{"url":"http://public2.vulnerablecode.io/api/packages/1079855?format=json","purl":"pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%2Bdeb10u2","type":"deb","namespace":"debian","name":"asterisk","version":"1:16.2.1~dfsg-1+deb10u2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1:22.9.0+dfsg+~cs6.16.60671434-1","latest_non_vulnerable_version":"1:22.9.0+dfsg+~cs6.16.60671434-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41179?format=json","vulnerability_id":"VCID-19pf-yqxu-4ua8","summary":"Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.24.3, 20.9.3, and 21.4.3 of Asterisk and versions 18.9-cert12 and 20.7-cert2 of certified-asterisk, if Asterisk attempts to send a SIP request to a URI whose host portion starts with `.1` or `[.1]`, and res_resolver_unbound is loaded, Asterisk will crash with a SEGV. To receive a patch, users should upgrade to one of the following versions: 18.24.3, 20.9.3, 21.4.3, certified-18.9-cert12, certified-20.7-cert2. Two workarounds are available. Disable res_resolver_unbound by setting `noload = res_resolver_unbound.so` in modules.conf, or set `rewrite_contact = yes` on all PJSIP endpoints. NOTE: This may not be appropriate for all Asterisk configurations.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-42491","reference_id":"","reference_type":"","scores":[{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.76963","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.7704","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.77047","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00963","scoring_system":"epss","scoring_elements":"0.77034","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-42491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42491"},{"reference_url":"https://github.com/asterisk/asterisk/commit/42a2f4ccfa2c7062a15063e765916b3332e34cc4","reference_id":"42a2f4ccfa2c7062a15063e765916b3332e34cc4","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T18:48:24Z/"}],"url":"https://github.com/asterisk/asterisk/commit/42a2f4ccfa2c7062a15063e765916b3332e34cc4"},{"reference_url":"https://github.com/asterisk/asterisk/commit/4f01669c7c41c9184f3cce9a3cf1b2ebf6201742","reference_id":"4f01669c7c41c9184f3cce9a3cf1b2ebf6201742","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T18:48:24Z/"}],"url":"https://github.com/asterisk/asterisk/commit/4f01669c7c41c9184f3cce9a3cf1b2ebf6201742"},{"reference_url":"https://github.com/asterisk/asterisk/commit/50bf8d4d3064930d28ecf1ce3397b14574d514d2","reference_id":"50bf8d4d3064930d28ecf1ce3397b14574d514d2","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T18:48:24Z/"}],"url":"https://github.com/asterisk/asterisk/commit/50bf8d4d3064930d28ecf1ce3397b14574d514d2"},{"reference_url":"https://github.com/asterisk/asterisk/commit/7a0090325bfa9d778a39ae5f7d0a98109e4651c8","reference_id":"7a0090325bfa9d778a39ae5f7d0a98109e4651c8","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T18:48:24Z/"}],"url":"https://github.com/asterisk/asterisk/commit/7a0090325bfa9d778a39ae5f7d0a98109e4651c8"},{"reference_url":"https://github.com/asterisk/asterisk/commit/a15050650abf09c10a3c135fab148220cd41d3a0","reference_id":"a15050650abf09c10a3c135fab148220cd41d3a0","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T18:48:24Z/"}],"url":"https://github.com/asterisk/asterisk/commit/a15050650abf09c10a3c135fab148220cd41d3a0"},{"reference_url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-v428-g3cw-7hv9","reference_id":"GHSA-v428-g3cw-7hv9","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T18:48:24Z/"}],"url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-v428-g3cw-7hv9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075646?format=json","purl":"pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1"}],"aliases":["CVE-2024-42491"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-19pf-yqxu-4ua8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/166582?format=json","vulnerability_id":"VCID-26cq-wj3k-fqb9","summary":"An issue was discovered in Sangoma Asterisk through 16.28, 17 and 18 through 18.14, 19 through 19.6, and certified through 18.9-cert1. GetConfig, via Asterisk Manager Interface, allows a connected application to access files outside of the asterisk configuration directory, aka Directory Traversal.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42706","reference_id":"","reference_type":"","scores":[{"value":"0.0081","scoring_system":"epss","scoring_elements":"0.74664","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0081","scoring_system":"epss","scoring_elements":"0.74745","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0081","scoring_system":"epss","scoring_elements":"0.74748","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0081","scoring_system":"epss","scoring_elements":"0.74735","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706"},{"reference_url":"https://downloads.asterisk.org/pub/security/AST-2022-009.html","reference_id":"AST-2022-009.html","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:23:22Z/"}],"url":"https://downloads.asterisk.org/pub/security/AST-2022-009.html"},{"reference_url":"https://www.debian.org/security/2023/dsa-5358","reference_id":"dsa-5358","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:23:22Z/"}],"url":"https://www.debian.org/security/2023/dsa-5358"},{"reference_url":"https://security.gentoo.org/glsa/202412-03","reference_id":"GLSA-202412-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-03"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html","reference_id":"msg00029.html","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:23:22Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-42706"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-26cq-wj3k-fqb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/164013?format=json","vulnerability_id":"VCID-285z-mgz1-q7cd","summary":"PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as a commit in the master branch (2.13.1).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23537","reference_id":"","reference_type":"","scores":[{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62481","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62589","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62595","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00422","scoring_system":"epss","scoring_elements":"0.62582","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032092","reference_id":"1032092","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032092"},{"reference_url":"https://github.com/pjsip/pjproject/commit/d8440f4d711a654b511f50f79c0445b26f9dd1e1","reference_id":"d8440f4d711a654b511f50f79c0445b26f9dd1e1","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:52:00Z/"}],"url":"https://github.com/pjsip/pjproject/commit/d8440f4d711a654b511f50f79c0445b26f9dd1e1"},{"reference_url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-9pfh-r8x4-w26w","reference_id":"GHSA-9pfh-r8x4-w26w","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:52:00Z/"}],"url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-9pfh-r8x4-w26w"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html","reference_id":"msg00038.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:52:00Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-23537"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-285z-mgz1-q7cd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175996?format=json","vulnerability_id":"VCID-3azv-xr5c-ckcf","summary":"Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43845","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52366","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52494","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52507","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.5249","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998","reference_id":"1014998","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2021-43845"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3azv-xr5c-ckcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175995?format=json","vulnerability_id":"VCID-41pk-9azt-hqdx","summary":"Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43804","reference_id":"","reference_type":"","scores":[{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53748","published_at":"2026-06-11T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53874","published_at":"2026-06-12T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53891","published_at":"2026-06-13T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53877","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998","reference_id":"1014998","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2021-43804"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-41pk-9azt-hqdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175999?format=json","vulnerability_id":"VCID-4ty4-xrdd-2kee","summary":"Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39269","reference_id":"","reference_type":"","scores":[{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.37981","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38157","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38183","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.3817","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032092","reference_id":"1032092","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032092"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-39269"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ty4-xrdd-2kee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/173353?format=json","vulnerability_id":"VCID-546z-qwur-13h1","summary":"PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.12 and prior affects applications that use PJSIP DNS resolution. It doesn't affect PJSIP users who utilize an external resolver. This vulnerability is related to CVE-2023-27585. The difference is that this issue is in parsing the query record `parse_rr()`, while the issue in CVE-2023-27585 is in `parse_query()`. A patch is available in the `master` branch of the `pjsip/pjproject` GitHub repository. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver instead.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24793","reference_id":"","reference_type":"","scores":[{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.65227","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.65229","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.65218","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.65118","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976","reference_id":"1014976","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998","reference_id":"1014998","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998"},{"reference_url":"https://security.gentoo.org/glsa/202210-37","reference_id":"202210-37","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/"}],"url":"https://security.gentoo.org/glsa/202210-37"},{"reference_url":"https://github.com/pjsip/pjproject/commit/9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a","reference_id":"9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/"}],"url":"https://github.com/pjsip/pjproject/commit/9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a"},{"reference_url":"https://www.debian.org/security/2022/dsa-5285","reference_id":"dsa-5285","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/"}],"url":"https://www.debian.org/security/2022/dsa-5285"},{"reference_url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4","reference_id":"GHSA-p6g5-v97c-w5q4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/"}],"url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html","reference_id":"msg00021.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html","reference_id":"msg00038.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00047.html","reference_id":"msg00047.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:00Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00047.html"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-24793"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-546z-qwur-13h1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206930?format=json","vulnerability_id":"VCID-591f-657m-77d7","summary":"res_pjsip_t38 in Sangoma Asterisk 15.x before 15.7.4 and 16.x before 16.5.1 allows an attacker to trigger a crash by sending a declined stream in a response to a T.38 re-invite initiated by Asterisk. The crash occurs because of a NULL session media object dereference.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15297","reference_id":"","reference_type":"","scores":[{"value":"0.02861","scoring_system":"epss","scoring_elements":"0.86566","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02861","scoring_system":"epss","scoring_elements":"0.86616","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02861","scoring_system":"epss","scoring_elements":"0.86626","published_at":"2026-06-13T12:55:00Z"},{"value":"0.02861","scoring_system":"epss","scoring_elements":"0.86623","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15297"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940060","reference_id":"940060","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940060"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2019-15297"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-591f-657m-77d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/179038?format=json","vulnerability_id":"VCID-5sjg-t3ja-57be","summary":"Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26498","reference_id":"","reference_type":"","scores":[{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.7754","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77609","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77623","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01011","scoring_system":"epss","scoring_elements":"0.77615","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://security.gentoo.org/glsa/202412-03","reference_id":"GLSA-202412-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-26498"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5sjg-t3ja-57be"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207060?format=json","vulnerability_id":"VCID-62p4-jvnj-8kfc","summary":"An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x before 13.29.2, 16.x before 16.6.2, and 17.x before 17.0.1, and Certified Asterisk 13.21 before cert5. A SIP request can be sent to Asterisk that can change a SIP peer's IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peer's name; authentication details such as passwords do not need to be known. This vulnerability is only exploitable when the nat option is set to the default, or auto_force_rport.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18790","reference_id":"","reference_type":"","scores":[{"value":"0.07372","scoring_system":"epss","scoring_elements":"0.91905","published_at":"2026-06-11T12:55:00Z"},{"value":"0.07372","scoring_system":"epss","scoring_elements":"0.91932","published_at":"2026-06-12T12:55:00Z"},{"value":"0.07372","scoring_system":"epss","scoring_elements":"0.9194","published_at":"2026-06-13T12:55:00Z"},{"value":"0.07372","scoring_system":"epss","scoring_elements":"0.91937","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18790"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947381","reference_id":"947381","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947381"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2019-18790"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-62p4-jvnj-8kfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/169856?format=json","vulnerability_id":"VCID-6443-b986-kfb6","summary":"PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a malformed multipart can potentially cause out-of-bound read access. This issue affects all PJSIP users that accept SIP multipart. The patch is available as commit in the `master` branch. There are no known workarounds.