupt-538a-z3fp

url VCID-ddpb-zwva-rfc5

vulnerability_id VCID-ddpb-zwva-rfc5

summary Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-21723

reference_id

reference_type

scores

value	0.00468
scoring_system	epss
scoring_elements	0.64457
published_at	2026-04-02T12:55:00Z

value	0.00468
scoring_system	epss
scoring_elements	0.64488
published_at	2026-04-04T12:55:00Z

value	0.00468
scoring_system	epss
scoring_elements	0.64446
published_at	2026-04-07T12:55:00Z

value	0.00468
scoring_system	epss
scoring_elements	0.64495
published_at	2026-04-08T12:55:00Z

value	0.00468
scoring_system	epss
scoring_elements	0.64511
published_at	2026-04-09T12:55:00Z

value	0.00468
scoring_system	epss
scoring_elements	0.64526
published_at	2026-04-11T12:55:00Z

value	0.00468
scoring_system	epss
scoring_elements	0.64515
published_at	2026-04-12T12:55:00Z

value	0.00468
scoring_system	epss
scoring_elements	0.64487
published_at	2026-04-13T12:55:00Z

value	0.00468
scoring_system	epss
scoring_elements	0.64521
published_at	2026-04-16T12:55:00Z

value	0.00468
scoring_system	epss
scoring_elements	0.64533
published_at	2026-04-18T12:55:00Z

value	0.00468
scoring_system	epss
scoring_elements	0.64525
published_at	2026-04-21T12:55:00Z

value	0.00468
scoring_system	epss
scoring_elements	0.64545
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url

https://github.com/pjsip/pjproject/commit/077b465c33f0aec05a49cd2ca456f9a1b112e896

reference_id

077b465c33f0aec05a49cd2ca456f9a1b112e896

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/

url

https://github.com/pjsip/pjproject/commit/077b465c33f0aec05a49cd2ca456f9a1b112e896

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998
reference_id	1014998
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998

reference_url

http://seclists.org/fulldisclosure/2022/Mar/2

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/

url

http://seclists.org/fulldisclosure/2022/Mar/2

reference_url

http://packetstormsecurity.com/files/166227/Asterisk-Project-Security-Advisory-AST-2022-006.html

reference_id

Asterisk-Project-Security-Advisory-AST-2022-006.html

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/

url

http://packetstormsecurity.com/files/166227/Asterisk-Project-Security-Advisory-AST-2022-006.html

reference_url

reference_id

dsa-5285

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-7fw8-54cv-r7pm

reference_url

reference_id

GHSA-7fw8-54cv-r7pm

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-7fw8-54cv-r7pm

reference_url

reference_id

GLSA-202210-37

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/

url

https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html

reference_url

reference_id

msg00021.html

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/

url

https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html

reference_url

https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html

reference_id

msg00035.html

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/

url

https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_id

msg00038.html

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_url	https://usn.ubuntu.com/6422-1/
reference_id	USN-6422-1
reference_type
scores
url	https://usn.ubuntu.com/6422-1/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2022-21723

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ddpb-zwva-rfc5

url VCID-epzp-dpmr-33df

vulnerability_id VCID-epzp-dpmr-33df

summary Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-32686

reference_id

reference_type

scores

value	0.02002
scoring_system	epss
scoring_elements	0.83727
published_at	2026-04-24T12:55:00Z

value	0.02002
scoring_system	epss
scoring_elements	0.83702
published_at	2026-04-21T12:55:00Z

value	0.02081
scoring_system	epss
scoring_elements	0.83919
published_at	2026-04-01T12:55:00Z

value	0.02081
scoring_system	epss
scoring_elements	0.83934
published_at	2026-04-02T12:55:00Z

value	0.02696
scoring_system	epss
scoring_elements	0.85889
published_at	2026-04-16T12:55:00Z

value	0.02696
scoring_system	epss
scoring_elements	0.85894
published_at	2026-04-18T12:55:00Z

value	0.02769
scoring_system	epss
scoring_elements	0.86039
published_at	2026-04-11T12:55:00Z

value	0.02769
scoring_system	epss
scoring_elements	0.86037
published_at	2026-04-12T12:55:00Z

value	0.02769
scoring_system	epss
scoring_elements	0.86032
published_at	2026-04-13T12:55:00Z

value	0.02769
scoring_system	epss
scoring_elements	0.85995
published_at	2026-04-07T12:55:00Z

value	0.02769
scoring_system	epss
scoring_elements	0.86015
published_at	2026-04-08T12:55:00Z

value	0.02769
scoring_system	epss
scoring_elements	0.85996
published_at	2026-04-04T12:55:00Z

value	0.02769
scoring_system	epss
scoring_elements	0.86025
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-32686

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32558
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32558

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32686
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32686

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998
reference_id	1014998
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991931
reference_id	991931
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991931

reference_url	https://security.gentoo.org/glsa/202210-37
reference_id	GLSA-202210-37
reference_type
scores
url	https://security.gentoo.org/glsa/202210-37

reference_url	https://usn.ubuntu.com/8122-1/
reference_id	USN-8122-1
reference_type
scores
url	https://usn.ubuntu.com/8122-1/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2021-32686

