Package Instance

reference_id

AVG-586

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3576.json

reference_url	https://access.redhat.com/errata/RHSA-2018:3071
reference_id	RHSA-2018:3071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3071

fixed_packages

url pkg:deb/debian/krb5@1.17-3%2Bdeb10u4

purl pkg:deb/debian/krb5@1.17-3%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3362-hawt-17ek

vulnerability	VCID-3du2-evy8-jfa1

vulnerability	VCID-8yk4-du7p-eue4

vulnerability	VCID-97k8-xbsv-87da

vulnerability	VCID-bwpn-qxzd-43g8

vulnerability	VCID-h9q8-x3n3-6qdn

vulnerability	VCID-khdw-3p5j-vya6

vulnerability	VCID-w6yc-w573-vbhy

vulnerability	VCID-zw66-w86u-cuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4

aliases CVE-2018-5729

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2r88-c5e9-vffv

url VCID-3362-hawt-17ek

vulnerability_id VCID-3362-hawt-17ek

summary krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

references

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3576.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-3576

reference_id

reference_type

scores

value	0.00232
scoring_system	epss
scoring_elements	0.461
published_at	2026-04-18T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46069
published_at	2026-04-11T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46041
published_at	2026-04-12T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46049
published_at	2026-04-13T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46104
published_at	2026-04-16T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46024
published_at	2026-04-02T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46044
published_at	2026-04-04T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.45992
published_at	2026-04-07T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46048
published_at	2026-04-08T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46046
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-3576

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3576
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3576

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103525
reference_id	1103525
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103525

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2359465

reference_id

2359465

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2359465

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9
reference_id	cpe:/a:redhat:discovery:2::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_id	cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-3576

reference_id

CVE-2025-3576

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/

url

https://access.redhat.com/security/cve/CVE-2025-3576

reference_url

https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html

reference_id

krb5-1.22.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/

url

https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html

reference_url

https://access.redhat.com/errata/RHSA-2025:11487

reference_id

RHSA-2025:11487

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/

url

https://access.redhat.com/errata/RHSA-2025:11487

reference_url

https://access.redhat.com/errata/RHSA-2025:13664

reference_id

RHSA-2025:13664

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/

url

https://access.redhat.com/errata/RHSA-2025:13664

reference_url

https://access.redhat.com/errata/RHSA-2025:13777

reference_id

RHSA-2025:13777

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/

url

https://access.redhat.com/errata/RHSA-2025:13777

reference_url

https://access.redhat.com/errata/RHSA-2025:15000

reference_id

RHSA-2025:15000

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/

url

https://access.redhat.com/errata/RHSA-2025:15000

reference_url

https://access.redhat.com/errata/RHSA-2025:15001

reference_id

RHSA-2025:15001

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/

url

https://access.redhat.com/errata/RHSA-2025:15001

reference_url

https://access.redhat.com/errata/RHSA-2025:15002

reference_id

RHSA-2025:15002

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/

url

https://access.redhat.com/errata/RHSA-2025:15002

reference_url

https://access.redhat.com/errata/RHSA-2025:15003

reference_id

RHSA-2025:15003

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/

url

https://access.redhat.com/errata/RHSA-2025:15003

reference_url

https://access.redhat.com/errata/RHSA-2025:15004

reference_id

RHSA-2025:15004

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/

url

https://access.redhat.com/errata/RHSA-2025:15004

reference_url

https://access.redhat.com/errata/RHSA-2025:8411

reference_id

RHSA-2025:8411

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/

url

https://access.redhat.com/errata/RHSA-2025:8411

reference_url

https://access.redhat.com/errata/RHSA-2025:9418

reference_id

RHSA-2025:9418

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/

url

https://access.redhat.com/errata/RHSA-2025:9418

reference_url

https://access.redhat.com/errata/RHSA-2025:9430

reference_id

RHSA-2025:9430

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/

url

https://access.redhat.com/errata/RHSA-2025:9430

reference_url	https://usn.ubuntu.com/7542-1/
reference_id	USN-7542-1
reference_type
scores
url	https://usn.ubuntu.com/7542-1/

fixed_packages

url	pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4
purl	pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.20.1-2%252Bdeb12u4

aliases CVE-2025-3576

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3362-hawt-17ek

url VCID-3du2-evy8-jfa1

vulnerability_id VCID-3du2-evy8-jfa1

summary Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42898.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42898.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-42898

reference_id

reference_type

scores

value	0.08889
scoring_system	epss
scoring_elements	0.92575
published_at	2026-04-18T12:55:00Z

value	0.08889
scoring_system	epss
scoring_elements	0.92532
published_at	2026-04-02T12:55:00Z

value	0.08889
scoring_system	epss
scoring_elements	0.9254
published_at	2026-04-04T12:55:00Z

value	0.08889
scoring_system	epss
scoring_elements	0.92542
published_at	2026-04-07T12:55:00Z

value	0.08889
scoring_system	epss
scoring_elements	0.92553
published_at	2026-04-08T12:55:00Z

value	0.08889
scoring_system	epss
scoring_elements	0.92558
published_at	2026-04-09T12:55:00Z

value	0.08889
scoring_system	epss
scoring_elements	0.92564
published_at	2026-04-13T12:55:00Z

value	0.08889
scoring_system	epss
scoring_elements	0.92565
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-42898

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187
reference_id	1024187
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024267
reference_id	1024267
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024267