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21723","reference_id":"","reference_type":"","scores":[{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.6495","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.65059","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.65061","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.6505","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://github.com/pjsip/pjproject/commit/077b465c33f0aec05a49cd2ca456f9a1b112e896","reference_id":"077b465c33f0aec05a49cd2ca456f9a1b112e896","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/"}],"url":"https://github.com/pjsip/pjproject/commit/077b465c33f0aec05a49cd2ca456f9a1b112e896"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998","reference_id":"1014998","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Mar/2","reference_id":"2","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Mar/2"},{"reference_url":"https://security.gentoo.org/glsa/202210-37","reference_id":"202210-37","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/"}],"url":"https://security.gentoo.org/glsa/202210-37"},{"reference_url":"http://packetstormsecurity.com/files/166227/Asterisk-Project-Security-Advisory-AST-2022-006.html","reference_id":"Asterisk-Project-Security-Advisory-AST-2022-006.html","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/"}],"url":"http://packetstormsecurity.com/files/166227/Asterisk-Project-Security-Advisory-AST-2022-006.html"},{"reference_url":"https://www.debian.org/security/2022/dsa-5285","reference_id":"dsa-5285","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/"}],"url":"https://www.debian.org/security/2022/dsa-5285"},{"reference_url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-7fw8-54cv-r7pm","reference_id":"GHSA-7fw8-54cv-r7pm","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/"}],"url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-7fw8-54cv-r7pm"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html","reference_id":"msg00021.html","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html","reference_id":"msg00035.html","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html","reference_id":"msg00038.html","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:51Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-21723"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6443-b986-kfb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/179037?format=json","vulnerability_id":"VCID-6be8-mh9n-abhd","summary":"Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32558","reference_id":"","reference_type":"","scores":[{"value":"0.02875","scoring_system":"epss","scoring_elements":"0.86593","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02875","scoring_system":"epss","scoring_elements":"0.86642","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02875","scoring_system":"epss","scoring_elements":"0.86652","published_at":"2026-06-13T12:55:00Z"},{"value":"0.02875","scoring_system":"epss","scoring_elements":"0.86649","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32558"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32558","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32558"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32686"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991710","reference_id":"991710","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991710"},{"reference_url":"https://security.gentoo.org/glsa/202412-03","reference_id":"GLSA-202412-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2021-32558"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6be8-mh9n-abhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40939?format=json","vulnerability_id":"VCID-6uaq-9f5x-pyff","summary":"Asterisk is an open source private branch exchange (PBX) and telephony toolkit. Prior to asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an AMI user with `write=originate` may change all configuration files in the `/etc/asterisk/` directory. This occurs because they are able to curl remote files and write them to disk, but are also able to append to existing files using the `FILE` function inside the `SET` application. This issue may result in privilege escalation, remote code execution and/or blind server-side request forgery with arbitrary protocol. Asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2 contain a fix for this issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-42365","reference_id":"","reference_type":"","scores":[{"value":"0.3195","scoring_system":"epss","scoring_elements":"0.96939","published_at":"2026-06-12T12:55:00Z"},{"value":"0.3195","scoring_system":"epss","scoring_elements":"0.96943","published_at":"2026-06-14T12:55:00Z"},{"value":"0.3195","scoring_system":"epss","scoring_elements":"0.96929","published_at":"2026-06-11T12:55:00Z"},{"value":"0.3195","scoring_system":"epss","scoring_elements":"0.96942","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-42365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42365"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078574","reference_id":"1078574","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078574"},{"reference_url":"https://github.com/asterisk/asterisk/commit/42a2f4ccfa2c7062a15063e765916b3332e34cc4","reference_id":"42a2f4ccfa2c7062a15063e765916b3332e34cc4","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T16:38:45Z/"}],"url":"https://github.com/asterisk/asterisk/commit/42a2f4ccfa2c7062a15063e765916b3332e34cc4"},{"reference_url":"https://github.com/asterisk/asterisk/commit/7a0090325bfa9d778a39ae5f7d0a98109e4651c8","reference_id":"7a0090325bfa9d778a39ae5f7d0a98109e4651c8","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T16:38:45Z/"}],"url":"https://github.com/asterisk/asterisk/commit/7a0090325bfa9d778a39ae5f7d0a98109e4651c8"},{"reference_url":"https://github.com/asterisk/asterisk/commit/b4063bf756272254b160b6d1bd6e9a3f8e16cc71","reference_id":"b4063bf756272254b160b6d1bd6e9a3f8e16cc71","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T16:38:45Z/"}],"url":"https://github.com/asterisk/asterisk/commit/b4063bf756272254b160b6d1bd6e9a3f8e16cc71"},{"reference_url":"https://github.com/asterisk/asterisk/commit/bbe68db10ab8a80c29db383e4dfe14f6eafaf993","reference_id":"bbe68db10ab8a80c29db383e4dfe14f6eafaf993","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T16:38:45Z/"}],"url":"https://github.com/asterisk/asterisk/commit/bbe68db10ab8a80c29db383e4dfe14f6eafaf993"},{"reference_url":"https://github.com/asterisk/asterisk/commit/faddd99f2b9408b524e5eb8a01589fe1fa282df2","reference_id":"faddd99f2b9408b524e5eb8a01589fe1fa282df2","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T16:38:45Z/"}],"url":"https://github.com/asterisk/asterisk/commit/faddd99f2b9408b524e5eb8a01589fe1fa282df2"},{"reference_url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-c4cg-9275-6w44","reference_id":"GHSA-c4cg-9275-6w44","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T16:38:45Z/"}],"url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-c4cg-9275-6w44"},{"reference_url":"https://github.com/asterisk/asterisk/blob/14367caaf7241df1eceea7c45c5b261989c2c6db/main/manager.c#L6426","reference_id":"manager.c#L6426","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T16:38:45Z/"}],"url":"https://github.com/asterisk/asterisk/blob/14367caaf7241df1eceea7c45c5b261989c2c6db/main/manager.c#L6426"},{"reference_url":"https://github.com/asterisk/asterisk/blob/7d28165cb1b2d02d66e8693bd3fe23ee72fc55d8/main/manager.c#L6426","reference_id":"manager.c#L6426","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T16:38:45Z/"}],"url":"https://github.com/asterisk/asterisk/blob/7d28165cb1b2d02d66e8693bd3fe23ee72fc55d8/main/manager.c#L6426"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075646?format=json","purl":"pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1"}],"aliases":["CVE-2024-42365"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6uaq-9f5x-pyff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207980?format=json","vulnerability_id":"VCID-7ah9-w27g-ckg6","summary":"An issue was discovered in res_pjsip_diversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. A crash can occur when a SIP message is received with a History-Info header that contains a tel-uri, or when a SIP 181 response is received that contains a tel-uri in the Diversion header.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35652","reference_id":"","reference_type":"","scores":[{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36692","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36871","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36899","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36885","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35652"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979372","reference_id":"979372","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979372"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2020-35652"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7ah9-w27g-ckg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208866?format=json","vulnerability_id":"VCID-82hr-cs3x-fqg9","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43302","reference_id":"","reference_type":"","scores":[{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55522","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55642","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55656","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55643","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998","reference_id":"1014998","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"},{"reference_url":"https://usn.ubuntu.com/8122-1/","reference_id":"USN-8122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2021-43302"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-82hr-cs3x-fqg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206787?format=json","vulnerability_id":"VCID-966j-625d-6fa9","summary":"An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chan_sip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to an outgoing T.38 re-invite. To exploit this vulnerability an attacker must cause the chan_sip module to send a T.38 re-invite request to them. Upon receipt, the attacker must send an SDP answer containing both a T.38 UDPTL stream and another media stream containing only a codec (which is not permitted according to the chan_sip configuration).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13161","reference_id":"","reference_type":"","scores":[{"value":"0.02222","scoring_system":"epss","scoring_elements":"0.84914","published_at":"2026-06-14T12:55:00Z"},{"value":"0.02222","scoring_system":"epss","scoring_elements":"0.84922","published_at":"2026-06-13T12:55:00Z"},{"value":"0.02307","scoring_system":"epss","scoring_elements":"0.85105","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13161"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931981","reference_id":"931981","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931981"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2019-13161"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-966j-625d-6fa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/179039?format=json","vulnerability_id":"VCID-a151-bk88-hfhq","summary":"Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26499","reference_id":"","reference_type":"","scores":[{"value":"0.01464","scoring_system":"epss","scoring_elements":"0.813","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01464","scoring_system":"epss","scoring_elements":"0.8136","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01464","scoring_system":"epss","scoring_elements":"0.81368","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://security.gentoo.org/glsa/202412-03","reference_id":"GLSA-202412-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-26499"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a151-bk88-hfhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/179034?format=json","vulnerability_id":"VCID-aas9-5n54-c7cn","summary":"Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-26717","reference_id":"","reference_type":"","scores":[{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62454","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62555","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62567","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62562","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-26717"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26717","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26717"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983157","reference_id":"983157","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983157"},{"reference_url":"https://security.gentoo.org/glsa/202412-03","reference_id":"GLSA-202412-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2021-26717"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aas9-5n54-c7cn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/163806?format=json","vulnerability_id":"VCID-avkx-5as3-jbar","summary":"PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set (or forking) scenario, a hash key shared by multiple UAC dialogs can potentially be prematurely freed when one of the dialogs is destroyed . The issue may cause a dialog set to be registered in the hash table multiple times (with different hash keys) leading to undefined behavior such as dialog list collision which eventually leading to endless loop. A patch is available in commit db3235953baa56d2fb0e276ca510fefca751643f which will be included in the next release. There are no known workarounds for this issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23608","reference_id":"","reference_type":"","scores":[{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.74202","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.74287","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.74289","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00784","scoring_system":"epss","scoring_elements":"0.74277","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Mar/1","reference_id":"1","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:53Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Mar/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998","reference_id":"1014998","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998"},{"reference_url":"https://security.gentoo.org/glsa/202210-37","reference_id":"202210-37","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:53Z/"}],"url":"https://security.gentoo.org/glsa/202210-37"},{"reference_url":"http://packetstormsecurity.com/files/166226/Asterisk-Project-Security-Advisory-AST-2022-005.html","reference_id":"Asterisk-Project-Security-Advisory-AST-2022-005.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:53Z/"}],"url":"http://packetstormsecurity.com/files/166226/Asterisk-Project-Security-Advisory-AST-2022-005.html"},{"reference_url":"https://github.com/pjsip/pjproject/commit/db3235953baa56d2fb0e276ca510fefca751643f","reference_id":"db3235953baa56d2fb0e276ca510fefca751643f","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:53Z/"}],"url":"https://github.com/pjsip/pjproject/commit/db3235953baa56d2fb0e276ca510fefca751643f"},{"reference_url":"https://www.debian.org/security/2022/dsa-5285","reference_id":"dsa-5285","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:53Z/"}],"url":"https://www.debian.org/security/2022/dsa-5285"},{"reference_url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-ffff-m5fm-qm62","reference_id":"GHSA-ffff-m5fm-qm62","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:53Z/"}],"url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-ffff-m5fm-qm62"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html","reference_id":"msg00021.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:53Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html","reference_id":"msg00035.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:53Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html","reference_id":"msg00038.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:53Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00040.html","reference_id":"msg00040.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:53Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00040.html"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-23608"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-avkx-5as3-jbar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44537?format=json","vulnerability_id":"VCID-b4uk-43sc-fbch","summary":"An issue in the action_listcategories() function of Sangoma Asterisk v22/22.0.0/22.0.0-rc1/22.0.0-rc2/22.0.0-pre1 allows attackers to execute a path traversal.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-53566","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21294","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21119","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21301","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21315","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-53566"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53566"},{"reference_url":"https://gist.github.com/hyp164D1/e7c0f44ffb38c00320aa1a6d98bee616","reference_id":"e7c0f44ffb38c00320aa1a6d98bee616","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:37:51Z/"}],"url":"https://gist.github.com/hyp164D1/e7c0f44ffb38c00320aa1a6d98bee616"},{"reference_url":"https://github.com/asterisk/asterisk/blob/22/main/manager.c#L2556","reference_id":"manager.c#L2556","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:37:51Z/"}],"url":"https://github.com/asterisk/asterisk/blob/22/main/manager.c#L2556"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075646?format=json","purl":"pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1"}],"aliases":["CVE-2024-53566"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b4uk-43sc-fbch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208990?format=json","vulnerability_id":"VCID-b6ga-bw58-sbcz","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46837","reference_id":"","reference_type":"","scores":[{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32551","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32733","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32754","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32731","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018073","reference_id":"1018073","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018073"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2021-46837"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b6ga-bw58-sbcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/179040?format=json","vulnerability_id":"VCID-bh6w-tmrd-w7eb","summary":"Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26651","reference_id":"","reference_type":"","scores":[{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73709","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73784","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.738","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73799","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26651"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://security.gentoo.org/glsa/202412-03","reference_id":"GLSA-202412-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-26651"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bh6w-tmrd-w7eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/145570?format=json","vulnerability_id":"VCID-bpvn-c1qp-6fdj","summary":"PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that this issue is in parsing the query record `parse_query()`, while the issue in CVE-2022-24793 is in `parse_rr()`. A patch is available as commit `d1c5e4d` in the `master` branch. