Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

Type deb

Namespace debian

Name kamailio

Version 5.6.3-2

Qualifiers

distro	trixie

Subpath

Is_vulnerable true

Next_non_vulnerable_version 6.0.5-1

Latest_non_vulnerable_version 6.1.3-2

Affected_by_vulnerabilities

url VCID-95vp-4dhn-x7gp

vulnerability_id VCID-95vp-4dhn-x7gp

summary Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.1.1, 6.0.6, and 5.8.8, an out-of-bounds access in the core of Kamailio (formerly OpenSER and SER) allows remote attackers to cause a denial of service (process crash) via a specially crafted data packet sent over TCP. The issue impacts Kamailio instances having TCP or TLS listeners. This vulnerability is fixed in 5.1.1, 6.0.6, and 5.8.8.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-39863

reference_id

reference_type

scores

value	0.00047
scoring_system	epss
scoring_elements	0.14973
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-39863

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39863
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39863

reference_url

https://github.com/kamailio/kamailio/security/advisories/GHSA-2wj4-f825-2h2f

reference_id

GHSA-2wj4-f825-2h2f

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-09T13:52:31Z/

url

https://github.com/kamailio/kamailio/security/advisories/GHSA-2wj4-f825-2h2f

fixed_packages

url	pkg:deb/debian/kamailio@6.1.1-2?distro=trixie
purl	pkg:deb/debian/kamailio@6.1.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.1.1-2%3Fdistro=trixie

url	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
purl	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.1.3-2%3Fdistro=trixie

aliases CVE-2026-39863

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-95vp-4dhn-x7gp

url VCID-jsty-qq73-63a5

vulnerability_id VCID-jsty-qq73-63a5

summary Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio (formerly OpenSER and SER) allows remote attackers to cause a denial of service (process crash) via a specially crafted SIP packet if a successful user authentication without a database backend is followed by additional user identity checks. This vulnerability is fixed in 6.0.5 and 5.8.7.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-39864

reference_id

reference_type

scores

value	0.00234
scoring_system	epss
scoring_elements	0.4651
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-39864

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39864

reference_url

https://github.com/kamailio/kamailio/security/advisories/GHSA-6m86-m342-g48m

reference_id

GHSA-6m86-m342-g48m

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-08T20:19:26Z/

url

https://github.com/kamailio/kamailio/security/advisories/GHSA-6m86-m342-g48m

fixed_packages

url	pkg:deb/debian/kamailio@6.0.5-1?distro=trixie
purl	pkg:deb/debian/kamailio@6.0.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.0.5-1%3Fdistro=trixie

url	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
purl	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.1.3-2%3Fdistro=trixie

aliases CVE-2026-39864

risk_score 2.0

exploitability 0.5

weighted_severity 4.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jsty-qq73-63a5

Fixing_vulnerabilities

url VCID-19fb-d8s5-97fn

vulnerability_id VCID-19fb-d8s5-97fn

summary The Kamailio SIP before 5.5.0 server mishandles INVITE requests with duplicated fields and overlength tag, leading to a buffer overflow that crashes the server or possibly have unspecified other impact.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-27507

reference_id

reference_type

scores

value	0.00412
scoring_system	epss
scoring_elements	0.61893
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-27507

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27507
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27507

reference_url

https://github.com/kamailio/kamailio/issues/2503

reference_id

2503

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-27T18:37:13Z/

url

https://github.com/kamailio/kamailio/issues/2503

reference_url

https://github.com/kamailio/kamailio/commit/ada3701d22b1fd579f06b4f54fa695fa988e685f

reference_id

ada3701d22b1fd579f06b4f54fa695fa988e685f

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-27T18:37:13Z/

url

https://github.com/kamailio/kamailio/commit/ada3701d22b1fd579f06b4f54fa695fa988e685f

reference_url

https://lists.debian.org/debian-lts-announce/2023/05/msg00030.html

reference_id

msg00030.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-27T18:37:13Z/

url

https://lists.debian.org/debian-lts-announce/2023/05/msg00030.html

reference_url	https://usn.ubuntu.com/6022-1/
reference_id	USN-6022-1
reference_type
scores
url	https://usn.ubuntu.com/6022-1/

