Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/ntpsec@1.1.3-r0?arch=aarch64&distroversion=v3.19&reponame=community

Type apk

Namespace alpine

Name ntpsec

Version 1.1.3-r0

Qualifiers

arch	aarch64
distroversion	v3.19
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1.2.1-r0

Latest_non_vulnerable_version 1.2.2a-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-88fv-n2b1-63hp

vulnerability_id VCID-88fv-n2b1-63hp

summary An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6444

reference_id

reference_type

scores

value	0.11626
scoring_system	epss
scoring_elements	0.93789
published_at	2026-06-04T12:55:00Z

value	0.11626
scoring_system	epss
scoring_elements	0.93798
published_at	2026-06-06T12:55:00Z

value	0.11626
scoring_system	epss
scoring_elements	0.93797
published_at	2026-06-08T12:55:00Z

value	0.11626
scoring_system	epss
scoring_elements	0.93803
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6444

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6444
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6444

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919513
reference_id	919513
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919513

reference_url	https://dumpco.re/bugs/ntpsec-oobread2
reference_id	CVE-2019-6444
reference_type	exploit
scores
url	https://dumpco.re/bugs/ntpsec-oobread2

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46176.py
reference_id	CVE-2019-6444
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46176.py

fixed_packages

url	pkg:apk/alpine/ntpsec@1.1.3-r0?arch=aarch64&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/ntpsec@1.1.3-r0?arch=aarch64&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ntpsec@1.1.3-r0%3Farch=aarch64&distroversion=v3.19&reponame=community

aliases CVE-2019-6444

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-88fv-n2b1-63hp

url VCID-ee1h-ze96-5fbu

vulnerability_id VCID-ee1h-ze96-5fbu

summary An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6445

reference_id

reference_type

scores

value	0.16559
scoring_system	epss
scoring_elements	0.95033
published_at	2026-06-04T12:55:00Z

value	0.16559
scoring_system	epss
scoring_elements	0.95042
published_at	2026-06-05T12:55:00Z

value	0.16559
scoring_system	epss
scoring_elements	0.95043
published_at	2026-06-06T12:55:00Z

value	0.16559
scoring_system	epss
scoring_elements	0.95045
published_at	2026-06-08T12:55:00Z

value	0.16559
scoring_system	epss
scoring_elements	0.95049
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6445

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6445
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6445

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919513
reference_id	919513
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919513

reference_url	https://dumpco.re/bugs/ntpsec-authed-npe
reference_id	CVE-2019-6445
reference_type	exploit
scores
url	https://dumpco.re/bugs/ntpsec-authed-npe

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46177.py
reference_id	CVE-2019-6445
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46177.py

fixed_packages

url	pkg:apk/alpine/ntpsec@1.1.3-r0?arch=aarch64&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/ntpsec@1.1.3-r0?arch=aarch64&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ntpsec@1.1.3-r0%3Farch=aarch64&distroversion=v3.19&reponame=community

aliases CVE-2019-6445

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ee1h-ze96-5fbu

url VCID-rchy-vjxq-u3ae

vulnerability_id VCID-rchy-vjxq-u3ae

summary An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6443

reference_id

reference_type

scores

value	0.47167
scoring_system	epss
scoring_elements	0.97741
published_at	2026-06-04T12:55:00Z

value	0.47167
scoring_system	epss
scoring_elements	0.97745
published_at	2026-06-05T12:55:00Z

value	0.47167
scoring_system	epss
scoring_elements	0.97746
published_at	2026-06-06T12:55:00Z

value	0.47167
scoring_system	epss
scoring_elements	0.97747
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6443

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6443
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6443

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919513
reference_id	919513
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919513

reference_url	https://dumpco.re/bugs/ntpsec-oobread1
reference_id	CVE-2019-6443
reference_type	exploit
scores
url	https://dumpco.re/bugs/ntpsec-oobread1

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46175.py
reference_id	CVE-2019-6443
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46175.py

fixed_packages

url	pkg:apk/alpine/ntpsec@1.1.3-r0?arch=aarch64&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/ntpsec@1.1.3-r0?arch=aarch64&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ntpsec@1.1.3-r0%3Farch=aarch64&distroversion=v3.19&reponame=community

aliases CVE-2019-6443

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rchy-vjxq-u3ae

url VCID-wnbm-4gk2-dfgh

vulnerability_id VCID-wnbm-4gk2-dfgh

summary An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to config_remotely in ntp_config.c, yyparse in ntp_parser.tab.c, and yyerror in ntp_parser.y.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6442

reference_id

reference_type

scores

value	0.18025
scoring_system	epss
scoring_elements	0.95289
published_at	2026-06-04T12:55:00Z

value	0.18025
scoring_system	epss
scoring_elements	0.95296
published_at	2026-06-05T12:55:00Z

value	0.18025
scoring_system	epss
scoring_elements	0.95298
published_at	2026-06-06T12:55:00Z

value	0.18025
scoring_system	epss
scoring_elements	0.953
published_at	2026-06-07T12:55:00Z

value	0.18025
scoring_system	epss
scoring_elements	0.95301
published_at	2026-06-08T12:55:00Z

value	0.18025
scoring_system	epss
scoring_elements	0.95304
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6442

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6442
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6442

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919513
reference_id	919513
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919513

reference_url	https://dumpco.re/bugs/ntpsec-authed-oobwrite
reference_id	CVE-2019-6442
reference_type	exploit
scores
url	https://dumpco.re/bugs/ntpsec-authed-oobwrite

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46178.py
reference_id	CVE-2019-6442
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46178.py

fixed_packages

url	pkg:apk/alpine/ntpsec@1.1.3-r0?arch=aarch64&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/ntpsec@1.1.3-r0?arch=aarch64&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ntpsec@1.1.3-r0%3Farch=aarch64&distroversion=v3.19&reponame=community

aliases CVE-2019-6442

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wnbm-4gk2-dfgh

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ntpsec@1.1.3-r0%3Farch=aarch64&distroversion=v3.19&reponame=community

Package Instance