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver implementation instead.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27585","reference_id":"","reference_type":"","scores":[{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67973","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.6807","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.68074","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.68061","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27585"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27585","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27585"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036697","reference_id":"1036697","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036697"},{"reference_url":"https://github.com/pjsip/pjproject/commit/d1c5e4da5bae7f220bc30719888bb389c905c0c5","reference_id":"d1c5e4da5bae7f220bc30719888bb389c905c0c5","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:31:09Z/"}],"url":"https://github.com/pjsip/pjproject/commit/d1c5e4da5bae7f220bc30719888bb389c905c0c5"},{"reference_url":"https://www.debian.org/security/2023/dsa-5438","reference_id":"dsa-5438","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:31:09Z/"}],"url":"https://www.debian.org/security/2023/dsa-5438"},{"reference_url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4","reference_id":"GHSA-p6g5-v97c-w5q4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:31:09Z/"}],"url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4"},{"reference_url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-q9cp-8wcq-7pfr","reference_id":"GHSA-q9cp-8wcq-7pfr","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:31:09Z/"}],"url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-q9cp-8wcq-7pfr"},{"reference_url":"https://security.gentoo.org/glsa/202409-05","reference_id":"GLSA-202409-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-05"},{"reference_url":"https://www.pjsip.org/pjlib-util/docs/html/group__PJ__DNS__RESOLVER.htm","reference_id":"group__PJ__DNS__RESOLVER.htm","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:31:09Z/"}],"url":"https://www.pjsip.org/pjlib-util/docs/html/group__PJ__DNS__RESOLVER.htm"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:31:09Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00020.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html","reference_id":"msg00038.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:31:09Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"},{"reference_url":"https://usn.ubuntu.com/6422-2/","reference_id":"USN-6422-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2023-27585"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bpvn-c1qp-6fdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/179042?format=json","vulnerability_id":"VCID-csms-stcf-dkf4","summary":"Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49294","reference_id":"","reference_type":"","scores":[{"value":"0.17085","scoring_system":"epss","scoring_elements":"0.95146","published_at":"2026-06-11T12:55:00Z"},{"value":"0.17085","scoring_system":"epss","scoring_elements":"0.95162","published_at":"2026-06-12T12:55:00Z"},{"value":"0.17085","scoring_system":"epss","scoring_elements":"0.95164","published_at":"2026-06-13T12:55:00Z"},{"value":"0.17085","scoring_system":"epss","scoring_elements":"0.95165","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37457","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37457"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38703","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38703"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49786"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059032","reference_id":"1059032","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059032"},{"reference_url":"https://security.gentoo.org/glsa/202412-03","reference_id":"GLSA-202412-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075645?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-hgs7-nnt2-jbgj"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u4"}],"aliases":["CVE-2023-49294"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-csms-stcf-dkf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175997?format=json","vulnerability_id":"VCID-d5bd-s7g5-fufn","summary":"Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24763","reference_id":"","reference_type":"","scores":[{"value":"0.01399","scoring_system":"epss","scoring_elements":"0.80833","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01399","scoring_system":"epss","scoring_elements":"0.80893","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01399","scoring_system":"epss","scoring_elements":"0.80904","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01399","scoring_system":"epss","scoring_elements":"0.80895","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976","reference_id":"1014976","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998","reference_id":"1014998","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-24763"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d5bd-s7g5-fufn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/167946?format=json","vulnerability_id":"VCID-emwd-gd9k-mygd","summary":"In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/src/ooq931.c with a malformed Calling or Called Party IE can cause a crash.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37325","reference_id":"","reference_type":"","scores":[{"value":"0.0068","scoring_system":"epss","scoring_elements":"0.72079","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0068","scoring_system":"epss","scoring_elements":"0.72172","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0068","scoring_system":"epss","scoring_elements":"0.72176","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0068","scoring_system":"epss","scoring_elements":"0.72164","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706"},{"reference_url":"https://downloads.asterisk.org/pub/security/AST-2022-007.html","reference_id":"AST-2022-007.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:38:25Z/"}],"url":"https://downloads.asterisk.org/pub/security/AST-2022-007.html"},{"reference_url":"https://www.debian.org/security/2023/dsa-5358","reference_id":"dsa-5358","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:38:25Z/"}],"url":"https://www.debian.org/security/2023/dsa-5358"},{"reference_url":"https://security.gentoo.org/glsa/202412-03","reference_id":"GLSA-202412-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-03"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html","reference_id":"msg00029.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:38:25Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-37325"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-emwd-gd9k-mygd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/120009?format=json","vulnerability_id":"VCID-g5a4-b3bm-2ucb","summary":"Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk, SIP requests of the type MESSAGE (RFC 3428) authentication do not get proper alignment. An authenticated attacker can spoof any user identity to send spam messages to the user with their authorization token. Abuse of this security issue allows authenticated attackers to send fake chat messages can be spoofed to appear to come from trusted entities. Even administrators who follow Security best practices and Security Considerations can be impacted. Therefore, abuse can lead to spam and enable social engineering, phishing and similar attacks. Versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk fix the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47779","reference_id":"","reference_type":"","scores":[{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51771","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51644","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51773","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51785","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47779"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106528","reference_id":"1106528","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106528"},{"reference_url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-2grh-7mhv-fcfw","reference_id":"GHSA-2grh-7mhv-fcfw","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-22T17:25:58Z/"}],"url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-2grh-7mhv-fcfw"},{"reference_url":"https://github.com/asterisk/asterisk/blob/master/configs/samples/pjsip.conf.sample","reference_id":"pjsip.conf.sample","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-22T17:25:58Z/"}],"url":"https://github.com/asterisk/asterisk/blob/master/configs/samples/pjsip.conf.sample"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075646?format=json","purl":"pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1"}],"aliases":["CVE-2025-47779"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"6.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g5a4-b3bm-2ucb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66988?format=json","vulnerability_id":"VCID-h8bb-7n23-cfak","summary":"Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, user supplied/control values for Cookies and any GET variable query Parameter are directly interpolated into the HTML of the page using ast_str_append. The endpoint at GET /httpstatus is the potential vulnerable endpoint relating to asterisk/main /http.c. This issue has been patched in versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23738","reference_id":"","reference_type":"","scores":[{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22636","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22832","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22845","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22824","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23738"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127438","reference_id":"1127438","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127438"},{"reference_url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-v6hp-wh3r-cwxh","reference_id":"GHSA-v6hp-wh3r-cwxh","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-06T17:43:40Z/"}],"url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-v6hp-wh3r-cwxh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075646?format=json","purl":"pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1"}],"aliases":["CVE-2026-23738"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h8bb-7n23-cfak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175993?format=json","vulnerability_id":"VCID-js7f-w44p-rbgh","summary":"Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32686","reference_id":"","reference_type":"","scores":[{"value":"0.01675","scoring_system":"epss","scoring_elements":"0.82559","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01675","scoring_system":"epss","scoring_elements":"0.82621","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01675","scoring_system":"epss","scoring_elements":"0.82628","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01675","scoring_system":"epss","scoring_elements":"0.82623","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32558","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32558"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32686"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998","reference_id":"1014998","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991931","reference_id":"991931","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991931"},{"reference_url":"https://usn.ubuntu.com/8122-1/","reference_id":"USN-8122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2021-32686"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-js7f-w44p-rbgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/132990?format=json","vulnerability_id":"VCID-k99k-99mz-8uc5","summary":"Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1; as well as certified-asterisk prior to 18.9-cert6; Asterisk is susceptible to a DoS due to a race condition in the hello handshake phase of the DTLS protocol when handling DTLS-SRTP for media setup. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack. Abuse of this vulnerability may lead to a massive Denial of Service on vulnerable Asterisk servers for calls that rely on DTLS-SRTP. Commit d7d7764cb07c8a1872804321302ef93bf62cba05 contains a fix, which is part of versions 18.20.1, 20.5.1, 21.0.1, amd 18.9-cert6.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49786","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23188","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23002","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23199","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.2321","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37457","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37457"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38703","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38703"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49786"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059033","reference_id":"1059033","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059033"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Dec/24","reference_id":"24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T14:19:55Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Dec/24"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/12/15/7","reference_id":"7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T14:19:55Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/12/15/7"},{"reference_url":"http://packetstormsecurity.com/files/176251/Asterisk-20.1.0-Denial-Of-Service.html","reference_id":"Asterisk-20.1.0-Denial-Of-Service.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T14:19:55Z/"}],"url":"http://packetstormsecurity.com/files/176251/Asterisk-20.1.0-Denial-Of-Service.html"},{"reference_url":"https://github.com/asterisk/asterisk/commit/d7d7764cb07c8a1872804321302ef93bf62cba05","reference_id":"d7d7764cb07c8a1872804321302ef93bf62cba05","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T14:19:55Z/"}],"url":"https://github.com/asterisk/asterisk/commit/d7d7764cb07c8a1872804321302ef93bf62cba05"},{"reference_url":"https://github.com/EnableSecurity/advisories/tree/master/ES2023-01-asterisk-dtls-hello-race","reference_id":"ES2023-01-asterisk-dtls-hello-race","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T14:19:55Z/"}],"url":"https://github.com/EnableSecurity/advisories/tree/master/ES2023-01-asterisk-dtls-hello-race"},{"reference_url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-hxj9-xwr8-w8pq","reference_id":"GHSA-hxj9-xwr8-w8pq","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T14:19:55Z/"}],"url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-hxj9-xwr8-w8pq"},{"reference_url":"https://security.gentoo.org/glsa/202412-03","reference_id":"GLSA-202412-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-03"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00019.html","reference_id":"msg00019.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T14:19:55Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00019.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075645?