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-epzp-dpmr-33df

url VCID-f5qc-tsbr-1yap

vulnerability_id VCID-f5qc-tsbr-1yap

summary Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43804

reference_id

reference_type

scores

value	0.003
scoring_system	epss
scoring_elements	0.53266
published_at	2026-04-01T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.5329
published_at	2026-04-02T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53315
published_at	2026-04-04T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53285
published_at	2026-04-07T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53337
published_at	2026-04-08T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53332
published_at	2026-04-09T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53383
published_at	2026-04-11T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53366
published_at	2026-04-12T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.5335
published_at	2026-04-13T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53387
published_at	2026-04-16T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53393
published_at	2026-04-18T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53374
published_at	2026-04-21T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53345
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998
reference_id	1014998
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998

reference_url	https://security.gentoo.org/glsa/202210-37
reference_id	GLSA-202210-37
reference_type
scores
url	https://security.gentoo.org/glsa/202210-37

reference_url	https://usn.ubuntu.com/6422-1/
reference_id	USN-6422-1
reference_type
scores
url	https://usn.ubuntu.com/6422-1/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2021-43804

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f5qc-tsbr-1yap

url VCID-fjzf-5rtw-rqfj

vulnerability_id VCID-fjzf-5rtw-rqfj

summary Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-26906

reference_id

reference_type

scores

value	0.00811
scoring_system	epss
scoring_elements	0.74179
published_at	2026-04-01T12:55:00Z

value	0.00811
scoring_system	epss
scoring_elements	0.74184
published_at	2026-04-07T12:55:00Z

value	0.00811
scoring_system	epss
scoring_elements	0.74212
published_at	2026-04-04T12:55:00Z

value	0.00811
scoring_system	epss
scoring_elements	0.74217
published_at	2026-04-08T12:55:00Z

value	0.00811
scoring_system	epss
scoring_elements	0.74232
published_at	2026-04-09T12:55:00Z

value	0.00811
scoring_system	epss
scoring_elements	0.74253
published_at	2026-04-11T12:55:00Z

value	0.00811
scoring_system	epss
scoring_elements	0.74235
published_at	2026-04-12T12:55:00Z

value	0.00811
scoring_system	epss
scoring_elements	0.74227
published_at	2026-04-13T12:55:00Z

value	0.00811
scoring_system	epss
scoring_elements	0.74265
published_at	2026-04-16T12:55:00Z

value	0.00811
scoring_system	epss
scoring_elements	0.74275
published_at	2026-04-18T12:55:00Z

value	0.00811
scoring_system	epss
scoring_elements	0.74267
published_at	2026-04-21T12:55:00Z

value	0.00811
scoring_system	epss
scoring_elements	0.74302
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-26906

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26906
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26906

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983159
reference_id	983159
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983159

reference_url	https://security.gentoo.org/glsa/202412-03
reference_id	GLSA-202412-03
reference_type
scores
url	https://security.gentoo.org/glsa/202412-03

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2021-26906

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fjzf-5rtw-rqfj

url VCID-gkcp-1zz6-tfb5

vulnerability_id VCID-gkcp-1zz6-tfb5

summary A res_pjsip_session crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. and Certified Asterisk before 16.8-cert5. Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This caused a gap between the creation of the dialog object, and its next use by the thread that created it. Depending on some off-nominal circumstances and timing, it was possible for another thread to free said dialog in this gap. Asterisk could then crash when the dialog object, or any of its dependent objects, were dereferenced or accessed next by the initial-creation thread. Note, however, that this crash can only occur when using a connection-oriented protocol (e.g., TCP or TLS, but not UDP) for SIP transport. Also, the remote client must be authenticated, or Asterisk must be configured for anonymous calling.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-28327

reference_id

reference_type

scores

value	0.02764
scoring_system	epss
scoring_elements	0.85963
published_at	2026-04-01T12:55:00Z

value	0.02764
scoring_system	epss
scoring_elements	0.85974
published_at	2026-04-02T12:55:00Z

value	0.02764
scoring_system	epss
scoring_elements	0.8599
published_at	2026-04-04T12:55:00Z

value	0.02764
scoring_system	epss
scoring_elements	0.85989
published_at	2026-04-07T12:55:00Z

value	0.02764
scoring_system	epss
scoring_elements	0.86008
published_at	2026-04-08T12:55:00Z

value	0.02764
scoring_system	epss
scoring_elements	0.86018
published_at	2026-04-09T12:55:00Z

value	0.02764
scoring_system	epss
scoring_elements	0.86032
published_at	2026-04-11T12:55:00Z

value	0.02764
scoring_system	epss
scoring_elements	0.8603
published_at	2026-04-12T12:55:00Z

value	0.02764
scoring_system	epss
scoring_elements	0.86026
published_at	2026-04-13T12:55:00Z

value	0.02764
scoring_system	epss
scoring_elements	0.86043
published_at	2026-04-16T12:55:00Z

value	0.02764
scoring_system	epss
scoring_elements	0.86048
published_at	2026-04-18T12:55:00Z

value	0.02764
scoring_system	epss
scoring_elements	0.86039
published_at	2026-04-21T12:55:00Z

value	0.02764
scoring_system	epss
scoring_elements	0.8606
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-28327

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28327
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28327

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=974712
reference_id	974712
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=974712

