Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-mmng-tcuj-wkhu

Summary An issue was discovered in Asterisk Open Source 15.x before 15.4.1. When connected to Asterisk via TCP/TLS, if the client abruptly disconnects, or sends a specially crafted message, then Asterisk gets caught in an infinite loop while trying to read the data stream. This renders the system unusable.

Aliases

alias	CVE-2018-12228

Fixed_packages

url	pkg:deb/debian/asterisk@0?distro=sid
purl	pkg:deb/debian/asterisk@0?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@0%3Fdistro=sid

url pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4?distro=sid

purl pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4?distro=sid

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-r54j-ydjm-4uca

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u4%3Fdistro=sid

url	pkg:deb/debian/asterisk@1:22.8.2%2Bdfsg%2B~cs6.15.60671435-1?distro=sid
purl	pkg:deb/debian/asterisk@1:22.8.2%2Bdfsg%2B~cs6.15.60671435-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.8.2%252Bdfsg%252B~cs6.15.60671435-1%3Fdistro=sid

url	pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1?distro=sid
purl	pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1%3Fdistro=sid

Affected_packages

References

reference_url	http://downloads.asterisk.org/pub/security/AST-2018-007.html
reference_id
reference_type
scores
url	http://downloads.asterisk.org/pub/security/AST-2018-007.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12228

reference_id

reference_type

scores

value	0.00422
scoring_system	epss
scoring_elements	0.62129
published_at	2026-04-16T12:55:00Z

value	0.00422
scoring_system	epss
scoring_elements	0.62085
published_at	2026-04-13T12:55:00Z

value	0.00422
scoring_system	epss
scoring_elements	0.61958
published_at	2026-04-01T12:55:00Z

value	0.00422
scoring_system	epss
scoring_elements	0.62029
published_at	2026-04-02T12:55:00Z

value	0.00422
scoring_system	epss
scoring_elements	0.6206
published_at	2026-04-04T12:55:00Z

value	0.00422
scoring_system	epss
scoring_elements	0.6203
published_at	2026-04-07T12:55:00Z

value	0.00422
scoring_system	epss
scoring_elements	0.6208
published_at	2026-04-08T12:55:00Z

value	0.00422
scoring_system	epss
scoring_elements	0.62097
published_at	2026-04-09T12:55:00Z

value	0.00422
scoring_system	epss
scoring_elements	0.62117
published_at	2026-04-11T12:55:00Z

value	0.00422
scoring_system	epss
scoring_elements	0.62106
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12228

reference_url	https://issues.asterisk.org/jira/browse/ASTERISK-27807
reference_id
reference_type
scores
url	https://issues.asterisk.org/jira/browse/ASTERISK-27807

reference_url	http://www.securityfocus.com/bid/104457
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104457

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sangoma:asterisk::::::::
reference_id	cpe:2.3:a:sangoma:asterisk::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sangoma:asterisk::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-12228

reference_id

CVE-2018-12228

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:N/I:N/A:C

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-12228

Weaknesses

cwe_id	835
name	Loop with Unreachable Exit Condition ('Infinite Loop')
description	The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Exploits

Severity_range_score 6.5 - 6.8

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mmng-tcuj-wkhu

Vulnerability Instance