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-hgs7-nnt2-jbgj"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u4"}],"aliases":["CVE-2023-49786"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k99k-99mz-8uc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208863?format=json","vulnerability_id":"VCID-m6wj-knxg-5ybg","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43299","reference_id":"","reference_type":"","scores":[{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59707","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59815","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59827","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59818","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998","reference_id":"1014998","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"},{"reference_url":"https://usn.ubuntu.com/8122-1/","reference_id":"USN-8122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2021-43299"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m6wj-knxg-5ybg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208864?format=json","vulnerability_id":"VCID-marj-g3q8-3fdt","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43300","reference_id":"","reference_type":"","scores":[{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62862","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62964","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62976","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62972","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998","reference_id":"1014998","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"},{"reference_url":"https://usn.ubuntu.com/8122-1/","reference_id":"USN-8122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2021-43300"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-marj-g3q8-3fdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/115896?format=json","vulnerability_id":"VCID-mks4-6gne-xker","summary":"A local privilege escalation vulnerability exists in the safe_asterisk script included with the Asterisk toolkit package. When Asterisk is started via this script (common in SysV init or FreePBX environments), it sources all .sh files located in /etc/asterisk/startup.d/ as root, without validating ownership or permissions.\n\n\nNon-root users with legitimate write access to /etc/asterisk can exploit this behaviour by placing malicious scripts in the startup.d directory, which will then execute with root privileges upon service restart.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1131","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20228","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20403","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20425","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20402","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1131"},{"reference_url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-v9q8-9j8m-5xwp","reference_id":"GHSA-v9q8-9j8m-5xwp","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:N/V:C/RE:H/U:Amber"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-24T03:55:15Z/"}],"url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-v9q8-9j8m-5xwp"},{"reference_url":"https://security.gentoo.org/glsa/202601-04","reference_id":"GLSA-202601-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202601-04"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075646?format=json","purl":"pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1"}],"aliases":["CVE-2025-1131"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mks4-6gne-xker"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/168286?format=json","vulnerability_id":"VCID-mmg1-2mu6-tyey","summary":"PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This issue has been patched and is available as commit c4d3498 in the master branch and will be included in releases 2.13 and later. Users are advised to upgrade. There are no known workarounds for this issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39244","reference_id":"","reference_type":"","scores":[{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55882","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.56004","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.56018","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.56002","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706"},{"reference_url":"https://security.gentoo.org/glsa/202210-37","reference_id":"202210-37","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/"}],"url":"https://security.gentoo.org/glsa/202210-37"},{"reference_url":"https://github.com/pjsip/pjproject/commit/c4d34984ec92b3d5252a7d5cddd85a1d3a8001ae","reference_id":"c4d34984ec92b3d5252a7d5cddd85a1d3a8001ae","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/"}],"url":"https://github.com/pjsip/pjproject/commit/c4d34984ec92b3d5252a7d5cddd85a1d3a8001ae"},{"reference_url":"https://www.debian.org/security/2023/dsa-5358","reference_id":"dsa-5358","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/"}],"url":"https://www.debian.org/security/2023/dsa-5358"},{"reference_url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-fq45-m3f7-3mhj","reference_id":"GHSA-fq45-m3f7-3mhj","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/"}],"url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-fq45-m3f7-3mhj"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html","reference_id":"msg00029.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html","reference_id":"msg00038.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-39244"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mmg1-2mu6-tyey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87918?format=json","vulnerability_id":"VCID-mspu-bd2w-7qdw","summary":"Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 18.26.4 and 18.9-cert17, RTP UDP ports and internal resources can leak due to a lack of session termination. This could result in leaks and resource exhaustion. This issue has been patched in versions 18.26.4 and 18.9-cert17.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54995","reference_id":"","reference_type":"","scores":[{"value":"0.01327","scoring_system":"epss","scoring_elements":"0.80413","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01416","scoring_system":"epss","scoring_elements":"0.81053","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01416","scoring_system":"epss","scoring_elements":"0.81044","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01416","scoring_system":"epss","scoring_elements":"0.80984","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54995"},{"reference_url":"https://github.com/asterisk/asterisk/commit/0278f5bde14565c6838a6ec39bc21aee0cde56a9","reference_id":"0278f5bde14565c6838a6ec39bc21aee0cde56a9","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-28T18:53:35Z/"}],"url":"https://github.com/asterisk/asterisk/commit/0278f5bde14565c6838a6ec39bc21aee0cde56a9"},{"reference_url":"https://github.com/asterisk/asterisk/pull/1405","reference_id":"1405","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-28T18:53:35Z/"}],"url":"https://github.com/asterisk/asterisk/pull/1405"},{"reference_url":"https://github.com/asterisk/asterisk/pull/1406","reference_id":"1406","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-28T18:53:35Z/"}],"url":"https://github.com/asterisk/asterisk/pull/1406"},{"reference_url":"https://github.com/asterisk/asterisk/commit/eafcd7a451dcd007dddf324ac37dd55a4808338d","reference_id":"eafcd7a451dcd007dddf324ac37dd55a4808338d","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-28T18:53:35Z/"}],"url":"https://github.com/asterisk/asterisk/commit/eafcd7a451dcd007dddf324ac37dd55a4808338d"},{"reference_url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-557q-795j-wfx2","reference_id":"GHSA-557q-795j-wfx2","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-28T18:53:35Z/"}],"url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-557q-795j-wfx2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075646?format=json","purl":"pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1"}],"aliases":["CVE-2025-54995"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mspu-bd2w-7qdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175998?format=json","vulnerability_id":"VCID-mssd-d438-7yga","summary":"Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24786","reference_id":"","reference_type":"","scores":[{"value":"0.00738","scoring_system":"epss","scoring_elements":"0.73314","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00738","scoring_system":"epss","scoring_elements":"0.73391","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00738","scoring_system":"epss","scoring_elements":"0.73406","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00738","scoring_system":"epss","scoring_elements":"0.73404","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976","reference_id":"1014976","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-24786"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mssd-d438-7yga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/167213?format=json","vulnerability_id":"VCID-nt4b-2zg8-gya2","summary":"PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability affects PJSIP users that use STUN in their applications, either by: setting a STUN server in their account/media config in PJSUA/PJSUA2 level, or directly using `pjlib-util/stun_simple` API. A patch is available in commit 450baca which should be included in the next release. There are no known workarounds for this issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31031","reference_id":"","reference_type":"","scores":[{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72955","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.73046","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.73048","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.73033","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31031"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017004","reference_id":"1017004","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017004"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017005","reference_id":"1017005","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017005"},{"reference_url":"https://security.gentoo.org/glsa/202210-37","reference_id":"202210-37","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/"}],"url":"https://security.gentoo.org/glsa/202210-37"},{"reference_url":"https://github.com/pjsip/pjproject/commit/450baca94f475345542c6953832650c390889202","reference_id":"450baca94f475345542c6953832650c390889202","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/"}],"url":"https://github.com/pjsip/pjproject/commit/450baca94f475345542c6953832650c390889202"},{"reference_url":"https://www.debian.org/security/2023/dsa-5358","reference_id":"dsa-5358","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/"}],"url":"https://www.debian.org/security/2023/dsa-5358"},{"reference_url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-26j7-ww69-c4qj","reference_id":"GHSA-26j7-ww69-c4qj","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/"}],"url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-26j7-ww69-c4qj"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html","reference_id":"msg00029.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html","reference_id":"msg00038.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-31031"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nt4b-2zg8-gya2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/173386?format=json","vulnerability_id":"VCID-nuyk-gtnh-t3g2","summary":"PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affects PJSUA2 users or users that call the API `pjmedia_sdp_print(), pjmedia_sdp_media_print()`. Applications that do not use PJSUA2 and do not directly call `pjmedia_sdp_print()` or `pjmedia_sdp_media_print()` should not be affected. A patch is available on the `master` branch of the `pjsip/pjproject` GitHub repository. There are currently no known workarounds.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24764","reference_id":"","reference_type":"","scores":[{"value":"0.01506","scoring_system":"epss","scoring_elements":"0.81575","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01506","scoring_system":"epss","scoring_elements":"0.81645","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01506","scoring_system":"epss","scoring_elements":"0.81636","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976","reference_id":"1014976","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998","reference_id":"1014998","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998"},{"reference_url":"https://security.gentoo.org/glsa/202210-37","reference_id":"202210-37","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:28Z/"}],"url":"https://security.gentoo.org/glsa/202210-37"},{"reference_url":"https://github.com/pjsip/pjproject/commit/560a1346f87aabe126509bb24930106dea292b00","reference_id":"560a1346f87aabe126509bb24930106dea292b00","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:28Z/"}],"url":"https://github.com/pjsip/pjproject/commit/560a1346f87aabe126509bb24930106dea292b00"},{"reference_url":"https://www.debian.org/security/2022/dsa-5285","reference_id":"dsa-5285","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:28Z/"}],"url":"https://www.debian.org/security/2022/dsa-5285"},{"reference_url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-f5qg-pqcg-765m","reference_id":"GHSA-f5qg-pqcg-765m","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:28Z/"}],"url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-f5qg-pqcg-765m"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html","reference_id":"msg00021.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:28Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html","reference_id":"msg00035.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:28Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html","reference_id":"msg00038.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:28Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-24764"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nuyk-gtnh-t3g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208865?format=json","vulnerability_id":"VCID-nvcm-fd6a-nkbg","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43301","reference_id":"","reference_type":"","scores":[{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62862","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62964","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62976","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62972","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998","reference_id":"1014998","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"},{"reference_url":"https://usn.ubuntu.com/8122-1/","reference_id":"USN-8122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2021-43301"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nvcm-fd6a-nkbg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/131886?format=json","vulnerability_id":"VCID-r429-bk4p-g3er","summary":"PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C#, and Python languages. SRTP is a higher level media transport which is stacked upon a lower level media transport such as UDP and ICE. Currently a higher level transport is not synchronized with its lower level transport that may introduce use-after-free issue. This vulnerability affects applications that have SRTP capability (`PJMEDIA_HAS_SRTP` is set) and use underlying media transport other than UDP. This vulnerability’s impact may range from unexpected application termination to control flow hijack/memory corruption. The patch is available as a commit in the master branch.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38703","reference_id":"","reference_type":"","scores":[{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51757","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51884","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.519","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51887","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38703"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37457","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37457"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38703","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38703"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49786"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059303","reference_id":"1059303","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059303"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059307","reference_id":"1059307","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059307"},{"reference_url":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d","reference_id":"6dc9b8c181aff39845f02b4626e0812820d4ef0d","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-19T18:46:16Z/"}],"url":"https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d"},{"reference_url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-f76w-fh7c-pc66","reference_id":"GHSA-f76w-fh7c-pc66","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-19T18:46:16Z/"}],"url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-f76w-fh7c-pc66"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00019.html","reference_id":"msg00019.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-19T18:46:16Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00019.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075645?