{"url":"http://public2.vulnerablecode.io/api/packages/161942?format=json","purl":"pkg:apk/alpine/asterisk@15.6.2-r0?arch=x86&distroversion=v3.7&reponame=main","type":"apk","namespace":"alpine","name":"asterisk","version":"15.6.2-r0","qualifiers":{"arch":"x86","distroversion":"v3.7","reponame":"main"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207383?format=json","vulnerability_id":"VCID-cx52-9j5c-bqbp","summary":"An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7251","reference_id":"","reference_type":"","scores":[{"value":"0.04411","scoring_system":"epss","scoring_elements":"0.89259","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7251"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7251","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7251"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923690","reference_id":"923690","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923690"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/161942?format=json","purl":"pkg:apk/alpine/asterisk@15.6.2-r0?arch=x86&distroversion=v3.7&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/asterisk@15.6.2-r0%3Farch=x86&distroversion=v3.7&reponame=main"}],"aliases":["CVE-2019-7251"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cx52-9j5c-bqbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/210710?format=json","vulnerability_id":"VCID-n5ax-suhv-ckb7","summary":"Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed length.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19278","reference_id":"","reference_type":"","scores":[{"value":"0.03169","scoring_system":"epss","scoring_elements":"0.87222","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19278"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/161942?format=json","purl":"pkg:apk/alpine/asterisk@15.6.2-r0?arch=x86&distroversion=v3.7&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/asterisk@15.6.2-r0%3Farch=x86&distroversion=v3.7&reponame=main"}],"aliases":["CVE-2018-19278"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n5ax-suhv-ckb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206760?format=json","vulnerability_id":"VCID-x29s-dc4y-jyf5","summary":"Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12827","reference_id":"","reference_type":"","scores":[{"value":"0.18415","scoring_system":"epss","scoring_elements":"0.95384","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12827"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931980","reference_id":"931980","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931980"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/161942?format=json","purl":"pkg:apk/alpine/asterisk@15.6.2-r0?arch=x86&distroversion=v3.7&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/asterisk@15.6.2-r0%3Farch=x86&distroversion=v3.7&reponame=main"}],"aliases":["CVE-2019-12827"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x29s-dc4y-jyf5"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/asterisk@15.6.2-r0%3Farch=x86&distroversion=v3.7&reponame=main"}