fixed_packages

url	pkg:deb/debian/kamailio@5.4.2-1?distro=trixie
purl	pkg:deb/debian/kamailio@5.4.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.4.2-1%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

purl pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.4.4-1%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

purl pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.6.3-2%3Fdistro=trixie

url pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.0.1-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
purl	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.1.3-2%3Fdistro=trixie

aliases CVE-2020-27507

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-19fb-d8s5-97fn

url VCID-7nr9-st2h-mfgh

vulnerability_id VCID-7nr9-st2h-mfgh

summary The kamailio build in kamailio before 4.2.0-2 process allows local users to gain privileges.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-1591

reference_id

reference_type

scores

value	0.00062
scoring_system	epss
scoring_elements	0.19569
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-1591

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1591
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1591

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775681
reference_id	775681
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775681

fixed_packages

url	pkg:deb/debian/kamailio@4.2.0-2?distro=trixie
purl	pkg:deb/debian/kamailio@4.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@4.2.0-2%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

purl pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.4.4-1%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

purl pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.6.3-2%3Fdistro=trixie

url pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.0.1-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
purl	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.1.3-2%3Fdistro=trixie

aliases CVE-2015-1591

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7nr9-st2h-mfgh

url VCID-7t6b-wcdm-rqfv

vulnerability_id VCID-7t6b-wcdm-rqfv

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16657

reference_id

reference_type

scores

value	0.00921
scoring_system	epss
scoring_elements	0.76429
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16657

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16657
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16657

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908324
reference_id	908324
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908324

reference_url	https://usn.ubuntu.com/6022-1/
reference_id	USN-6022-1
reference_type
scores
url	https://usn.ubuntu.com/6022-1/

fixed_packages

url	pkg:deb/debian/kamailio@5.1.4-1?distro=trixie
purl	pkg:deb/debian/kamailio@5.1.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.1.4-1%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

purl pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.4.4-1%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

purl pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.6.3-2%3Fdistro=trixie

url pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.0.1-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
purl	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.1.3-2%3Fdistro=trixie

aliases CVE-2018-16657

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7t6b-wcdm-rqfv

url VCID-j23r-x47z-guhg

vulnerability_id VCID-j23r-x47z-guhg

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-8828

reference_id

reference_type

scores

value	0.00929
scoring_system	epss
scoring_elements	0.76552
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-8828

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8828
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8828

reference_url	https://usn.ubuntu.com/4240-1/
reference_id	USN-4240-1
reference_type
scores
url	https://usn.ubuntu.com/4240-1/

fixed_packages

url	pkg:deb/debian/kamailio@5.1.2-1?distro=trixie
purl	pkg:deb/debian/kamailio@5.1.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.1.2-1%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

purl pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.4.4-1%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

purl pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.6.3-2%3Fdistro=trixie

url pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.0.1-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
purl	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.1.3-2%3Fdistro=trixie

aliases CVE-2018-8828

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j23r-x47z-guhg

url VCID-m5yx-h7zz-93gb

vulnerability_id VCID-m5yx-h7zz-93gb

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2385

reference_id

reference_type

scores

value	0.20973
scoring_system	epss
scoring_elements	0.95772
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2385

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2385
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2385

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815178
reference_id	815178
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815178

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39638.txt
reference_id	CVE-2016-2385
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39638.txt

reference_url	https://usn.ubuntu.com/7416-1/
reference_id	USN-7416-1
reference_type
scores
url	https://usn.ubuntu.com/7416-1/

fixed_packages

url	pkg:deb/debian/kamailio@4.3.4-2?distro=trixie
purl	pkg:deb/debian/kamailio@4.3.4-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@4.3.4-2%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

purl pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.4.4-1%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

purl pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.6.3-2%3Fdistro=trixie

url pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.0.1-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
purl	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.1.3-2%3Fdistro=trixie