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-hgs7-nnt2-jbgj"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u4"}],"aliases":["CVE-2023-38703"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r429-bk4p-g3er"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/119923?format=json","vulnerability_id":"VCID-rbr5-7fna-q3f6","summary":"Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk, trying to disallow shell commands to be run via the Asterisk command line interface (CLI) by configuring `cli_permissions.conf` (e.g. with the config line `deny=!*`) does not work which could lead to a security risk. If an administrator running an Asterisk instance relies on the `cli_permissions.conf` file to work and expects it to deny all attempts to execute shell commands, then this could lead to a security vulnerability. Versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk fix the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47780","reference_id":"","reference_type":"","scores":[{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.6423","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.64332","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.64345","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.64341","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47780"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47780","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47780"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106530","reference_id":"1106530","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106530"},{"reference_url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-c7p6-7mvq-8jq2","reference_id":"GHSA-c7p6-7mvq-8jq2","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-22T17:24:44Z/"}],"url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-c7p6-7mvq-8jq2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075646?format=json","purl":"pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1"}],"aliases":["CVE-2025-47780"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rbr5-7fna-q3f6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175994?format=json","vulnerability_id":"VCID-tux5-7r7x-2kdf","summary":"Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37706","reference_id":"","reference_type":"","scores":[{"value":"0.00505","scoring_system":"epss","scoring_elements":"0.66644","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00505","scoring_system":"epss","scoring_elements":"0.66736","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00505","scoring_system":"epss","scoring_elements":"0.6675","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00505","scoring_system":"epss","scoring_elements":"0.66749","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998","reference_id":"1014998","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"},{"reference_url":"https://usn.ubuntu.com/6422-2/","reference_id":"USN-6422-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-2/"},{"reference_url":"https://usn.ubuntu.com/8122-1/","reference_id":"USN-8122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2021-37706"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tux5-7r7x-2kdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66837?format=json","vulnerability_id":"VCID-u654-2myp-67e8","summary":"Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the ast_xml_open() function in xml.c parses XML documents using libxml with unsafe parsing options that enable entity expansion and XInclude processing. Specifically, it invokes xmlReadFile() with the XML_PARSE_NOENT flag and later processes XIncludes via xmlXIncludeProcess().If any untrusted or user-supplied XML file is passed to this function, it can allow an attacker to trigger XML External Entity (XXE) or XInclude-based local file disclosure, potentially exposing sensitive files from the host system. This can also be triggered in other cases in which the user is able to supply input in xml format that triggers the asterisk process to parse it. This issue has been patched in versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23739.json","reference_id":"","reference_type":"","scores":[{"value":"2.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23739.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23739","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22571","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22766","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22779","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22759","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23739"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127438","reference_id":"1127438","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127438"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437909","reference_id":"2437909","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437909"},{"reference_url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-85x7-54wr-vh42","reference_id":"GHSA-85x7-54wr-vh42","reference_type":"","scores":[{"value":"2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-06T17:36:34Z/"}],"url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-85x7-54wr-vh42"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075646?format=json","purl":"pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1"}],"aliases":["CVE-2026-23739"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u654-2myp-67e8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/179030?format=json","vulnerability_id":"VCID-uu3k-v1gc-x7f8","summary":"Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35776","reference_id":"","reference_type":"","scores":[{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24629","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24828","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24841","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24825","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35776"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983158","reference_id":"983158","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983158"},{"reference_url":"https://security.gentoo.org/glsa/202412-03","reference_id":"GLSA-202412-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2020-35776"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uu3k-v1gc-x7f8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66865?format=json","vulnerability_id":"VCID-vvt7-cetm-4ydt","summary":"Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the asterisk/contrib/scripts/ast_coredumper runs as root, as noted by the NOTES tag on line 689 of the ast_coredumper file. The script will source the contents of /etc/asterisk/ast_debug_tools.conf, which resides in a folder that is writeable by the asterisk user:group. Due to the /etc/asterisk/ast_debug_tools.conf file following bash semantics and it being loaded; an attacker with write permissions may add or modify the file such that when the root ast_coredumper is run; it would source and thereby execute arbitrary bash code found in the /etc/asterisk/ast_debug_tools.conf. This issue has been patched in versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23741","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17386","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1755","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17567","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1754","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23741"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127438","reference_id":"1127438","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127438"},{"reference_url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-rvch-3jmx-3jf3","reference_id":"GHSA-rvch-3jmx-3jf3","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-06T17:22:49Z/"}],"url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-rvch-3jmx-3jf3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075646?format=json","purl":"pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1"}],"aliases":["CVE-2026-23741"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vvt7-cetm-4ydt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207057?format=json","vulnerability_id":"VCID-wcrz-h8xd-cbez","summary":"An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated Asterisk Manager Interface (AMI) user without system authorization could use a specially crafted Originate AMI request to execute arbitrary system commands.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18610","reference_id":"","reference_type":"","scores":[{"value":"0.41746","scoring_system":"epss","scoring_elements":"0.97511","published_at":"2026-06-11T12:55:00Z"},{"value":"0.41746","scoring_system":"epss","scoring_elements":"0.9752","published_at":"2026-06-12T12:55:00Z"},{"value":"0.41746","scoring_system":"epss","scoring_elements":"0.97522","published_at":"2026-06-13T12:55:00Z"},{"value":"0.41746","scoring_system":"epss","scoring_elements":"0.97523","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18610"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18610","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18610"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947377","reference_id":"947377","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947377"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2019-18610"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wcrz-h8xd-cbez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206760?format=json","vulnerability_id":"VCID-x29s-dc4y-jyf5","summary":"Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12827","reference_id":"","reference_type":"","scores":[{"value":"0.18415","scoring_system":"epss","scoring_elements":"0.95384","published_at":"2026-06-11T12:55:00Z"},{"value":"0.18415","scoring_system":"epss","scoring_elements":"0.95398","published_at":"2026-06-12T12:55:00Z"},{"value":"0.18415","scoring_system":"epss","scoring_elements":"0.95403","published_at":"2026-06-13T12:55:00Z"},{"value":"0.18415","scoring_system":"epss","scoring_elements":"0.95405","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12827"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931980","reference_id":"931980","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931980"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2019-12827"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x29s-dc4y-jyf5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/173271?format=json","vulnerability_id":"VCID-x9x1-xcqa-5qdw","summary":"PJSIP is a free and open source multimedia communication library written in C. A denial-of-service vulnerability affects applications on a 32-bit systems that use PJSIP versions 2.12 and prior to play/read invalid WAV files. The vulnerability occurs when reading WAV file data chunks with length greater than 31-bit integers. The vulnerability does not affect 64-bit apps and should not affect apps that only plays trusted WAV files. A patch is available on the `master` branch of the `pjsip/project` GitHub repository. As a workaround, apps can reject a WAV file received from an unknown source or validate the file first.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24792","reference_id":"","reference_type":"","scores":[{"value":"0.01612","scoring_system":"epss","scoring_elements":"0.82183","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01612","scoring_system":"epss","scoring_elements":"0.82248","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01612","scoring_system":"epss","scoring_elements":"0.82254","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01612","scoring_system":"epss","scoring_elements":"0.82245","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976","reference_id":"1014976","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014976"},{"reference_url":"https://security.gentoo.org/glsa/202210-37","reference_id":"202210-37","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:55:19Z/"}],"url":"https://security.gentoo.org/glsa/202210-37"},{"reference_url":"https://github.com/pjsip/pjproject/commit/947bc1ee6d05be10204b918df75a503415fd3213","reference_id":"947bc1ee6d05be10204b918df75a503415fd3213","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:55:19Z/"}],"url":"https://github.com/pjsip/pjproject/commit/947bc1ee6d05be10204b918df75a503415fd3213"},{"reference_url":"https://www.debian.org/security/2022/dsa-5285","reference_id":"dsa-5285","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:55:19Z/"}],"url":"https://www.debian.org/security/2022/dsa-5285"},{"reference_url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-rwgw-vwxg-q799","reference_id":"GHSA-rwgw-vwxg-q799","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:55:19Z/"}],"url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-rwgw-vwxg-q799"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html","reference_id":"msg00021.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:55:19Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00047.html","reference_id":"msg00047.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:55:19Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00047.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-24792"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x9x1-xcqa-5qdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/166275?format=json","vulnerability_id":"VCID-xb6q-6m1c-5yfj","summary":"A use-after-free in res_pjsip_pubsub.c in Sangoma Asterisk 16.28, 18.14, 19.6, and certified/18.9-cert2 may allow a remote authenticated attacker to crash Asterisk (denial of service) by performing activity on a subscription via a reliable transport at the same time that Asterisk is also performing activity on that subscription.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42705","reference_id":"","reference_type":"","scores":[{"value":"0.01516","scoring_system":"epss","scoring_elements":"0.81627","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01516","scoring_system":"epss","scoring_elements":"0.81688","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01516","scoring_system":"epss","scoring_elements":"0.81696","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01516","scoring_system":"epss","scoring_elements":"0.81687","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706"},{"reference_url":"https://downloads.asterisk.org/pub/security/AST-2022-008.html","reference_id":"AST-2022-008.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:25:02Z/"}],"url":"https://downloads.asterisk.org/pub/security/AST-2022-008.html"},{"reference_url":"https://www.debian.org/security/2023/dsa-5358","reference_id":"dsa-5358","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:25:02Z/"}],"url":"https://www.debian.org/security/2023/dsa-5358"},{"reference_url":"https://security.gentoo.org/glsa/202412-03","reference_id":"GLSA-202412-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-03"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html","reference_id":"msg00029.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T14:25:02Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-42705"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xb6q-6m1c-5yfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/179041?format=json","vulnerability_id":"VCID-xtjr-uufd-wqc8","summary":"Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-37457","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22362","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22555","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22568","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2255","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-37457"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37457","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37457"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38703","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38703"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49786"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059303","reference_id":"1059303","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059303"},{"reference_url":"https://security.gentoo.org/glsa/202412-03","reference_id":"GLSA-202412-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075645?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-hgs7-nnt2-jbgj"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u4"}],"aliases":["CVE-2023-37457"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xtjr-uufd-wqc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66921?format=json","vulnerability_id":"VCID-xx9n-5x9g-9fdd","summary":"Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, when ast_coredumper writes its gdb init and output files to a directory that is world-writable (for example /tmp), an attacker with write permission(which is all users on a linux system) to that directory can cause root to execute arbitrary commands or overwrite arbitrary files by controlling the gdb init file and output paths. This issue has been patched in versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23740.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23740.