Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/asterisk@15.6.2-r0?arch=ppc64le&distroversion=v3.8&reponame=main
Typeapk
Namespacealpine
Nameasterisk
Version15.6.2-r0
Qualifiers
arch ppc64le
distroversion v3.8
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-917e-7kp2-y3hw
vulnerability_id VCID-917e-7kp2-y3hw
summary res_pjsip_t38 in Sangoma Asterisk 15.x before 15.7.4 and 16.x before 16.5.1 allows an attacker to trigger a crash by sending a declined stream in a response to a T.38 re-invite initiated by Asterisk. The crash occurs because of a NULL session media object dereference.
references
0
reference_url http://downloads.asterisk.org/pub/security/AST-2019-004.html
reference_id
reference_type
scores
url http://downloads.asterisk.org/pub/security/AST-2019-004.html
1
reference_url http://packetstormsecurity.com/files/154371/Asterisk-Project-Security-Advisory-AST-2019-004.html
reference_id
reference_type
scores
url http://packetstormsecurity.com/files/154371/Asterisk-Project-Security-Advisory-AST-2019-004.html
2
reference_url http://packetstormsecurity.com/files/161671/Asterisk-Project-Security-Advisory-AST-2021-006.html
reference_id
reference_type
scores
url http://packetstormsecurity.com/files/161671/Asterisk-Project-Security-Advisory-AST-2021-006.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-15297
reference_id
reference_type
scores
0
value 0.01814
scoring_system epss
scoring_elements 0.82843
published_at 2026-04-13T12:55:00Z
1
value 0.01814
scoring_system epss
scoring_elements 0.82847
published_at 2026-04-12T12:55:00Z
2
value 0.01814
scoring_system epss
scoring_elements 0.82779
published_at 2026-04-01T12:55:00Z
3
value 0.01814
scoring_system epss
scoring_elements 0.82795
published_at 2026-04-02T12:55:00Z
4
value 0.01814
scoring_system epss
scoring_elements 0.82809
published_at 2026-04-04T12:55:00Z
5
value 0.01814
scoring_system epss
scoring_elements 0.82804
published_at 2026-04-07T12:55:00Z
6
value 0.01814
scoring_system epss
scoring_elements 0.8283
published_at 2026-04-08T12:55:00Z
7
value 0.01814
scoring_system epss
scoring_elements 0.82836
published_at 2026-04-09T12:55:00Z
8
value 0.01814
scoring_system epss
scoring_elements 0.82852
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-15297
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15297
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15297
5
reference_url http://seclists.org/fulldisclosure/2021/Mar/5
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2021/Mar/5
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940060
reference_id 940060
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940060
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-15297
reference_id CVE-2019-15297
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:N/A:P
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-15297
fixed_packages
0
url pkg:apk/alpine/asterisk@15.6.2-r0?arch=ppc64le&distroversion=v3.8&reponame=main
purl pkg:apk/alpine/asterisk@15.6.2-r0?arch=ppc64le&distroversion=v3.8&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/asterisk@15.6.2-r0%3Farch=ppc64le&distroversion=v3.8&reponame=main
aliases CVE-2019-15297
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-917e-7kp2-y3hw
1
url VCID-qksp-5hqu-7qad
vulnerability_id VCID-qksp-5hqu-7qad
summary An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-7251
reference_id
reference_type
scores
0
value 0.04411
scoring_system epss
scoring_elements 0.89019
published_at 2026-04-13T12:55:00Z
1
value 0.04411
scoring_system epss
scoring_elements 0.89022
published_at 2026-04-12T12:55:00Z
2
value 0.04411
scoring_system epss
scoring_elements 0.88965
published_at 2026-04-01T12:55:00Z
3
value 0.04411
scoring_system epss
scoring_elements 0.88973
published_at 2026-04-02T12:55:00Z
4
value 0.04411
scoring_system epss
scoring_elements 0.88989
published_at 2026-04-04T12:55:00Z
5
value 0.04411
scoring_system epss
scoring_elements 0.88992
published_at 2026-04-07T12:55:00Z
6
value 0.04411
scoring_system epss
scoring_elements 0.8901
published_at 2026-04-08T12:55:00Z
7
value 0.04411
scoring_system epss
scoring_elements 0.89015
published_at 2026-04-09T12:55:00Z
8
value 0.04411
scoring_system epss
scoring_elements 0.89026
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-7251
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7251
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7251
2
reference_url https://downloads.asterisk.org/pub/security/AST-2019-001.html
reference_id
reference_type
scores
url https://downloads.asterisk.org/pub/security/AST-2019-001.html
3
reference_url https://issues.asterisk.org/jira/browse/ASTERISK-28260
reference_id
reference_type
scores
url https://issues.asterisk.org/jira/browse/ASTERISK-28260
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923690
reference_id 923690
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923690
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-7251
reference_id CVE-2019-7251
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:N/A:P
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-7251
fixed_packages
0
url pkg:apk/alpine/asterisk@15.6.2-r0?arch=ppc64le&distroversion=v3.8&reponame=main
purl pkg:apk/alpine/asterisk@15.6.2-r0?arch=ppc64le&distroversion=v3.8&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/asterisk@15.6.2-r0%3Farch=ppc64le&distroversion=v3.8&reponame=main