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2020-28327

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gkcp-1zz6-tfb5

url VCID-h193-vjhb-j3a3

vulnerability_id VCID-h193-vjhb-j3a3

summary Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-32558

reference_id

reference_type

scores

value	0.02875
scoring_system	epss
scoring_elements	0.86214
published_at	2026-04-01T12:55:00Z

value	0.02875
scoring_system	epss
scoring_elements	0.86224
published_at	2026-04-02T12:55:00Z

value	0.02875
scoring_system	epss
scoring_elements	0.86241
published_at	2026-04-04T12:55:00Z

value	0.02875
scoring_system	epss
scoring_elements	0.86242
published_at	2026-04-07T12:55:00Z

value	0.02875
scoring_system	epss
scoring_elements	0.86261
published_at	2026-04-08T12:55:00Z

value	0.02875
scoring_system	epss
scoring_elements	0.86271
published_at	2026-04-09T12:55:00Z

value	0.02875
scoring_system	epss
scoring_elements	0.86286
published_at	2026-04-11T12:55:00Z

value	0.02875
scoring_system	epss
scoring_elements	0.86283
published_at	2026-04-12T12:55:00Z

value	0.02875
scoring_system	epss
scoring_elements	0.86279
published_at	2026-04-13T12:55:00Z

value	0.02875
scoring_system	epss
scoring_elements	0.86296
published_at	2026-04-16T12:55:00Z

value	0.02875
scoring_system	epss
scoring_elements	0.863
published_at	2026-04-18T12:55:00Z

value	0.02875
scoring_system	epss
scoring_elements	0.86294
published_at	2026-04-21T12:55:00Z

value	0.02875
scoring_system	epss
scoring_elements	0.86312
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-32558

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32558
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32558

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32686
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32686

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991710
reference_id	991710
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991710

reference_url	https://security.gentoo.org/glsa/202412-03
reference_id	GLSA-202412-03
reference_type
scores
url	https://security.gentoo.org/glsa/202412-03

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2021-32558

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h193-vjhb-j3a3

url VCID-hj93-7z1r-vkfk

vulnerability_id VCID-hj93-7z1r-vkfk

summary Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-24763

reference_id

reference_type

scores

value	0.01403
scoring_system	epss
scoring_elements	0.80395
published_at	2026-04-02T12:55:00Z

value	0.01403
scoring_system	epss
scoring_elements	0.80416
published_at	2026-04-04T12:55:00Z

value	0.01403
scoring_system	epss
scoring_elements	0.80405
published_at	2026-04-07T12:55:00Z

value	0.01403
scoring_system	epss
scoring_elements	0.80434
published_at	2026-04-08T12:55:00Z

value	0.01403
scoring_system	epss
scoring_elements	0.80444
published_at	2026-04-09T12:55:00Z

value	0.01403
scoring_system	epss
scoring_elements	0.80463
published_at	2026-04-11T12:55:00Z

value	0.01403
scoring_system	epss
scoring_elements	0.80448
published_at	2026-04-12T12:55:00Z

value	0.01403
scoring_system	epss
scoring_elements	0.80441
published_at	2026-04-13T12:55:00Z

value	0.01403
scoring_system	epss
scoring_elements	0.8047
published_at	2026-04-16T12:55:00Z

value	0.01403
scoring_system	epss
scoring_elements	0.80471
published_at	2026-04-18T12:55:00Z

value	0.01403
scoring_system	epss
scoring_elements	0.80474
published_at	2026-04-21T12:55:00Z

value	0.01403
scoring_system	epss
scoring_elements	0.805
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976
reference_id	1014976
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998
reference_id	1014998
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998

reference_url	https://security.gentoo.org/glsa/202210-37
reference_id	GLSA-202210-37
reference_type
scores
url	https://security.gentoo.org/glsa/202210-37

reference_url	https://usn.ubuntu.com/6422-1/
reference_id	USN-6422-1
reference_type
scores
url	https://usn.ubuntu.com/6422-1/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2022-24763

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hj93-7z1r-vkfk

url VCID-huqt-1fv6-67cz

vulnerability_id VCID-huqt-1fv6-67cz

summary An issue was discovered in res_pjsip_diversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. A crash can occur when a SIP message is received with a History-Info header that contains a tel-uri, or when a SIP 181 response is received that contains a tel-uri in the Diversion header.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-35652

reference_id

reference_type

scores

value	0.00114
scoring_system	epss
scoring_elements	0.30039
published_at	2026-04-11T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.30077
published_at	2026-04-02T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.30124
published_at	2026-04-04T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.29937
published_at	2026-04-07T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.29998
published_at	2026-04-08T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.30033
published_at	2026-04-09T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.29994
published_at	2026-04-12T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.29945
published_at	2026-04-13T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.2996
published_at	2026-04-16T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.29939
published_at	2026-04-18T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.29892
published_at	2026-04-21T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.29817
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35652

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35652
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35652

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979372
reference_id	979372
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979372

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2020-35652

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-huqt-1fv6-67cz

url VCID-n6mj-v1nc-hke9

vulnerability_id VCID-n6mj-v1nc-hke9

summary Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-24793

reference_id

reference_type

scores

value	0.00512
scoring_system	epss
scoring_elements	0.665
published_at	2026-04-21T12:55:00Z

value	0.00512
scoring_system	epss
scoring_elements	0.66523
published_at	2026-04-24T12:55:00Z

value	0.00568
scoring_system	epss
scoring_elements	0.68474
published_at	2026-04-02T12:55:00Z

value	0.00568
scoring_system	epss
scoring_elements	0.68493
published_at	2026-04-04T12:55:00Z

value	0.00568
scoring_system	epss
scoring_elements	0.68469
published_at	2026-04-07T12:55:00Z

value	0.00568
scoring_system	epss
scoring_elements	0.68519
published_at	2026-04-08T12:55:00Z

value	0.00568
scoring_system	epss
scoring_elements	0.68536
published_at	2026-04-09T12:55:00Z