aliases CVE-2016-2385

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m5yx-h7zz-93gb

url VCID-naj2-6gy6-bfb5

vulnerability_id VCID-naj2-6gy6-bfb5

summary Kamailio before 5.4.0, as used in Sip Express Router (SER) in Sippy Softswitch 4.5 through 5.2 and other products, allows a bypass of a header-removal protection mechanism via whitespace characters. This occurs in the remove_hf function in the Kamailio textops module. Particular use of remove_hf in Sippy Softswitch may allow skilled attacker having a valid credential in the system to disrupt internal call start/duration accounting mechanisms leading potentially to a loss of revenue.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-28361

reference_id

reference_type

scores

value	0.00144
scoring_system	epss
scoring_elements	0.34499
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-28361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28361

reference_url	https://usn.ubuntu.com/7416-1/
reference_id	USN-7416-1
reference_type
scores
url	https://usn.ubuntu.com/7416-1/

fixed_packages

url	pkg:deb/debian/kamailio@5.4.0-1?distro=trixie
purl	pkg:deb/debian/kamailio@5.4.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.4.0-1%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

purl pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.4.4-1%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

purl pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.6.3-2%3Fdistro=trixie

url pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.0.1-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
purl	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.1.3-2%3Fdistro=trixie

aliases CVE-2020-28361

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-naj2-6gy6-bfb5

url VCID-szjx-339s-qyb1

vulnerability_id VCID-szjx-339s-qyb1

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14767

reference_id

reference_type

scores

value	0.02018
scoring_system	epss
scoring_elements	0.84122
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14767

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14767
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14767

reference_url	https://usn.ubuntu.com/7416-1/
reference_id	USN-7416-1
reference_type
scores
url	https://usn.ubuntu.com/7416-1/

fixed_packages

url	pkg:deb/debian/kamailio@5.1.4-1?distro=trixie
purl	pkg:deb/debian/kamailio@5.1.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.1.4-1%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

purl pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.4.4-1%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

purl pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.6.3-2%3Fdistro=trixie

url pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.0.1-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
purl	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.1.3-2%3Fdistro=trixie

aliases CVE-2018-14767

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-szjx-339s-qyb1

url VCID-vh68-urd8-rkg5

vulnerability_id VCID-vh68-urd8-rkg5

summary The kamcmd administrative utility and default configuration in kamailio before 4.3.0 use /tmp/kamailio_ctl.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-1590

reference_id

reference_type

scores

value	0.00085
scoring_system	epss
scoring_elements	0.24708
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-1590

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1590
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1590

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775681
reference_id	775681
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775681

fixed_packages

url	pkg:deb/debian/kamailio@4.2.0-2?distro=trixie
purl	pkg:deb/debian/kamailio@4.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@4.2.0-2%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

purl pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.4.4-1%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

purl pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.6.3-2%3Fdistro=trixie

url pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.0.1-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
purl	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.1.3-2%3Fdistro=trixie

aliases CVE-2015-1590

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vh68-urd8-rkg5

url VCID-zatw-nd9a-4qab

vulnerability_id VCID-zatw-nd9a-4qab

summary Insecure Temporary file vulnerability in /tmp/kamailio_fifo in kamailio 4.0.1.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-7426

reference_id

reference_type

scores

value	0.014
scoring_system	epss
scoring_elements	0.80843
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-7426

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7426
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7426

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712083
reference_id	712083
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712083

fixed_packages

url	pkg:deb/debian/kamailio@4.0.2-1?distro=trixie
purl	pkg:deb/debian/kamailio@4.0.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@4.0.2-1%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

purl pkg:deb/debian/kamailio@5.4.4-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.4.4-1%3Fdistro=trixie

url pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

purl pkg:deb/debian/kamailio@5.6.3-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.6.3-2%3Fdistro=trixie

url pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/kamailio@6.0.1-1%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-95vp-4dhn-x7gp

vulnerability	VCID-jsty-qq73-63a5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.0.1-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
purl	pkg:deb/debian/kamailio@6.1.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@6.1.3-2%3Fdistro=trixie

aliases CVE-2013-7426

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zatw-nd9a-4qab

Risk_score 3.4

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/kamailio@5.6.3-2%3Fdistro=trixie

Package Instance