Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/asterisk@1:13.1.0~dfsg-1.1?distro=sid

Type deb

Namespace debian

Name asterisk

Version 1:13.1.0~dfsg-1.1

Qualifiers

distro	sid

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1:13.7.2~dfsg-1

Latest_non_vulnerable_version 1:22.9.0+dfsg+~cs6.16.60671434-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-ebcm-kjvz-73cz

vulnerability_id VCID-ebcm-kjvz-73cz

summary Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when using the PJSIP channel driver, does not properly reclaim RTP ports, which allows remote authenticated users to cause a denial of service (file descriptor consumption) via an SDP offer containing only incompatible codecs.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-1558

reference_id

reference_type

scores

value	0.17453
scoring_system	epss
scoring_elements	0.95042
published_at	2026-04-01T12:55:00Z

value	0.17453
scoring_system	epss
scoring_elements	0.95053
published_at	2026-04-04T12:55:00Z

value	0.17453
scoring_system	epss
scoring_elements	0.95055
published_at	2026-04-07T12:55:00Z

value	0.17453
scoring_system	epss
scoring_elements	0.95063
published_at	2026-04-08T12:55:00Z

value	0.17453
scoring_system	epss
scoring_elements	0.95066
published_at	2026-04-09T12:55:00Z

value	0.17453
scoring_system	epss
scoring_elements	0.95071
published_at	2026-04-11T12:55:00Z

value	0.17453
scoring_system	epss
scoring_elements	0.95072
published_at	2026-04-12T12:55:00Z

value	0.17453
scoring_system	epss
scoring_elements	0.95075
published_at	2026-04-13T12:55:00Z

value	0.17453
scoring_system	epss
scoring_elements	0.95084
published_at	2026-04-16T12:55:00Z

value	0.17453
scoring_system	epss
scoring_elements	0.95087
published_at	2026-04-18T12:55:00Z

value	0.17453
scoring_system	epss
scoring_elements	0.95089
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-1558

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1558
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1558

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780601
reference_id	780601
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780601

fixed_packages

url	pkg:deb/debian/asterisk@1:13.1.0~dfsg-1.1?distro=sid
purl	pkg:deb/debian/asterisk@1:13.1.0~dfsg-1.1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:13.1.0~dfsg-1.1%3Fdistro=sid

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4?distro=sid

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4?distro=sid

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-r54j-ydjm-4uca

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u4%3Fdistro=sid

url	pkg:deb/debian/asterisk@1:22.8.2%2Bdfsg%2B~cs6.15.60671435-1?distro=sid
purl	pkg:deb/debian/asterisk@1:22.8.2%2Bdfsg%2B~cs6.15.60671435-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.8.2%252Bdfsg%252B~cs6.15.60671435-1%3Fdistro=sid

url	pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1?distro=sid
purl	pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1%3Fdistro=sid

aliases CVE-2015-1558

risk_score 0.1

exploitability 0.5

weighted_severity 0.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ebcm-kjvz-73cz

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:13.1.0~dfsg-1.1%3Fdistro=sid

Package Instance