value	0.00568
scoring_system	epss
scoring_elements	0.68563
published_at	2026-04-11T12:55:00Z

value	0.00568
scoring_system	epss
scoring_elements	0.6855
published_at	2026-04-12T12:55:00Z

value	0.00568
scoring_system	epss
scoring_elements	0.68518
published_at	2026-04-13T12:55:00Z

value	0.00568
scoring_system	epss
scoring_elements	0.68558
published_at	2026-04-16T12:55:00Z

value	0.00568
scoring_system	epss
scoring_elements	0.68571
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976
reference_id	1014976
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998
reference_id	1014998
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998

reference_url

https://github.com/pjsip/pjproject/commit/9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a

reference_id

9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/

url

https://github.com/pjsip/pjproject/commit/9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a

reference_url

reference_id

dsa-5285

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4

reference_url

reference_id

GHSA-p6g5-v97c-w5q4

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4

reference_url

reference_id

GLSA-202210-37

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/

url

https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html

reference_url

reference_id

msg00021.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/

url

https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_id

msg00038.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_url

https://lists.debian.org/debian-lts-announce/2022/05/msg00047.html

reference_id

msg00047.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/

url

https://lists.debian.org/debian-lts-announce/2022/05/msg00047.html

reference_url	https://usn.ubuntu.com/6422-1/
reference_id	USN-6422-1
reference_type
scores
url	https://usn.ubuntu.com/6422-1/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2022-24793

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n6mj-v1nc-hke9

url VCID-nf5d-nejq-mkd9

vulnerability_id VCID-nf5d-nejq-mkd9

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43303

reference_id

reference_type

scores

value	0.00406
scoring_system	epss
scoring_elements	0.61133
published_at	2026-04-18T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61127
published_at	2026-04-16T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61105
published_at	2026-04-24T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61116
published_at	2026-04-21T12:55:00Z

value	0.00454
scoring_system	epss
scoring_elements	0.63734
published_at	2026-04-01T12:55:00Z

value	0.00454
scoring_system	epss
scoring_elements	0.63795
published_at	2026-04-02T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67167
published_at	2026-04-11T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67153
published_at	2026-04-12T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67122
published_at	2026-04-13T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67148
published_at	2026-04-09T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67136
published_at	2026-04-08T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67086
published_at	2026-04-07T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67112
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998
reference_id	1014998
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998

reference_url	https://usn.ubuntu.com/6422-1/
reference_id	USN-6422-1
reference_type
scores
url	https://usn.ubuntu.com/6422-1/

reference_url	https://usn.ubuntu.com/8122-1/
reference_id	USN-8122-1
reference_type
scores
url	https://usn.ubuntu.com/8122-1/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2021-43303

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nf5d-nejq-mkd9

url VCID-ngds-k5mh-t3ae

vulnerability_id VCID-ngds-k5mh-t3ae

summary Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-31031

reference_id

reference_type

scores

value	0.00721
scoring_system	epss
scoring_elements	0.72444
published_at	2026-04-02T12:55:00Z

value	0.00721
scoring_system	epss
scoring_elements	0.72462
published_at	2026-04-04T12:55:00Z

value	0.00721
scoring_system	epss
scoring_elements	0.72438
published_at	2026-04-07T12:55:00Z

value	0.00721
scoring_system	epss
scoring_elements	0.72476
published_at	2026-04-08T12:55:00Z

value	0.00721
scoring_system	epss
scoring_elements	0.72489
published_at	2026-04-09T12:55:00Z

value	0.00721
scoring_system	epss
scoring_elements	0.72511
published_at	2026-04-11T12:55:00Z

value	0.00721
scoring_system	epss
scoring_elements	0.72494
published_at	2026-04-12T12:55:00Z

value	0.00721
scoring_system	epss
scoring_elements	0.72484
published_at	2026-04-13T12:55:00Z

value	0.00721
scoring_system	epss
scoring_elements	0.72526
published_at	2026-04-16T12:55:00Z

value	0.00721
scoring_system	epss
scoring_elements	0.72535
published_at	2026-04-18T12:55:00Z

value	0.00721
scoring_system	epss
scoring_elements	0.72524
published_at	2026-04-21T12:55:00Z

value	0.00721
scoring_system	epss
scoring_elements	0.72567
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-31031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017004
reference_id	1017004
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017004

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017005
reference_id	1017005
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017005

reference_url

https://github.com/pjsip/pjproject/commit/450baca94f475345542c6953832650c390889202

reference_id

450baca94f475345542c6953832650c390889202

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/

url

https://github.com/pjsip/pjproject/commit/450baca94f475345542c6953832650c390889202

reference_url

reference_id

dsa-5358

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-26j7-ww69-c4qj

reference_url

reference_id

GHSA-26j7-ww69-c4qj

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-26j7-ww69-c4qj

reference_url

reference_id

GLSA-202210-37

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/

url

https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html

reference_url

reference_id

msg00029.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/

url

https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_id

msg00038.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_url	https://usn.ubuntu.com/6422-1/
reference_id	USN-6422-1
reference_type
scores
url	https://usn.ubuntu.com/6422-1/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2022-31031