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23740","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06237","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06245","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06267","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06255","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23740"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127438","reference_id":"1127438","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127438"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437723","reference_id":"2437723","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437723"},{"reference_url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-xpc6-x892-v83c","reference_id":"GHSA-xpc6-x892-v83c","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-06T19:11:52Z/"}],"url":"https://github.com/asterisk/asterisk/security/advisories/GHSA-xpc6-x892-v83c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075646?format=json","purl":"pkg:deb/debian/asterisk@1:22.9.0%2Bdfsg%2B~cs6.16.60671434-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:22.9.0%252Bdfsg%252B~cs6.16.60671434-1"}],"aliases":["CVE-2026-23740"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xx9n-5x9g-9fdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/163881?format=json","vulnerability_id":"VCID-xzgv-h1e1-2fhm","summary":"PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as commit in the master branch.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23547","reference_id":"","reference_type":"","scores":[{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63966","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.64079","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.64082","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.64069","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032092","reference_id":"1032092","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032092"},{"reference_url":"https://github.com/pjsip/pjproject/commit/bc4812d31a67d5e2f973fbfaf950d6118226cf36","reference_id":"bc4812d31a67d5e2f973fbfaf950d6118226cf36","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T03:11:54Z/"}],"url":"https://github.com/pjsip/pjproject/commit/bc4812d31a67d5e2f973fbfaf950d6118226cf36"},{"reference_url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-9pfh-r8x4-w26w","reference_id":"GHSA-9pfh-r8x4-w26w","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T03:11:54Z/"}],"url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-9pfh-r8x4-w26w"},{"reference_url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-cxwq-5g9x-x7fr","reference_id":"GHSA-cxwq-5g9x-x7fr","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T03:11:54Z/"}],"url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-cxwq-5g9x-x7fr"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html","reference_id":"msg00038.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T03:11:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-23547"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xzgv-h1e1-2fhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/179035?format=json","vulnerability_id":"VCID-year-eh79-qfc2","summary":"Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-26906","reference_id":"","reference_type":"","scores":[{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74668","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74739","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74752","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74749","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-26906"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26906","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983159","reference_id":"983159","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983159"},{"reference_url":"https://security.gentoo.org/glsa/202412-03","reference_id":"GLSA-202412-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2021-26906"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-year-eh79-qfc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/169944?format=json","vulnerability_id":"VCID-yqr3-7hk1-zfad","summary":"PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.11.1 and prior, there are various cases where it is possible that certain incoming RTP/RTCP packets can potentially cause out-of-bound read access. This issue affects all users that use PJMEDIA and accept incoming RTP/RTCP. A patch is available as a commit in the `master` branch. There are no known workarounds.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21722","reference_id":"","reference_type":"","scores":[{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.6462","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64731","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64735","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64723","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998","reference_id":"1014998","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998"},{"reference_url":"https://security.gentoo.org/glsa/202210-37","reference_id":"202210-37","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:54Z/"}],"url":"https://security.gentoo.org/glsa/202210-37"},{"reference_url":"https://github.com/pjsip/pjproject/commit/22af44e68a0c7d190ac1e25075e1382f77e9397a","reference_id":"22af44e68a0c7d190ac1e25075e1382f77e9397a","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:54Z/"}],"url":"https://github.com/pjsip/pjproject/commit/22af44e68a0c7d190ac1e25075e1382f77e9397a"},{"reference_url":"https://www.debian.org/security/2022/dsa-5285","reference_id":"dsa-5285","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:54Z/"}],"url":"https://www.debian.org/security/2022/dsa-5285"},{"reference_url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-m66q-q64c-hv36","reference_id":"GHSA-m66q-q64c-hv36","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:54Z/"}],"url":"https://github.com/pjsip/pjproject/security/advisories/GHSA-m66q-q64c-hv36"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html","reference_id":"msg00021.html","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html","reference_id":"msg00035.html","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html","reference_id":"msg00038.html","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2022-21722"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yqr3-7hk1-zfad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208867?format=json","vulnerability_id":"VCID-z7pf-n9uf-7ff3","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43303","reference_id":"","reference_type":"","scores":[{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62862","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62964","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62976","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62972","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998","reference_id":"1014998","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014998"},{"reference_url":"https://usn.ubuntu.com/6422-1/","reference_id":"USN-6422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6422-1/"},{"reference_url":"https://usn.ubuntu.com/8122-1/","reference_id":"USN-8122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2021-43303"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z7pf-n9uf-7ff3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207953?format=json","vulnerability_id":"VCID-zbbe-qnd8-4yau","summary":"A res_pjsip_session crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. and Certified Asterisk before 16.8-cert5. Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This caused a gap between the creation of the dialog object, and its next use by the thread that created it. Depending on some off-nominal circumstances and timing, it was possible for another thread to free said dialog in this gap. Asterisk could then crash when the dialog object, or any of its dependent objects, were dereferenced or accessed next by the initial-creation thread. Note, however, that this crash can only occur when using a connection-oriented protocol (e.g., TCP or TLS, but not UDP) for SIP transport. Also, the remote client must be authenticated, or Asterisk must be configured for anonymous calling.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28327","reference_id":"","reference_type":"","scores":[{"value":"0.02188","scoring_system":"epss","scoring_elements":"0.84741","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02188","scoring_system":"epss","scoring_elements":"0.84794","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02188","scoring_system":"epss","scoring_elements":"0.84803","published_at":"2026-06-13T12:55:00Z"},{"value":"0.02188","scoring_system":"epss","scoring_elements":"0.84795","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28327"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28327","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28327"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=974712","reference_id":"974712","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=974712"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2020-28327"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zbbe-qnd8-4yau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207951?format=json","vulnerability_id":"VCID-zwsy-26a5-tudy","summary":"An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and Certified Asterisk before 16.8-cert5. If Asterisk is challenged on an outbound INVITE and the nonce is changed in each response, Asterisk will continually send INVITEs in a loop. This causes Asterisk to consume more and more memory since the transaction will never terminate (even if the call is hung up), ultimately leading to a restart or shutdown of Asterisk. Outbound authentication must be configured on the endpoint for this to occur.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28242","reference_id":"","reference_type":"","scores":[{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61578","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61681","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61689","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61685","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28242"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28242","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28242"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=974713","reference_id":"974713","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=974713"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1080406?format=json","purl":"pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.28.0~dfsg-0%252Bdeb11u3"}],"aliases":["CVE-2020-28242"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zwsy-26a5-tudy"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176635?format=json","vulnerability_id":"VCID-1j6s-5929-jba5","summary":"Multiple vulnerabilities have been found in Asterisk, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16672","reference_id":"","reference_type":"","scores":[{"value":"0.05269","scoring_system":"epss","scoring_elements":"0.90211","published_at":"2026-06-11T12:55:00Z"},{"value":"0.05269","scoring_system":"epss","scoring_elements":"0.90241","published_at":"2026-06-12T12:55:00Z"},{"value":"0.05269","scoring_system":"epss","scoring_elements":"0.9025","published_at":"2026-06-13T12:55:00Z"},{"value":"0.05269","scoring_system":"epss","scoring_elements":"0.90248","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16672"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16672","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16672"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881256","reference_id":"881256","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881256"},{"reference_url":"https://security.gentoo.org/glsa/201811-11","reference_id":"GLSA-201811-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201811-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1079855?format=json","purl":"pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%252Bdeb10u2"}],"aliases":["CVE-2017-16672"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1j6s-5929-jba5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204998?format=json","vulnerability_id":"VCID-2yhz-4z7q-v3bj","summary":"A Remote Crash issue was discovered in Asterisk Open Source 13.x before 13.18.4, 14.x before 14.7.4, and 15.x before 15.1.4 and Certified Asterisk before 13.13-cert9. Certain compound RTCP packets cause a crash in the RTCP Stack.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17664","reference_id":"","reference_type":"","scores":[{"value":"0.01276","scoring_system":"epss","scoring_elements":"0.79967","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01276","scoring_system":"epss","scoring_elements":"0.80029","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01276","scoring_system":"epss","scoring_elements":"0.80047","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01276","scoring_system":"epss","scoring_elements":"0.80039","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17664"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17664","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17664"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884345","reference_id":"884345","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884345"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1079855?format=json","purl":"pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%252Bdeb10u2"}],"aliases":["CVE-2017-17664"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2yhz-4z7q-v3bj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176634?format=json","vulnerability_id":"VCID-3nmd-gfnx-zycc","summary":"Multiple vulnerabilities have been found in Asterisk, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16671","reference_id":"","reference_type":"","scores":[{"value":"0.03635","scoring_system":"epss","scoring_elements":"0.88103","published_at":"2026-06-11T12:55:00Z"},{"value":"0.03635","scoring_system":"epss","scoring_elements":"0.88143","published_at":"2026-06-12T12:55:00Z"},{"value":"0.03635","scoring_system":"epss","scoring_elements":"0.88149","published_at":"2026-06-13T12:55:00Z"},{"value":"0.03635","scoring_system":"epss","scoring_elements":"0.88148","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16671"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16671","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16671"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881257","reference_id":"881257","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881257"},{"reference_url":"https://security.gentoo.org/glsa/201811-11","reference_id":"GLSA-201811-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201811-11"},{"reference_url":"https://usn.ubuntu.com/USN-4814-1/","reference_id":"USN-USN-4814-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4814-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1079855?format=json","purl":"pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%252Bdeb10u2"}],"aliases":["CVE-2017-16671"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3nmd-gfnx-zycc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175164?format=json","vulnerability_id":"VCID-4y87-mgkp-kug6","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12227","reference_id":"","reference_type":"","scores":[{"value":"0.0106","scoring_system":"epss","scoring_elements":"0.78048","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0106","scoring_system":"epss","scoring_elements":"0.78116","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0106","scoring_system":"epss","scoring_elements":"0.78129","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0106","scoring_system":"epss","scoring_elements":"0.78124","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12227"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12227","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12227"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7286"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902954","reference_id":"902954","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902954"},{"reference_url":"https://security.gentoo.org/glsa/201811-11","reference_id":"GLSA-201811-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201811-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1076679?format=json","purl":"pkg:deb/debian/asterisk@1:13.14.1~dfsg-2%2Bdeb9u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-1j6s-5929-jba5"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-2yhz-4z7q-v3bj"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-3nmd-gfnx-zycc"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-4y87-mgkp-kug6"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5fnd-6j1g-v7dm"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-7p8w-juvq-9qbp"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-9wph-ucaa-byam"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-cx52-9j5c-bqbp"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-e4t6-kskm-qffn"},{"vulnerability":"VCID-ej13-hta7-xfa9"