aliases CVE-2019-7251
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qksp-5hqu-7qad
2
url VCID-x2gp-mft6-1yhy
vulnerability_id VCID-x2gp-mft6-1yhy
summary An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chan_sip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to an outgoing T.38 re-invite. To exploit this vulnerability an attacker must cause the chan_sip module to send a T.38 re-invite request to them. Upon receipt, the attacker must send an SDP answer containing both a T.38 UDPTL stream and another media stream containing only a codec (which is not permitted according to the chan_sip configuration).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-13161
reference_id
reference_type
scores
0
value 0.02171
scoring_system epss
scoring_elements 0.84257
published_at 2026-04-01T12:55:00Z
1
value 0.02171
scoring_system epss
scoring_elements 0.84269
published_at 2026-04-02T12:55:00Z
2
value 0.02171
scoring_system epss
scoring_elements 0.84287
published_at 2026-04-04T12:55:00Z
3
value 0.02171
scoring_system epss
scoring_elements 0.84289
published_at 2026-04-07T12:55:00Z
4
value 0.02171
scoring_system epss
scoring_elements 0.8431
published_at 2026-04-08T12:55:00Z
5
value 0.02171
scoring_system epss
scoring_elements 0.84315
published_at 2026-04-09T12:55:00Z
6
value 0.02171
scoring_system epss
scoring_elements 0.84334
published_at 2026-04-11T12:55:00Z
7
value 0.02171
scoring_system epss
scoring_elements 0.84326
published_at 2026-04-12T12:55:00Z
8
value 0.02171
scoring_system epss
scoring_elements 0.84323
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-13161
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13161
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13161
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931981
reference_id 931981
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931981
fixed_packages
0
url pkg:apk/alpine/asterisk@15.6.2-r0?arch=ppc64le&distroversion=v3.8&reponame=main
purl pkg:apk/alpine/asterisk@15.6.2-r0?arch=ppc64le&distroversion=v3.8&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/asterisk@15.6.2-r0%3Farch=ppc64le&distroversion=v3.8&reponame=main
aliases CVE-2019-13161
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x2gp-mft6-1yhy
3
url VCID-xbe4-uvqu-6kf7
vulnerability_id VCID-xbe4-uvqu-6kf7
summary Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12827
reference_id
reference_type
scores
0
value 0.1959
scoring_system epss
scoring_elements 0.95377
published_at 2026-04-01T12:55:00Z
1
value 0.1959
scoring_system epss
scoring_elements 0.95386
published_at 2026-04-02T12:55:00Z
2
value 0.1959
scoring_system epss
scoring_elements 0.95392
published_at 2026-04-04T12:55:00Z
3
value 0.1959
scoring_system epss
scoring_elements 0.95397
published_at 2026-04-07T12:55:00Z
4
value 0.1959
scoring_system epss
scoring_elements 0.95404
published_at 2026-04-08T12:55:00Z
5
value 0.1959
scoring_system epss
scoring_elements 0.95406
published_at 2026-04-09T12:55:00Z
6
value 0.1959
scoring_system epss
scoring_elements 0.95411
published_at 2026-04-12T12:55:00Z
7
value 0.1959
scoring_system epss
scoring_elements 0.95413
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12827
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12827
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931980
reference_id 931980
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931980
fixed_packages
0
url pkg:apk/alpine/asterisk@15.6.2-r0?arch=ppc64le&distroversion=v3.8&reponame=main
purl pkg:apk/alpine/asterisk@15.6.2-r0?arch=ppc64le&distroversion=v3.8&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/asterisk@15.6.2-r0%3Farch=ppc64le&distroversion=v3.8&reponame=main
aliases CVE-2019-12827
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xbe4-uvqu-6kf7
4
url VCID-xcpx-unz5-gqbp
vulnerability_id VCID-xcpx-unz5-gqbp
summary Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed length.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-19278
reference_id
reference_type
scores
0
value 0.03349
scoring_system epss
scoring_elements 0.87266
published_at 2026-04-01T12:55:00Z
1
value 0.03349
scoring_system epss
scoring_elements 0.87276
published_at 2026-04-02T12:55:00Z
2
value 0.03349
scoring_system epss
scoring_elements 0.87292
published_at 2026-04-04T12:55:00Z
3
value 0.03349
scoring_system epss
scoring_elements 0.8729
published_at 2026-04-07T12:55:00Z
4
value 0.03349
scoring_system epss
scoring_elements 0.87309
published_at 2026-04-08T12:55:00Z
5
value 0.03349
scoring_system epss
scoring_elements 0.87317
published_at 2026-04-09T12:55:00Z
6
value 0.03349
scoring_system epss
scoring_elements 0.87329
published_at 2026-04-11T12:55:00Z
7
value 0.03349
scoring_system epss
scoring_elements 0.87323
published_at 2026-04-12T12:55:00Z
8
value 0.03349
scoring_system epss
scoring_elements 0.87319
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-19278
fixed_packages
0
url pkg:apk/alpine/asterisk@15.6.2-r0?arch=ppc64le&distroversion=v3.8&reponame=main
purl pkg:apk/alpine/asterisk@15.6.2-r0?arch=ppc64le&distroversion=v3.8&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/asterisk@15.6.2-r0%3Farch=ppc64le&distroversion=v3.8&reponame=main
aliases CVE-2018-19278
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xcpx-unz5-gqbp
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/asterisk@15.6.2-r0%3Farch=ppc64le&distroversion=v3.8&reponame=main