Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/asterisk@1:1.6.2.6-1?distro=sid
Typedeb
Namespacedebian
Nameasterisk
Version1:1.6.2.6-1
Qualifiers
distro sid
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1:1.6.2.9-2+squeeze1
Latest_non_vulnerable_version1:22.9.0+dfsg+~cs6.16.60671434-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-986n-21m7-fuc8
vulnerability_id VCID-986n-21m7-fuc8
summary main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x before 1.6.1.17, and 1.6.2.x before 1.6.2.5 does not properly enforce remote host access controls when CIDR notation "/0" is used in permit= and deny= configuration rules, which causes an improper arithmetic shift and might allow remote attackers to bypass ACL rules and access services from unauthorized hosts.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-1224
reference_id
reference_type
scores
0
value 0.01
scoring_system epss
scoring_elements 0.76925
published_at 2026-04-01T12:55:00Z
1
value 0.01
scoring_system epss
scoring_elements 0.76931
published_at 2026-04-02T12:55:00Z
2
value 0.01
scoring_system epss
scoring_elements 0.76961
published_at 2026-04-04T12:55:00Z
3
value 0.01
scoring_system epss
scoring_elements 0.76943
published_at 2026-04-07T12:55:00Z
4
value 0.01
scoring_system epss
scoring_elements 0.76975
published_at 2026-04-08T12:55:00Z
5
value 0.01
scoring_system epss
scoring_elements 0.76986
published_at 2026-04-09T12:55:00Z
6
value 0.01
scoring_system epss
scoring_elements 0.77013
published_at 2026-04-11T12:55:00Z
7
value 0.01
scoring_system epss
scoring_elements 0.76992
published_at 2026-04-12T12:55:00Z
8
value 0.01
scoring_system epss
scoring_elements 0.76987
published_at 2026-04-13T12:55:00Z
9
value 0.01
scoring_system epss
scoring_elements 0.77028
published_at 2026-04-16T12:55:00Z
10
value 0.01
scoring_system epss
scoring_elements 0.77031
published_at 2026-04-18T12:55:00Z
11
value 0.01
scoring_system epss
scoring_elements 0.77024
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-1224
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1224
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1224
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576560
reference_id 576560
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576560
fixed_packages
0
url pkg:deb/debian/asterisk@1:1.6.2.6-1?distro=sid
purl pkg:deb/debian/asterisk@1:1.6.2.6-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:1.6.2.6-1%3Fdistro=sid
1
url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4?distro=sid
purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r54j-ydjm-4uca
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u4%3Fdistro=sid
2
url pkg:deb/debian/asterisk@1:22.8.2%2Bdfsg%2B~cs6.15.60671435-1?distro=sid
purl pkg:deb/debian/asterisk@1:22.8.2%2Bdfsg%2B~cs6.15.60671435-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.8.2%252Bdfsg%252B~cs6.15.60671435-1%3Fdistro=sid
3
url pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1?distro=sid
purl pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1%3Fdistro=sid
aliases CVE-2010-1224
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-986n-21m7-fuc8
1
url VCID-ennr-ek9z-a7db
vulnerability_id VCID-ennr-ek9z-a7db
summary The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the ${EXTEN} channel variable and wildcard pattern matches, allows context-dependent attackers to inject strings into the dialplan using metacharacters that are injected when the variable is expanded, as demonstrated using the Dial application to process a crafted SIP INVITE message that adds an unintended outgoing channel leg. NOTE: it could be argued that this is not a vulnerability in Asterisk, but a class of vulnerabilities that can occur in any program that uses this feature without the associated filtering functionality that is already available.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-0685
reference_id
reference_type
scores
0
value 0.0008
scoring_system epss
scoring_elements 0.23726
published_at 2026-04-01T12:55:00Z
1
value 0.0008
scoring_system epss
scoring_elements 0.23844
published_at 2026-04-02T12:55:00Z
2
value 0.0008
scoring_system epss
scoring_elements 0.23884
published_at 2026-04-04T12:55:00Z
3
value 0.0008
scoring_system epss
scoring_elements 0.23672
published_at 2026-04-07T12:55:00Z
4
value 0.0008
scoring_system epss
scoring_elements 0.23742
published_at 2026-04-08T12:55:00Z
5
value 0.0008
scoring_system epss
scoring_elements 0.23788
published_at 2026-04-09T12:55:00Z
6
value 0.0008
scoring_system epss
scoring_elements 0.23803
published_at 2026-04-11T12:55:00Z
7
value 0.0008
scoring_system epss
scoring_elements 0.23759
published_at 2026-04-12T12:55:00Z
8
value 0.0008
scoring_system epss
scoring_elements 0.23703
published_at 2026-04-18T12:55:00Z
9
value 0.0008
scoring_system epss
scoring_elements 0.23714
published_at 2026-04-16T12:55:00Z
10
value 0.0008
scoring_system epss
scoring_elements 0.23682
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-0685
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0685
fixed_packages
0
url pkg:deb/debian/asterisk@1:1.6.2.6-1?distro=sid
purl pkg:deb/debian/asterisk@1:1.6.2.6-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:1.6.2.6-1%3Fdistro=sid
1
url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4?distro=sid
purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-r54j-ydjm-4uca
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u4%3Fdistro=sid
2
url pkg:deb/debian/asterisk@1:22.8.2%2Bdfsg%2B~cs6.15.60671435-1?distro=sid
purl pkg:deb/debian/asterisk@1:22.8.2%2Bdfsg%2B~cs6.15.60671435-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.8.2%252Bdfsg%252B~cs6.15.60671435-1%3Fdistro=sid
3
url pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1?distro=sid
purl pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1%3Fdistro=sid
aliases CVE-2010-0685
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ennr-ek9z-a7db
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:1.6.2.6-1%3Fdistro=sid