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-ew6x-wukn-wff1"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m5j7-xrze-xqhb"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-t3hz-688a-37g2"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vc4h-7284-2qeb"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"},{"vulnerability":"VCID-zze4-ps2w-4qh9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:13.14.1~dfsg-2%252Bdeb9u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1079855?format=json","purl":"pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%252Bdeb10u2"}],"aliases":["CVE-2018-12227"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4y87-mgkp-kug6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175161?format=json","vulnerability_id":"VCID-5fnd-6j1g-v7dm","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7284","reference_id":"","reference_type":"","scores":[{"value":"0.65243","scoring_system":"epss","scoring_elements":"0.98506","published_at":"2026-06-11T12:55:00Z"},{"value":"0.65243","scoring_system":"epss","scoring_elements":"0.98511","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12227","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12227"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7286"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891227","reference_id":"891227","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891227"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/44184.py","reference_id":"CVE-2018-7284","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/44184.py"},{"reference_url":"https://raw.githubusercontent.com/EnableSecurity/advisories/master/ES2018-01-asterisk-pjsip-subscribe-stack-corruption/README.md","reference_id":"CVE-2018-7284","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/EnableSecurity/advisories/master/ES2018-01-asterisk-pjsip-subscribe-stack-corruption/README.md"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1076679?format=json","purl":"pkg:deb/debian/asterisk@1:13.14.1~dfsg-2%2Bdeb9u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-1j6s-5929-jba5"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-2yhz-4z7q-v3bj"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-3nmd-gfnx-zycc"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-4y87-mgkp-kug6"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5fnd-6j1g-v7dm"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-7p8w-juvq-9qbp"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-9wph-ucaa-byam"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-cx52-9j5c-bqbp"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-e4t6-kskm-qffn"},{"vulnerability":"VCID-ej13-hta7-xfa9"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-ew6x-wukn-wff1"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m5j7-xrze-xqhb"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-t3hz-688a-37g2"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vc4h-7284-2qeb"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"},{"vulnerability":"VCID-zze4-ps2w-4qh9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:13.14.1~dfsg-2%252Bdeb9u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1079855?format=json","purl":"pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%252Bdeb10u2"}],"aliases":["CVE-2018-7284"],"risk_score":1.2,"exploitability":"2.0","weighted_severity":"0.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5fnd-6j1g-v7dm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/167653?format=json","vulnerability_id":"VCID-7p8w-juvq-9qbp","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17090","reference_id":"","reference_type":"","scores":[{"value":"0.80582","scoring_system":"epss","scoring_elements":"0.9916","published_at":"2026-06-11T12:55:00Z"},{"value":"0.80582","scoring_system":"epss","scoring_elements":"0.99164","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17090"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17090","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17090"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883342","reference_id":"883342","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883342"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/43992.py","reference_id":"CVE-2017-17090;AST-2017-01","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/43992.py"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1073767?format=json","purl":"pkg:deb/debian/asterisk@1:11.13.1~dfsg-2%2Bdeb8u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-1c9k-f31b-u3gd"},{"vulnerability":"VCID-1j6s-5929-jba5"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-2q7t-camu-gkhf"},{"vulnerability":"VCID-2yhz-4z7q-v3bj"},{"vulnerability":"VCID-2zkw-u7gs-vyhc"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-3nmd-gfnx-zycc"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4jz1-8qyg-u3bb"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-4vyf-p1f1-wkdq"},{"vulnerability":"VCID-4y87-mgkp-kug6"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5fnd-6j1g-v7dm"},{"vulnerability":"VCID-5r2x-a5bs-d3cy"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-7p8w-juvq-9qbp"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-91cc-3p28-tba7"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-9wph-ucaa-byam"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-cx52-9j5c-bqbp"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-dxyn-tsbx-qbc8"},{"vulnerability":"VCID-e4t6-kskm-qffn"},{"vulnerability":"VCID-eeyn-yxuj-y7gh"},{"vulnerability":"VCID-ej13-hta7-xfa9"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-ew6x-wukn-wff1"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k4ya-8pmg-ayh8"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-ktbc-22t1-r3az"},{"vulnerability":"VCID-m15s-j2fj-4ua8"},{"vulnerability":"VCID-m5j7-xrze-xqhb"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-qxup-q7n9-xke7"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-rqwn-rfjf-sbf7"},{"vulnerability":"VCID-t3hz-688a-37g2"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-upap-7j5r-p7ch"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-v8ph-vrc7-7ue1"},{"vulnerability":"VCID-vc4h-7284-2qeb"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-wx4r-avzg-kbgm"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zp67-1j8g-mufp"},{"vulnerability":"VCID-zwsy-26a5-tudy"},{"vulnerability":"VCID-zze4-ps2w-4qh9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:11.13.1~dfsg-2%252Bdeb8u5"},{"url":"http://public2.vulnerablecode.io/api/packages/1076679?format=json","purl":"pkg:deb/debian/asterisk@1:13.14.1~dfsg-2%2Bdeb9u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-1j6s-5929-jba5"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-2yhz-4z7q-v3bj"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-3nmd-gfnx-zycc"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-4y87-mgkp-kug6"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5fnd-6j1g-v7dm"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-7p8w-juvq-9qbp"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-9wph-ucaa-byam"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-cx52-9j5c-bqbp"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-e4t6-kskm-qffn"},{"vulnerability":"VCID-ej13-hta7-xfa9"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-ew6x-wukn-wff1"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m5j7-xrze-xqhb"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-t3hz-688a-37g2"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vc4h-7284-2qeb"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"},{"vulnerability":"VCID-zze4-ps2w-4qh9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:13.14.1~dfsg-2%252Bdeb9u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1079855?format=json","purl":"pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%252Bdeb10u2"}],"aliases":["CVE-2017-17090"],"risk_score":1.4,"exploitability":"2.0","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7p8w-juvq-9qbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175163?format=json","vulnerability_id":"VCID-9wph-ucaa-byam","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7286","reference_id":"","reference_type":"","scores":[{"value":"0.54632","scoring_system":"epss","scoring_elements":"0.98081","published_at":"2026-06-11T12:55:00Z"},{"value":"0.54632","scoring_system":"epss","scoring_elements":"0.98089","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12227","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12227"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7286"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891228","reference_id":"891228","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891228"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/44181.py","reference_id":"CVE-2018-7286","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/44181.py"},{"reference_url":"https://raw.githubusercontent.com/EnableSecurity/advisories/master/ES2018-04-asterisk-pjsip-tcp-segfault/README.md","reference_id":"CVE-2018-7286","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/EnableSecurity/advisories/master/ES2018-04-asterisk-pjsip-tcp-segfault/README.md"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1076679?format=json","purl":"pkg:deb/debian/asterisk@1:13.14.1~dfsg-2%2Bdeb9u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-1j6s-5929-jba5"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-2yhz-4z7q-v3bj"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-3nmd-gfnx-zycc"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-4y87-mgkp-kug6"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5fnd-6j1g-v7dm"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-7p8w-juvq-9qbp"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-9wph-ucaa-byam"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-cx52-9j5c-bqbp"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-e4t6-kskm-qffn"},{"vulnerability":"VCID-ej13-hta7-xfa9"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-ew6x-wukn-wff1"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m5j7-xrze-xqhb"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-t3hz-688a-37g2"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vc4h-7284-2qeb"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"},{"vulnerability":"VCID-zze4-ps2w-4qh9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:13.14.1~dfsg-2%252Bdeb9u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1079855?format=json","purl":"pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%252Bdeb10u2"}],"aliases":["CVE-2018-7286"],"risk_score":1.0,"exploitability":"2.0","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9wph-ucaa-byam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207383?format=json","vulnerability_id":"VCID-cx52-9j5c-bqbp","summary":"An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7251","reference_id":"","reference_type":"","scores":[{"value":"0.04411","scoring_system":"epss","scoring_elements":"0.89259","published_at":"2026-06-11T12:55:00Z"},{"value":"0.04411","scoring_system":"epss","scoring_elements":"0.89297","published_at":"2026-06-12T12:55:00Z"},{"value":"0.04411","scoring_system":"epss","scoring_elements":"0.89305","published_at":"2026-06-13T12:55:00Z"},{"value":"0.04411","scoring_system":"epss","scoring_elements":"0.89304","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7251"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7251","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7251"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923690","reference_id":"923690","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923690"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1079855?format=json","purl":"pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%252Bdeb10u2"}],"aliases":["CVE-2019-7251"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cx52-9j5c-bqbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/163572?format=json","vulnerability_id":"VCID-e4t6-kskm-qffn","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14100","reference_id":"","reference_type":"","scores":[{"value":"0.33558","scoring_system":"epss","scoring_elements":"0.97045","published_at":"2026-06-11T12:55:00Z"},{"value":"0.33558","scoring_system":"epss","scoring_elements":"0.97054","published_at":"2026-06-14T12:55:00Z"},{"value":"0.33558","scoring_system":"epss","scoring_elements":"0.97056","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14100"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14099","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14099"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14100","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14100"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873908","reference_id":"873908","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873908"},{"reference_url":"https://security.gentoo.org/glsa/201710-29","reference_id":"GLSA-201710-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-29"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1073767?format=json","purl":"pkg:deb/debian/asterisk@1:11.13.1~dfsg-2%2Bdeb8u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-1c9k-f31b-u3gd"},{"vulnerability":"VCID-1j6s-5929-jba5"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-2q7t-camu-gkhf"},{"vulnerability":"VCID-2yhz-4z7q-v3bj"},{"vulnerability":"VCID-2zkw-u7gs-vyhc"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-3nmd-gfnx-zycc"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4jz1-8qyg-u3bb"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-4vyf-p1f1-wkdq"},{"vulnerability":"VCID-4y87-mgkp-kug6"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5fnd-6j1g-v7dm"},{"vulnerability":"VCID-5r2x-a5bs-d3cy"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-7p8w-juvq-9qbp"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-91cc-3p28-tba7"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-9wph-ucaa-byam"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-cx52-9j5c-bqbp"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-dxyn-tsbx-qbc8"},{"vulnerability":"VCID-e4t6-kskm-qffn"},{"vulnerability":"VCID-eeyn-yxuj-y7gh"},{"vulnerability":"VCID-ej13-hta7-xfa9"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-ew6x-wukn-wff1"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k4ya-8pmg-ayh8"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-ktbc-22t1-r3az"},{"vulnerability":"VCID-m15s-j2fj-4ua8"},{"vulnerability":"VCID-m5j7-xrze-xqhb"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-qxup-q7n9-xke7"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-rqwn-rfjf-sbf7"},{"vulnerability":"VCID-t3hz-688a-37g2"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-upap-7j5r-p7ch"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-v8ph-vrc7-7ue1"},{"vulnerability":"VCID-vc4h-7284-2qeb"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-wx4r-avzg-kbgm"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zp67-1j8g-mufp"},{"vulnerability":"VCID-zwsy-26a5-tudy"},{"vulnerability":"VCID-zze4-ps2w-4qh9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:11.13.1~dfsg-2%252Bdeb8u5"},{"url":"http://public2.vulnerablecode.io/api/packages/1076679?format=json","purl":"pkg:deb/debian/asterisk@1:13.14.1~dfsg-2%2Bdeb9u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-1j6s-5929-jba5"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-2yhz-4z7q-v3bj"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-3nmd-gfnx-zycc"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-4y87-mgkp-kug6"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5fnd-6j1g-v7dm"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-7p8w-juvq-9qbp"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-9wph-ucaa-byam"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-cx52-9j5c-bqbp"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-e4t6-kskm-qffn"},{"vulnerability":"VCID-ej13-hta7-xfa9"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-ew6x-wukn-wff1"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m5j7-xrze-xqhb"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-t3hz-688a-37g2"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vc4h-7284-2qeb"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"},{"vulnerability":"VCID-zze4-ps2w-4qh9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:13.14.1~dfsg-2%252Bdeb9u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1079855?format=json","purl":"pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%252Bdeb10u2"}],"aliases":["CVE-2017-14100"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e4t6-kskm-qffn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/163571?format=json","vulnerability_id":"VCID-ej13-hta7-xfa9","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14099","reference_id":"","reference_type":"","scores":[{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.5911","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59222","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59234","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59225","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14099"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