Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:ebuild/net-libs/sofia-sip@1.13.8
Typeebuild
Namespacenet-libs
Namesofia-sip
Version1.13.8
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.13.16
Latest_non_vulnerable_version1.13.16
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-5w26-5asv-uban
vulnerability_id VCID-5w26-5asv-uban
summary Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be caused by a URL ending with `%`. Version 1.13.8 contains a patch for this issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31002
reference_id
reference_type
scores
0
value 0.01086
scoring_system epss
scoring_elements 0.78316
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31002
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31001
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31001
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31002
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31002
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31003
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31003
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47516
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47516
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22741
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22741
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016974
reference_id 1016974
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016974
7
reference_url https://security.gentoo.org/glsa/202210-18
reference_id 202210-18
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:11Z/
url https://security.gentoo.org/glsa/202210-18
8
reference_url https://github.com/freeswitch/sofia-sip/commit/51841eb53679434a386fb2dcbca925dcc48d58ba
reference_id 51841eb53679434a386fb2dcbca925dcc48d58ba
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:11Z/
url https://github.com/freeswitch/sofia-sip/commit/51841eb53679434a386fb2dcbca925dcc48d58ba
9
reference_url https://www.debian.org/security/2023/dsa-5410
reference_id dsa-5410
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:11Z/
url https://www.debian.org/security/2023/dsa-5410
10
reference_url https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-g3x6-p824-x6hm
reference_id GHSA-g3x6-p824-x6hm
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:11Z/
url https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-g3x6-p824-x6hm
11
reference_url https://lists.debian.org/debian-lts-announce/2022/09/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:11Z/
url https://lists.debian.org/debian-lts-announce/2022/09/msg00001.html
12
reference_url https://usn.ubuntu.com/5932-1/
reference_id USN-5932-1
reference_type
scores
url https://usn.ubuntu.com/5932-1/
fixed_packages
0
url pkg:ebuild/net-libs/sofia-sip@1.13.8
purl pkg:ebuild/net-libs/sofia-sip@1.13.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/sofia-sip@1.13.8
aliases CVE-2022-31002
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5w26-5asv-uban
1
url VCID-b44u-17cc-6fag
vulnerability_id VCID-b44u-17cc-6fag
summary Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, when parsing each line of a sdp message, `rest = record + 2` will access the memory behind `\0` and cause an out-of-bounds write. An attacker can send a message with evil sdp to FreeSWITCH, causing a crash or more serious consequence, such as remote code execution. Version 1.13.8 contains a patch for this issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31003
reference_id
reference_type
scores
0
value 0.1379
scoring_system epss
scoring_elements 0.94449
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31003
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31001
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31001
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31002
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31002
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31003
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31003
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47516
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47516
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22741
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22741
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016974
reference_id 1016974
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016974
7
reference_url https://security.gentoo.org/glsa/202210-18
reference_id 202210-18
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:07Z/
url https://security.gentoo.org/glsa/202210-18
8
reference_url https://github.com/freeswitch/sofia-sip/commit/907f2ac0ee504c93ebfefd676b4632a3575908c9
reference_id 907f2ac0ee504c93ebfefd676b4632a3575908c9
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:07Z/
url https://github.com/freeswitch/sofia-sip/commit/907f2ac0ee504c93ebfefd676b4632a3575908c9
9
reference_url https://www.debian.org/security/2023/dsa-5410
reference_id dsa-5410
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:07Z/
url https://www.debian.org/security/2023/dsa-5410
10
reference_url https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8w5j-6g2j-pxcp
reference_id GHSA-8w5j-6g2j-pxcp
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:07Z/
url https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8w5j-6g2j-pxcp
11
reference_url https://lists.debian.org/debian-lts-announce/2022/09/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:41:07Z/
url https://lists.debian.org/debian-lts-announce/2022/09/msg00001.html
12
reference_url https://usn.ubuntu.com/5932-1/
reference_id USN-5932-1
reference_type
scores
url https://usn.ubuntu.com/5932-1/
fixed_packages
0
url pkg:ebuild/net-libs/sofia-sip@1.13.8
purl pkg:ebuild/net-libs/sofia-sip@1.13.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/sofia-sip@1.13.8
aliases CVE-2022-31003
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b44u-17cc-6fag
2
url VCID-pb14-3gt4-6uc6
vulnerability_id VCID-pb14-3gt4-6uc6
summary Multiple vulnerabilities have been discovered in Sofia-SIP, the worst of which could result in remote code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31001
reference_id
reference_type
scores
0
value 0.01037
scoring_system epss
scoring_elements 0.77821
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31001
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31001
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31001
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31002
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31002
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31003
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31003
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47516
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47516
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22741
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22741
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016974
reference_id 1016974
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016974
7
reference_url https://usn.ubuntu.com/5932-1/
reference_id USN-5932-1
reference_type
scores
url https://usn.ubuntu.com/5932-1/
fixed_packages
0
url pkg:ebuild/net-libs/sofia-sip@1.13.8
purl pkg:ebuild/net-libs/sofia-sip@1.13.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/sofia-sip@1.13.8
aliases CVE-2022-31001
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pb14-3gt4-6uc6
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/sofia-sip@1.13.8