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ngds-k5mh-t3ae

url VCID-psbg-wv2x-w7ba

vulnerability_id VCID-psbg-wv2x-w7ba

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-23547

reference_id

reference_type

scores

value	0.00394
scoring_system	epss
scoring_elements	0.6034
published_at	2026-04-24T12:55:00Z

value	0.00394
scoring_system	epss
scoring_elements	0.60342
published_at	2026-04-09T12:55:00Z

value	0.00394
scoring_system	epss
scoring_elements	0.60363
published_at	2026-04-11T12:55:00Z

value	0.00394
scoring_system	epss
scoring_elements	0.60349
published_at	2026-04-12T12:55:00Z

value	0.00394
scoring_system	epss
scoring_elements	0.6033
published_at	2026-04-13T12:55:00Z

value	0.00394
scoring_system	epss
scoring_elements	0.60371
published_at	2026-04-16T12:55:00Z

value	0.00394
scoring_system	epss
scoring_elements	0.60379
published_at	2026-04-18T12:55:00Z

value	0.00394
scoring_system	epss
scoring_elements	0.60369
published_at	2026-04-21T12:55:00Z

value	0.00394
scoring_system	epss
scoring_elements	0.60283
published_at	2026-04-02T12:55:00Z

value	0.00394
scoring_system	epss
scoring_elements	0.60308
published_at	2026-04-04T12:55:00Z

value	0.00394
scoring_system	epss
scoring_elements	0.60277
published_at	2026-04-07T12:55:00Z

value	0.00394
scoring_system	epss
scoring_elements	0.60327
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-23547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032092
reference_id	1032092
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032092

reference_url

https://github.com/pjsip/pjproject/commit/bc4812d31a67d5e2f973fbfaf950d6118226cf36

reference_id

bc4812d31a67d5e2f973fbfaf950d6118226cf36

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T03:11:54Z/

url

https://github.com/pjsip/pjproject/commit/bc4812d31a67d5e2f973fbfaf950d6118226cf36

reference_url

https://github.com/pjsip/pjproject/security/advisories/GHSA-9pfh-r8x4-w26w

reference_id

GHSA-9pfh-r8x4-w26w

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T03:11:54Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-9pfh-r8x4-w26w

reference_url

https://github.com/pjsip/pjproject/security/advisories/GHSA-cxwq-5g9x-x7fr

reference_id

GHSA-cxwq-5g9x-x7fr

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T03:11:54Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-cxwq-5g9x-x7fr

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_id

msg00038.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T03:11:54Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_url	https://usn.ubuntu.com/6422-1/
reference_id	USN-6422-1
reference_type
scores
url	https://usn.ubuntu.com/6422-1/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2022-23547

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-psbg-wv2x-w7ba

url VCID-r8b9-jcqa-xyb2

vulnerability_id VCID-r8b9-jcqa-xyb2

summary Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-35776

reference_id

reference_type

scores

value	0.00085
scoring_system	epss
scoring_elements	0.24665
published_at	2026-04-01T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24741
published_at	2026-04-02T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24781
published_at	2026-04-04T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24553
published_at	2026-04-07T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24625
published_at	2026-04-08T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24671
published_at	2026-04-09T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24686
published_at	2026-04-11T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24645
published_at	2026-04-12T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24589
published_at	2026-04-13T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24602
published_at	2026-04-16T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24592
published_at	2026-04-18T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24569
published_at	2026-04-21T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24513
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35776

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983158
reference_id	983158
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983158

reference_url	https://security.gentoo.org/glsa/202412-03
reference_id	GLSA-202412-03
reference_type
scores
url	https://security.gentoo.org/glsa/202412-03

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2020-35776

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r8b9-jcqa-xyb2

url VCID-tqwd-ffwc-mkd1

vulnerability_id VCID-tqwd-ffwc-mkd1

summary Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-24792

reference_id

reference_type

scores

value	0.01621
scoring_system	epss
scoring_elements	0.81774
published_at	2026-04-02T12:55:00Z

value	0.01621
scoring_system	epss
scoring_elements	0.81797
published_at	2026-04-04T12:55:00Z

value	0.01621
scoring_system	epss
scoring_elements	0.81795
published_at	2026-04-07T12:55:00Z

value	0.01621
scoring_system	epss
scoring_elements	0.81821
published_at	2026-04-08T12:55:00Z

value	0.01621
scoring_system	epss
scoring_elements	0.81828
published_at	2026-04-09T12:55:00Z

value	0.01621
scoring_system	epss
scoring_elements	0.81847
published_at	2026-04-11T12:55:00Z

value	0.01621
scoring_system	epss
scoring_elements	0.81835
published_at	2026-04-12T12:55:00Z

value	0.01621
scoring_system	epss
scoring_elements	0.81829
published_at	2026-04-13T12:55:00Z

value	0.01621
scoring_system	epss
scoring_elements	0.81866
published_at	2026-04-18T12:55:00Z

value	0.01621
scoring_system	epss
scoring_elements	0.81869
published_at	2026-04-21T12:55:00Z

value	0.01621
scoring_system	epss
scoring_elements	0.81892
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976
reference_id	1014976
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976

reference_url

https://github.com/pjsip/pjproject/commit/947bc1ee6d05be10204b918df75a503415fd3213

reference_id

947bc1ee6d05be10204b918df75a503415fd3213

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:55:19Z/

url

https://github.com/pjsip/pjproject/commit/947bc1ee6d05be10204b918df75a503415fd3213

reference_url

reference_id

dsa-5285

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:55:19Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-rwgw-vwxg-q799

reference_url

reference_id

GHSA-rwgw-vwxg-q799

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:55:19Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-rwgw-vwxg-q799