14099","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14099"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14100","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14100"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873907","reference_id":"873907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873907"},{"reference_url":"https://security.gentoo.org/glsa/201710-29","reference_id":"GLSA-201710-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-29"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1073767?format=json","purl":"pkg:deb/debian/asterisk@1:11.13.1~dfsg-2%2Bdeb8u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-1c9k-f31b-u3gd"},{"vulnerability":"VCID-1j6s-5929-jba5"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-2q7t-camu-gkhf"},{"vulnerability":"VCID-2yhz-4z7q-v3bj"},{"vulnerability":"VCID-2zkw-u7gs-vyhc"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-3nmd-gfnx-zycc"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4jz1-8qyg-u3bb"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-4vyf-p1f1-wkdq"},{"vulnerability":"VCID-4y87-mgkp-kug6"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5fnd-6j1g-v7dm"},{"vulnerability":"VCID-5r2x-a5bs-d3cy"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-7p8w-juvq-9qbp"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-91cc-3p28-tba7"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-9wph-ucaa-byam"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-cx52-9j5c-bqbp"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-dxyn-tsbx-qbc8"},{"vulnerability":"VCID-e4t6-kskm-qffn"},{"vulnerability":"VCID-eeyn-yxuj-y7gh"},{"vulnerability":"VCID-ej13-hta7-xfa9"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-ew6x-wukn-wff1"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k4ya-8pmg-ayh8"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-ktbc-22t1-r3az"},{"vulnerability":"VCID-m15s-j2fj-4ua8"},{"vulnerability":"VCID-m5j7-xrze-xqhb"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-qxup-q7n9-xke7"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-rqwn-rfjf-sbf7"},{"vulnerability":"VCID-t3hz-688a-37g2"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-upap-7j5r-p7ch"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-v8ph-vrc7-7ue1"},{"vulnerability":"VCID-vc4h-7284-2qeb"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-wx4r-avzg-kbgm"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zp67-1j8g-mufp"},{"vulnerability":"VCID-zwsy-26a5-tudy"},{"vulnerability":"VCID-zze4-ps2w-4qh9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:11.13.1~dfsg-2%252Bdeb8u5"},{"url":"http://public2.vulnerablecode.io/api/packages/1076679?format=json","purl":"pkg:deb/debian/asterisk@1:13.14.1~dfsg-2%2Bdeb9u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-1j6s-5929-jba5"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-2yhz-4z7q-v3bj"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-3nmd-gfnx-zycc"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-4y87-mgkp-kug6"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5fnd-6j1g-v7dm"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-7p8w-juvq-9qbp"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-9wph-ucaa-byam"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-cx52-9j5c-bqbp"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-e4t6-kskm-qffn"},{"vulnerability":"VCID-ej13-hta7-xfa9"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-ew6x-wukn-wff1"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m5j7-xrze-xqhb"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-t3hz-688a-37g2"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vc4h-7284-2qeb"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"},{"vulnerability":"VCID-zze4-ps2w-4qh9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:13.14.1~dfsg-2%252Bdeb9u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1079855?format=json","purl":"pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%252Bdeb10u2"}],"aliases":["CVE-2017-14099"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ej13-hta7-xfa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176636?format=json","vulnerability_id":"VCID-ew6x-wukn-wff1","summary":"Multiple vulnerabilities have been found in Asterisk, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17850","reference_id":"","reference_type":"","scores":[{"value":"0.29958","scoring_system":"epss","scoring_elements":"0.96769","published_at":"2026-06-11T12:55:00Z"},{"value":"0.29958","scoring_system":"epss","scoring_elements":"0.9678","published_at":"2026-06-13T12:55:00Z"},{"value":"0.29958","scoring_system":"epss","scoring_elements":"0.96782","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17850"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17850","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17850"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885072","reference_id":"885072","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885072"},{"reference_url":"https://security.gentoo.org/glsa/201811-11","reference_id":"GLSA-201811-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201811-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1079855?format=json","purl":"pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%252Bdeb10u2"}],"aliases":["CVE-2017-17850"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ew6x-wukn-wff1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207076?format=json","vulnerability_id":"VCID-m5j7-xrze-xqhb","summary":"An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through 13.x and Certified Asterisk through 13.21-x. If it receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a NULL pointer dereference and crash will occur. This is different from CVE-2019-18940.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18976","reference_id":"","reference_type":"","scores":[{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37417","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37595","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37619","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37607","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18976"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1079855?format=json","purl":"pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%252Bdeb10u2"}],"aliases":["CVE-2019-18976"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m5j7-xrze-xqhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/164374?format=json","vulnerability_id":"VCID-t3hz-688a-37g2","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14603","reference_id":"","reference_type":"","scores":[{"value":"0.00747","scoring_system":"epss","scoring_elements":"0.73523","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00747","scoring_system":"epss","scoring_elements":"0.73597","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00747","scoring_system":"epss","scoring_elements":"0.73612","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00747","scoring_system":"epss","scoring_elements":"0.7361","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14603"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876328","reference_id":"876328","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876328"},{"reference_url":"https://security.gentoo.org/glsa/201710-29","reference_id":"GLSA-201710-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-29"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1073767?format=json","purl":"pkg:deb/debian/asterisk@1:11.13.1~dfsg-2%2Bdeb8u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-1c9k-f31b-u3gd"},{"vulnerability":"VCID-1j6s-5929-jba5"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-2q7t-camu-gkhf"},{"vulnerability":"VCID-2yhz-4z7q-v3bj"},{"vulnerability":"VCID-2zkw-u7gs-vyhc"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-3nmd-gfnx-zycc"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4jz1-8qyg-u3bb"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-4vyf-p1f1-wkdq"},{"vulnerability":"VCID-4y87-mgkp-kug6"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5fnd-6j1g-v7dm"},{"vulnerability":"VCID-5r2x-a5bs-d3cy"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-7p8w-juvq-9qbp"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-91cc-3p28-tba7"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-9wph-ucaa-byam"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-cx52-9j5c-bqbp"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-dxyn-tsbx-qbc8"},{"vulnerability":"VCID-e4t6-kskm-qffn"},{"vulnerability":"VCID-eeyn-yxuj-y7gh"},{"vulnerability":"VCID-ej13-hta7-xfa9"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-ew6x-wukn-wff1"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k4ya-8pmg-ayh8"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-ktbc-22t1-r3az"},{"vulnerability":"VCID-m15s-j2fj-4ua8"},{"vulnerability":"VCID-m5j7-xrze-xqhb"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-qxup-q7n9-xke7"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-rqwn-rfjf-sbf7"},{"vulnerability":"VCID-t3hz-688a-37g2"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-upap-7j5r-p7ch"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-v8ph-vrc7-7ue1"},{"vulnerability":"VCID-vc4h-7284-2qeb"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-wx4r-avzg-kbgm"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zp67-1j8g-mufp"},{"vulnerability":"VCID-zwsy-26a5-tudy"},{"vulnerability":"VCID-zze4-ps2w-4qh9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:11.13.1~dfsg-2%252Bdeb8u5"},{"url":"http://public2.vulnerablecode.io/api/packages/1076679?format=json","purl":"pkg:deb/debian/asterisk@1:13.14.1~dfsg-2%2Bdeb9u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-1j6s-5929-jba5"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-2yhz-4z7q-v3bj"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-3nmd-gfnx-zycc"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-4y87-mgkp-kug6"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5fnd-6j1g-v7dm"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-7p8w-juvq-9qbp"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-9wph-ucaa-byam"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-cx52-9j5c-bqbp"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-e4t6-kskm-qffn"},{"vulnerability":"VCID-ej13-hta7-xfa9"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-ew6x-wukn-wff1"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m5j7-xrze-xqhb"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-t3hz-688a-37g2"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vc4h-7284-2qeb"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"},{"vulnerability":"VCID-zze4-ps2w-4qh9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:13.14.1~dfsg-2%252Bdeb9u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1079855?format=json","purl":"pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%252Bdeb10u2"}],"aliases":["CVE-2017-14603"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t3hz-688a-37g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184253?format=json","vulnerability_id":"VCID-vc4h-7284-2qeb","summary":"Multiple vulnerabilities have been found in Asterisk, the worst of\n    which allows remote execution of arbitrary shell commands.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14098","reference_id":"","reference_type":"","scores":[{"value":"0.40123","scoring_system":"epss","scoring_elements":"0.97431","published_at":"2026-06-11T12:55:00Z"},{"value":"0.40123","scoring_system":"epss","scoring_elements":"0.9744","published_at":"2026-06-12T12:55:00Z"},{"value":"0.40123","scoring_system":"epss","scoring_elements":"0.97442","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14098"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14098","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14098"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873909","reference_id":"873909","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873909"},{"reference_url":"https://security.gentoo.org/glsa/201710-29","reference_id":"GLSA-201710-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-29"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1079855?format=json","purl":"pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%252Bdeb10u2"}],"aliases":["CVE-2017-14098"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vc4h-7284-2qeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175165?format=json","vulnerability_id":"VCID-zze4-ps2w-4qh9","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17281","reference_id":"","reference_type":"","scores":[{"value":"0.80258","scoring_system":"epss","scoring_elements":"0.99143","published_at":"2026-06-11T12:55:00Z"},{"value":"0.80258","scoring_system":"epss","scoring_elements":"0.99146","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12227","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12227"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7286"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909554","reference_id":"909554","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909554"},{"reference_url":"https://security.gentoo.org/glsa/201811-11","reference_id":"GLSA-201811-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201811-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1076679?format=json","purl":"pkg:deb/debian/asterisk@1:13.14.1~dfsg-2%2Bdeb9u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-1j6s-5929-jba5"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-2yhz-4z7q-v3bj"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-3nmd-gfnx-zycc"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-4y87-mgkp-kug6"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5fnd-6j1g-v7dm"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-7p8w-juvq-9qbp"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-9wph-ucaa-byam"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-cx52-9j5c-bqbp"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-e4t6-kskm-qffn"},{"vulnerability":"VCID-ej13-hta7-xfa9"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-ew6x-wukn-wff1"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m5j7-xrze-xqhb"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-t3hz-688a-37g2"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vc4h-7284-2qeb"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"},{"vulnerability":"VCID-zze4-ps2w-4qh9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:13.14.1~dfsg-2%252Bdeb9u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1079855?format=json","purl":"pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19pf-yqxu-4ua8"},{"vulnerability":"VCID-26cq-wj3k-fqb9"},{"vulnerability":"VCID-285z-mgz1-q7cd"},{"vulnerability":"VCID-3azv-xr5c-ckcf"},{"vulnerability":"VCID-41pk-9azt-hqdx"},{"vulnerability":"VCID-4ty4-xrdd-2kee"},{"vulnerability":"VCID-546z-qwur-13h1"},{"vulnerability":"VCID-591f-657m-77d7"},{"vulnerability":"VCID-5sjg-t3ja-57be"},{"vulnerability":"VCID-62p4-jvnj-8kfc"},{"vulnerability":"VCID-6443-b986-kfb6"},{"vulnerability":"VCID-6be8-mh9n-abhd"},{"vulnerability":"VCID-6uaq-9f5x-pyff"},{"vulnerability":"VCID-7ah9-w27g-ckg6"},{"vulnerability":"VCID-82hr-cs3x-fqg9"},{"vulnerability":"VCID-966j-625d-6fa9"},{"vulnerability":"VCID-a151-bk88-hfhq"},{"vulnerability":"VCID-aas9-5n54-c7cn"},{"vulnerability":"VCID-avkx-5as3-jbar"},{"vulnerability":"VCID-b4uk-43sc-fbch"},{"vulnerability":"VCID-b6ga-bw58-sbcz"},{"vulnerability":"VCID-bh6w-tmrd-w7eb"},{"vulnerability":"VCID-bpvn-c1qp-6fdj"},{"vulnerability":"VCID-csms-stcf-dkf4"},{"vulnerability":"VCID-d5bd-s7g5-fufn"},{"vulnerability":"VCID-emwd-gd9k-mygd"},{"vulnerability":"VCID-g5a4-b3bm-2ucb"},{"vulnerability":"VCID-h8bb-7n23-cfak"},{"vulnerability":"VCID-js7f-w44p-rbgh"},{"vulnerability":"VCID-k99k-99mz-8uc5"},{"vulnerability":"VCID-m6wj-knxg-5ybg"},{"vulnerability":"VCID-marj-g3q8-3fdt"},{"vulnerability":"VCID-mks4-6gne-xker"},{"vulnerability":"VCID-mmg1-2mu6-tyey"},{"vulnerability":"VCID-mspu-bd2w-7qdw"},{"vulnerability":"VCID-mssd-d438-7yga"},{"vulnerability":"VCID-nt4b-2zg8-gya2"},{"vulnerability":"VCID-nuyk-gtnh-t3g2"},{"vulnerability":"VCID-nvcm-fd6a-nkbg"},{"vulnerability":"VCID-r429-bk4p-g3er"},{"vulnerability":"VCID-rbr5-7fna-q3f6"},{"vulnerability":"VCID-tux5-7r7x-2kdf"},{"vulnerability":"VCID-u654-2myp-67e8"},{"vulnerability":"VCID-uu3k-v1gc-x7f8"},{"vulnerability":"VCID-vvt7-cetm-4ydt"},{"vulnerability":"VCID-wcrz-h8xd-cbez"},{"vulnerability":"VCID-x29s-dc4y-jyf5"},{"vulnerability":"VCID-x9x1-xcqa-5qdw"},{"vulnerability":"VCID-xb6q-6m1c-5yfj"},{"vulnerability":"VCID-xtjr-uufd-wqc8"},{"vulnerability":"VCID-xx9n-5x9g-9fdd"},{"vulnerability":"VCID-xzgv-h1e1-2fhm"},{"vulnerability":"VCID-year-eh79-qfc2"},{"vulnerability":"VCID-yqr3-7hk1-zfad"},{"vulnerability":"VCID-z7pf-n9uf-7ff3"},{"vulnerability":"VCID-zbbe-qnd8-4yau"},{"vulnerability":"VCID-zwsy-26a5-tudy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%252Bdeb10u2"}],"aliases":["CVE-2018-17281"],"risk_score":1.4,"exploitability":"2.0","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zze4-ps2w-4qh9"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/asterisk@1:16.2.1~dfsg-1%252Bdeb10u2"}