Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/pjproject@2.13-r0?arch=aarch64&distroversion=v3.22&reponame=main
Typeapk
Namespacealpine
Namepjproject
Version2.13-r0
Qualifiers
arch aarch64
distroversion v3.22
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.13.1-r0
Latest_non_vulnerable_version2.14-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-4ty4-xrdd-2kee
vulnerability_id VCID-4ty4-xrdd-2kee
summary Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-39269
reference_id
reference_type
scores
0
value 0.0017
scoring_system epss
scoring_elements 0.37981
published_at 2026-06-11T12:55:00Z
1
value 0.0017
scoring_system epss
scoring_elements 0.38157
published_at 2026-06-12T12:55:00Z
2
value 0.0017
scoring_system epss
scoring_elements 0.38183
published_at 2026-06-13T12:55:00Z
3
value 0.0017
scoring_system epss
scoring_elements 0.3817
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-39269
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032092
reference_id 1032092
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032092
fixed_packages
0
url pkg:apk/alpine/pjproject@2.13-r0?arch=aarch64&distroversion=v3.22&reponame=main
purl pkg:apk/alpine/pjproject@2.13-r0?arch=aarch64&distroversion=v3.22&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/pjproject@2.13-r0%3Farch=aarch64&distroversion=v3.22&reponame=main
aliases CVE-2022-39269
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4ty4-xrdd-2kee
1
url VCID-mmg1-2mu6-tyey
vulnerability_id VCID-mmg1-2mu6-tyey
summary PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This issue has been patched and is available as commit c4d3498 in the master branch and will be included in releases 2.13 and later. Users are advised to upgrade. There are no known workarounds for this issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-39244
reference_id
reference_type
scores
0
value 0.00325
scoring_system epss
scoring_elements 0.55882
published_at 2026-06-11T12:55:00Z
1
value 0.00325
scoring_system epss
scoring_elements 0.56004
published_at 2026-06-14T12:55:00Z
2
value 0.00325
scoring_system epss
scoring_elements 0.56018
published_at 2026-06-13T12:55:00Z
3
value 0.00325
scoring_system epss
scoring_elements 0.56002
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-39244
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706
9
reference_url https://security.gentoo.org/glsa/202210-37
reference_id 202210-37
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/
url https://security.gentoo.org/glsa/202210-37
10
reference_url https://github.com/pjsip/pjproject/commit/c4d34984ec92b3d5252a7d5cddd85a1d3a8001ae
reference_id c4d34984ec92b3d5252a7d5cddd85a1d3a8001ae
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/
url https://github.com/pjsip/pjproject/commit/c4d34984ec92b3d5252a7d5cddd85a1d3a8001ae
11
reference_url https://www.debian.org/security/2023/dsa-5358
reference_id dsa-5358
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/
url https://www.debian.org/security/2023/dsa-5358
12
reference_url https://github.com/pjsip/pjproject/security/advisories/GHSA-fq45-m3f7-3mhj
reference_id GHSA-fq45-m3f7-3mhj
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/
url https://github.com/pjsip/pjproject/security/advisories/GHSA-fq45-m3f7-3mhj
13
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html
reference_id msg00029.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html
14
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html
reference_id msg00038.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:48:20Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html
15
reference_url https://usn.ubuntu.com/6422-1/
reference_id USN-6422-1
reference_type
scores
url https://usn.ubuntu.com/6422-1/
fixed_packages
0
url pkg:apk/alpine/pjproject@2.13-r0?arch=aarch64&distroversion=v3.22&reponame=main
purl pkg:apk/alpine/pjproject@2.13-r0?arch=aarch64&distroversion=v3.22&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/pjproject@2.13-r0%3Farch=aarch64&distroversion=v3.22&reponame=main
aliases CVE-2022-39244
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mmg1-2mu6-tyey
2
url VCID-nt4b-2zg8-gya2
vulnerability_id VCID-nt4b-2zg8-gya2
summary PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability affects PJSIP users that use STUN in their applications, either by: setting a STUN server in their account/media config in PJSUA/PJSUA2 level, or directly using `pjlib-util/stun_simple` API. A patch is available in commit 450baca which should be included in the next release. There are no known workarounds for this issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31031
reference_id
reference_type
scores
0
value 0.00721
scoring_system epss
scoring_elements 0.72955
published_at 2026-06-11T12:55:00Z
1
value 0.00721
scoring_system epss
scoring_elements 0.73046
published_at 2026-06-14T12:55:00Z
2
value 0.00721
scoring_system epss
scoring_elements 0.73048
published_at 2026-06-13T12:55:00Z
3
value 0.00721
scoring_system epss
scoring_elements 0.73033
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31031
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23537
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23547
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31031
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37325
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39244
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39269
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42705
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42706
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017004
reference_id 1017004
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017004
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017005
reference_id 1017005
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017005
11
reference_url https://security.gentoo.org/glsa/202210-37
reference_id 202210-37
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/
url https://security.gentoo.org/glsa/202210-37
12
reference_url https://github.com/pjsip/pjproject/commit/450baca94f475345542c6953832650c390889202
reference_id 450baca94f475345542c6953832650c390889202
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/
url https://github.com/pjsip/pjproject/commit/450baca94f475345542c6953832650c390889202
13
reference_url https://www.debian.org/security/2023/dsa-5358
reference_id dsa-5358
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/
url https://www.debian.org/security/2023/dsa-5358
14
reference_url https://github.com/pjsip/pjproject/security/advisories/GHSA-26j7-ww69-c4qj
reference_id GHSA-26j7-ww69-c4qj
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/
url https://github.com/pjsip/pjproject/security/advisories/GHSA-26j7-ww69-c4qj
15
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html
reference_id msg00029.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html
16
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html
reference_id msg00038.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:49:22Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html
17
reference_url https://usn.ubuntu.com/6422-1/
reference_id USN-6422-1
reference_type
scores
url https://usn.ubuntu.com/6422-1/
fixed_packages
0
url pkg:apk/alpine/pjproject@2.13-r0?arch=aarch64&distroversion=v3.22&reponame=main
purl pkg:apk/alpine/pjproject@2.13-r0?arch=aarch64&distroversion=v3.22&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/pjproject@2.13-r0%3Farch=aarch64&distroversion=v3.22&reponame=main
aliases CVE-2022-31031
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nt4b-2zg8-gya2
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/pjproject@2.13-r0%3Farch=aarch64&distroversion=v3.22&reponame=main