reference_url

reference_id

GLSA-202210-37

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:55:19Z/

url

https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html

reference_url

reference_id

msg00021.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:55:19Z/

url

https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html

reference_url

https://lists.debian.org/debian-lts-announce/2022/05/msg00047.html

reference_id

msg00047.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:55:19Z/

url

https://lists.debian.org/debian-lts-announce/2022/05/msg00047.html

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2022-24792

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tqwd-ffwc-mkd1

url VCID-tyh4-14zn-63ez

vulnerability_id VCID-tyh4-14zn-63ez

summary An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and Certified Asterisk before 16.8-cert5. If Asterisk is challenged on an outbound INVITE and the nonce is changed in each response, Asterisk will continually send INVITEs in a loop. This causes Asterisk to consume more and more memory since the transaction will never terminate (even if the call is hung up), ultimately leading to a restart or shutdown of Asterisk. Outbound authentication must be configured on the endpoint for this to occur.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-28242

reference_id

reference_type

scores

value	0.00407
scoring_system	epss
scoring_elements	0.61018
published_at	2026-04-01T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61095
published_at	2026-04-02T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61124
published_at	2026-04-04T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61089
published_at	2026-04-07T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61138
published_at	2026-04-08T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61153
published_at	2026-04-09T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61174
published_at	2026-04-11T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.6116
published_at	2026-04-12T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61141
published_at	2026-04-13T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61182
published_at	2026-04-16T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61188
published_at	2026-04-18T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61169
published_at	2026-04-21T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61158
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-28242

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28242
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28242

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=974713
reference_id	974713
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=974713

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2020-28242

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tyh4-14zn-63ez

url VCID-v7ev-jtsg-cqdg

vulnerability_id VCID-v7ev-jtsg-cqdg

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

reference_id

reference_type

scores

value	0.00134
scoring_system	epss
scoring_elements	0.32972
published_at	2026-04-01T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33102
published_at	2026-04-02T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33135
published_at	2026-04-04T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.32965
published_at	2026-04-21T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33011
published_at	2026-04-08T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33041
published_at	2026-04-09T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33045
published_at	2026-04-11T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33006
published_at	2026-04-12T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.32981
published_at	2026-04-13T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33024
published_at	2026-04-16T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33002
published_at	2026-04-18T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.32818
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018073
reference_id	1018073
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018073

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2021-46837

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v7ev-jtsg-cqdg

url VCID-vwf4-v4ve-4yfh

vulnerability_id VCID-vwf4-v4ve-4yfh

summary Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-39244

reference_id

reference_type

scores

value	0.00325
scoring_system	epss
scoring_elements	0.55475
published_at	2026-04-02T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.555
published_at	2026-04-04T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55478
published_at	2026-04-07T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.5553
published_at	2026-04-09T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55539
published_at	2026-04-11T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55519
published_at	2026-04-12T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55502
published_at	2026-04-13T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55538
published_at	2026-04-16T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55542
published_at	2026-04-18T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.5552
published_at	2026-04-21T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55444
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-39244

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706

reference_url

https://github.com/pjsip/pjproject/commit/c4d34984ec92b3d5252a7d5cddd85a1d3a8001ae

reference_id

c4d34984ec92b3d5252a7d5cddd85a1d3a8001ae

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/

url

https://github.com/pjsip/pjproject/commit/c4d34984ec92b3d5252a7d5cddd85a1d3a8001ae

reference_url

reference_id

dsa-5358

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-fq45-m3f7-3mhj

reference_url

reference_id

GHSA-fq45-m3f7-3mhj

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-fq45-m3f7-3mhj

reference_url

reference_id

GLSA-202210-37

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/

url

https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html

reference_url

reference_id

msg00029.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/

url

https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_id

msg00038.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_url	https://usn.ubuntu.com/6422-1/
reference_id	USN-6422-1
reference_type
scores
url	https://usn.ubuntu.com/6422-1/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2022-39244

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vwf4-v4ve-4yfh

url VCID-w9ce-m3x8-n3ak

vulnerability_id VCID-w9ce-m3x8-n3ak

summary Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-24786

reference_id

reference_type

scores

value	0.00743
scoring_system	epss
scoring_elements	0.72929
published_at	2026-04-02T12:55:00Z

value	0.00743
scoring_system	epss
scoring_elements	0.72948
published_at	2026-04-04T12:55:00Z

value	0.00743
scoring_system	epss
scoring_elements	0.72925
published_at	2026-04-07T12:55:00Z

value	0.00743
scoring_system	epss
scoring_elements	0.72962
published_at	2026-04-08T12:55:00Z

value	0.00743
scoring_system	epss
scoring_elements	0.72975
published_at	2026-04-09T12:55:00Z

value	0.00743
scoring_system	epss
scoring_elements	0.73
published_at	2026-04-11T12:55:00Z

value	0.00743
scoring_system	epss
scoring_elements	0.7298
published_at	2026-04-12T12:55:00Z

value	0.00743
scoring_system	epss
scoring_elements	0.72973
published_at	2026-04-13T12:55:00Z

value	0.00743
scoring_system	epss
scoring_elements	0.73014
published_at	2026-04-16T12:55:00Z

value	0.00743
scoring_system	epss
scoring_elements	0.73024
published_at	2026-04-18T12:55:00Z

value	0.00743
scoring_system	epss
scoring_elements	0.73017
published_at	2026-04-21T12:55:00Z

value	0.00743
scoring_system	epss
scoring_elements	0.73056
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976
reference_id	1014976
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976

reference_url	https://security.gentoo.org/glsa/202210-37
reference_id	GLSA-202210-37
reference_type
scores
url	https://security.gentoo.org/glsa/202210-37

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2022-24786

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w9ce-m3x8-n3ak

url VCID-x2gp-mft6-1yhy

vulnerability_id VCID-x2gp-mft6-1yhy

summary An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chan_sip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to an outgoing T.38 re-invite. To exploit this vulnerability an attacker must cause the chan_sip module to send a T.38 re-invite request to them. Upon receipt, the attacker must send an SDP answer containing both a T.38 UDPTL stream and another media stream containing only a codec (which is not permitted according to the chan_sip configuration).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-13161

reference_id

reference_type

scores

value	0.02171
scoring_system	epss
scoring_elements	0.84257
published_at	2026-04-01T12:55:00Z

value	0.02171
scoring_system	epss
scoring_elements	0.84269
published_at	2026-04-02T12:55:00Z

value	0.02171
scoring_system	epss
scoring_elements	0.84287
published_at	2026-04-04T12:55:00Z

value	0.02171
scoring_system	epss
scoring_elements	0.84289
published_at	2026-04-07T12:55:00Z

value	0.02171
scoring_system	epss
scoring_elements	0.8431
published_at	2026-04-08T12:55:00Z

value	0.02171
scoring_system	epss
scoring_elements	0.84315
published_at	2026-04-09T12:55:00Z

value	0.02171
scoring_system	epss
scoring_elements	0.84334
published_at	2026-04-11T12:55:00Z

value	0.02171
scoring_system	epss
scoring_elements	0.84326
published_at	2026-04-12T12:55:00Z

value	0.02171
scoring_system	epss
scoring_elements	0.84323
published_at	2026-04-13T12:55:00Z

value	0.02171
scoring_system	epss
scoring_elements	0.84345
published_at	2026-04-18T12:55:00Z

value	0.02171
scoring_system	epss
scoring_elements	0.84348
published_at	2026-04-21T12:55:00Z

value	0.02171
scoring_system	epss
scoring_elements	0.84374
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-13161

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13161
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13161

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931981
reference_id	931981
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931981

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2019-13161

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x2gp-mft6-1yhy

url VCID-xbe4-uvqu-6kf7

vulnerability_id VCID-xbe4-uvqu-6kf7

summary Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-12827

reference_id

reference_type

scores

value	0.1959
scoring_system	epss
scoring_elements	0.95377
published_at	2026-04-01T12:55:00Z

value	0.1959
scoring_system	epss
scoring_elements	0.95386
published_at	2026-04-02T12:55:00Z

value	0.1959
scoring_system	epss
scoring_elements	0.95392
published_at	2026-04-04T12:55:00Z

value	0.1959
scoring_system	epss
scoring_elements	0.95397
published_at	2026-04-07T12:55:00Z

value	0.1959
scoring_system	epss
scoring_elements	0.95404
published_at	2026-04-08T12:55:00Z

value	0.1959
scoring_system	epss
scoring_elements	0.95406
published_at	2026-04-09T12:55:00Z

value	0.1959
scoring_system	epss
scoring_elements	0.95411
published_at	2026-04-12T12:55:00Z

value	0.1959
scoring_system	epss
scoring_elements	0.95413
published_at	2026-04-13T12:55:00Z

value	0.1959
scoring_system	epss
scoring_elements	0.95422
published_at	2026-04-16T12:55:00Z

value	0.1959
scoring_system	epss
scoring_elements	0.95425
published_at	2026-04-18T12:55:00Z

value	0.1959
scoring_system	epss
scoring_elements	0.95429
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-12827

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12827
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12827

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931980
reference_id	931980
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931980

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2019-12827

risk_score 0.1

exploitability 0.5

weighted_severity 0.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xbe4-uvqu-6kf7

url VCID-y6sx-xqsh-wbcg

vulnerability_id VCID-y6sx-xqsh-wbcg

summary Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-24764

reference_id

reference_type

scores

value	0.00942
scoring_system	epss
scoring_elements	0.76197
published_at	2026-04-02T12:55:00Z

value	0.00942
scoring_system	epss
scoring_elements	0.76229
published_at	2026-04-04T12:55:00Z

value	0.00942
scoring_system	epss
scoring_elements	0.76209
published_at	2026-04-07T12:55:00Z

value	0.00942
scoring_system	epss
scoring_elements	0.76241
published_at	2026-04-08T12:55:00Z

value	0.00942
scoring_system	epss
scoring_elements	0.76254
published_at	2026-04-13T12:55:00Z

value	0.00942
scoring_system	epss
scoring_elements	0.76281
published_at	2026-04-11T12:55:00Z

value	0.00942
scoring_system	epss
scoring_elements	0.76258
published_at	2026-04-12T12:55:00Z

value	0.00942
scoring_system	epss
scoring_elements	0.76295
published_at	2026-04-16T12:55:00Z

value	0.00942
scoring_system	epss
scoring_elements	0.76299
published_at	2026-04-18T12:55:00Z

value	0.00942
scoring_system	epss
scoring_elements	0.76283
published_at	2026-04-21T12:55:00Z

value	0.00942
scoring_system	epss
scoring_elements	0.7632
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976
reference_id	1014976
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998
reference_id	1014998
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998

reference_url

https://github.com/pjsip/pjproject/commit/560a1346f87aabe126509bb24930106dea292b00

reference_id

560a1346f87aabe126509bb24930106dea292b00

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:28Z/

url

https://github.com/pjsip/pjproject/commit/560a1346f87aabe126509bb24930106dea292b00

reference_url

reference_id

dsa-5285

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:28Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-f5qg-pqcg-765m

reference_url

reference_id

GHSA-f5qg-pqcg-765m

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:28Z/

url

https://github.com/pjsip/pjproject/security/advisories/GHSA-f5qg-pqcg-765m

reference_url

reference_id

GLSA-202210-37

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:28Z/

url

https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html

reference_url

reference_id

msg00021.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:28Z/

url

https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html

reference_url

https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html

reference_id

msg00035.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:28Z/

url

https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_id

msg00038.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:28Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html

reference_url	https://usn.ubuntu.com/6422-1/
reference_id	USN-6422-1
reference_type
scores
url	https://usn.ubuntu.com/6422-1/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2022-24764

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y6sx-xqsh-wbcg

url VCID-yx1m-ayfg-ryc3

vulnerability_id VCID-yx1m-ayfg-ryc3

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43300

reference_id

reference_type

scores

value	0.00406
scoring_system	epss
scoring_elements	0.61133
published_at	2026-04-18T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61127
published_at	2026-04-16T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61105
published_at	2026-04-24T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61116
published_at	2026-04-21T12:55:00Z

value	0.00482
scoring_system	epss
scoring_elements	0.65068
published_at	2026-04-01T12:55:00Z

value	0.00482
scoring_system	epss
scoring_elements	0.65118
published_at	2026-04-02T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68284
published_at	2026-04-11T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68272
published_at	2026-04-12T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68238
published_at	2026-04-13T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68259
published_at	2026-04-09T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68244
published_at	2026-04-08T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68193
published_at	2026-04-07T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68217
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998
reference_id	1014998
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998

reference_url	https://usn.ubuntu.com/6422-1/
reference_id	USN-6422-1
reference_type
scores
url	https://usn.ubuntu.com/6422-1/

reference_url	https://usn.ubuntu.com/8122-1/
reference_id	USN-8122-1
reference_type
scores
url	https://usn.ubuntu.com/8122-1/

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2021-43300

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yx1m-ayfg-ryc3

url VCID-z3fq-m317-ckb8

vulnerability_id VCID-z3fq-m317-ckb8

summary Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-26651

reference_id

reference_type

scores

value	0.00436
scoring_system	epss
scoring_elements	0.62891
published_at	2026-04-02T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62921
published_at	2026-04-04T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62885
published_at	2026-04-07T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62936
published_at	2026-04-13T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62952
published_at	2026-04-09T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.6297
published_at	2026-04-11T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62958
published_at	2026-04-12T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62977
published_at	2026-04-16T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71727
published_at	2026-04-18T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71709
published_at	2026-04-21T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71758
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-26651

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

reference_url	https://security.gentoo.org/glsa/202412-03
reference_id	GLSA-202412-03
reference_type
scores
url	https://security.gentoo.org/glsa/202412-03

fixed_packages

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qxc-4xk5-2feu

vulnerability	VCID-2qjc-yspn-xydj

vulnerability	VCID-43ff-97jw-hkce

vulnerability	VCID-55vv-7jsj-xqeh

vulnerability	VCID-63fe-saga-13ct

vulnerability	VCID-8kjy-xtm2-bqan

vulnerability	VCID-9u4p-wdky-a3h1

vulnerability	VCID-bk8r-brkr-bqc6

vulnerability	VCID-bknu-abgc-bugw

vulnerability	VCID-gy3u-c6dc-sbbn

vulnerability	VCID-phb4-xaj7-byg2

vulnerability	VCID-pmte-bc34-pfcv

vulnerability	VCID-qcqe-63ev-f7gv

vulnerability	VCID-u91b-9huy-43hn

vulnerability	VCID-ytty-tbs1-ffc7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3

aliases CVE-2022-26651

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z3fq-m317-ckb8

url VCID-zabf-adce-sqde

vulnerability_id VCID-zabf-adce-sqde

summary Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-42705

reference_id

reference_type

scores

value	0.01567
scoring_system	epss
scoring_elements	0.81575
published_at	2026-04-24T12:55:00Z

value	0.01567
scoring_system	epss
scoring_elements	0.81533
published_at	2026-04-11T12:55:00Z

value	0.01567
scoring_system	epss
scoring_elements	0.8152
published_at	2026-04-12T12:55:00Z

value	0.01567
scoring_system	epss
scoring_elements	0.8155
published_at	2026-04-16T12:55:00Z

value	0.01567
scoring_system	epss
scoring_elements	0.81551
published_at	2026-04-18T12:55:00Z

value	0.01567
scoring_system	epss
scoring_elements	0.81553
published_at	2026-04-21T12:55:00Z

value	0.01567
scoring_system	epss
scoring_elements	0.8146
published_at	2026-04-02T12:55:00Z

value	0.01567
scoring_system	epss
scoring_elements	0.81482
published_at	2026-04-04T12:55:00Z

value	0.01567
scoring_system	epss
scoring_elements	0.81479
published_at	2026-04-07T12:55:00Z

value	0.01567
scoring_system	epss
scoring_elements	0.81507
published_at	2026-04-08T12:55:00Z

value	0.01567
scoring_system	epss
scoring_elements	0.81513
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-42705

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706

reference_url

https://downloads.asterisk.org/pub/security/AST-2022-008.html

reference_id

AST-2022-008.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:25:02Z/

url

https://downloads.asterisk.org/pub/security/AST-2022-008.html

reference_url

reference_id

dsa-5358

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:25:02Z/

url