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2140960
reference_id	2140960
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2140960

reference_url

https://web.mit.edu/kerberos/advisories/

reference_id

advisories

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/

url

https://web.mit.edu/kerberos/advisories/

reference_url

https://security.archlinux.org/AVG-2828

reference_id

AVG-2828

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2828

reference_url

https://www.samba.org/samba/security/CVE-2022-42898.html

reference_id

CVE-2022-42898.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/

url

https://www.samba.org/samba/security/CVE-2022-42898.html

reference_url

https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583

reference_id

ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/

url

https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583

reference_url

https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c

reference_id

GHSA-64mq-fvfj-5x3c

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/

url

https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c

reference_url

https://security.gentoo.org/glsa/202309-06

reference_id

GLSA-202309-06

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/

url

https://security.gentoo.org/glsa/202309-06

reference_url

https://security.gentoo.org/glsa/202310-06

reference_id

GLSA-202310-06

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/

url

https://security.gentoo.org/glsa/202310-06

reference_url	https://security.gentoo.org/glsa/202405-11
reference_id	GLSA-202405-11
reference_type
scores
url	https://security.gentoo.org/glsa/202405-11

reference_url

https://web.mit.edu/kerberos/krb5-1.19/

reference_id

krb5-1.19

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/

url

https://web.mit.edu/kerberos/krb5-1.19/

reference_url

https://security.netapp.com/advisory/ntap-20230216-0008/

reference_id

ntap-20230216-0008

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/

url

https://security.netapp.com/advisory/ntap-20230216-0008/

reference_url

https://security.netapp.com/advisory/ntap-20230223-0001/

reference_id

ntap-20230223-0001

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/

url

https://security.netapp.com/advisory/ntap-20230223-0001/

reference_url

https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt

reference_id

README-1.20.1.txt

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/

url

https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt

reference_url	https://access.redhat.com/errata/RHSA-2022:8637
reference_id	RHSA-2022:8637
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8637

reference_url	https://access.redhat.com/errata/RHSA-2022:8638
reference_id	RHSA-2022:8638
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8638

reference_url	https://access.redhat.com/errata/RHSA-2022:8639
reference_id	RHSA-2022:8639
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8639

reference_url	https://access.redhat.com/errata/RHSA-2022:8640
reference_id	RHSA-2022:8640
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8640

reference_url	https://access.redhat.com/errata/RHSA-2022:8641
reference_id	RHSA-2022:8641
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8641

reference_url	https://access.redhat.com/errata/RHSA-2022:8648
reference_id	RHSA-2022:8648
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8648

reference_url	https://access.redhat.com/errata/RHSA-2022:8662
reference_id	RHSA-2022:8662
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8662

reference_url	https://access.redhat.com/errata/RHSA-2022:8663
reference_id	RHSA-2022:8663
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8663

reference_url	https://access.redhat.com/errata/RHSA-2022:8669
reference_id	RHSA-2022:8669
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8669

reference_url	https://access.redhat.com/errata/RHSA-2022:9029
reference_id	RHSA-2022:9029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:9029

reference_url

https://bugzilla.samba.org/show_bug.cgi?id=15203

reference_id

show_bug.cgi?id=15203

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/

url

https://bugzilla.samba.org/show_bug.cgi?id=15203

reference_url	https://usn.ubuntu.com/5800-1/
reference_id	USN-5800-1
reference_type
scores
url	https://usn.ubuntu.com/5800-1/

reference_url	https://usn.ubuntu.com/5822-1/
reference_id	USN-5822-1
reference_type
scores
url	https://usn.ubuntu.com/5822-1/

reference_url	https://usn.ubuntu.com/5828-1/
reference_id	USN-5828-1
reference_type
scores
url	https://usn.ubuntu.com/5828-1/

reference_url	https://usn.ubuntu.com/5936-1/
reference_id	USN-5936-1
reference_type
scores
url	https://usn.ubuntu.com/5936-1/

reference_url	https://usn.ubuntu.com/7582-1/
reference_id	USN-7582-1
reference_type
scores
url	https://usn.ubuntu.com/7582-1/

fixed_packages

url pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5

purl pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3362-hawt-17ek

vulnerability	VCID-khdw-3p5j-vya6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5

aliases CVE-2022-42898

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3du2-evy8-jfa1

url VCID-8yk4-du7p-eue4

vulnerability_id VCID-8yk4-du7p-eue4

summary Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36222.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36222.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-36222

reference_id

reference_type

scores

value	0.06615
scoring_system	epss
scoring_elements	0.91206
published_at	2026-04-18T12:55:00Z

value	0.06615
scoring_system	epss
scoring_elements	0.91183
published_at	2026-04-12T12:55:00Z

value	0.06615
scoring_system	epss
scoring_elements	0.91182
published_at	2026-04-13T12:55:00Z

value	0.09227
scoring_system	epss
scoring_elements	0.92692
published_at	2026-04-02T12:55:00Z

value	0.09227
scoring_system	epss
scoring_elements	0.92698
published_at	2026-04-04T12:55:00Z

value	0.09227
scoring_system	epss
scoring_elements	0.92696
published_at	2026-04-07T12:55:00Z

value	0.09227
scoring_system	epss
scoring_elements	0.92706
published_at	2026-04-08T12:55:00Z

value	0.09227
scoring_system	epss
scoring_elements	0.92711
published_at	2026-04-09T12:55:00Z

value	0.09227
scoring_system	epss
scoring_elements	0.92716
published_at	2026-04-11T12:55:00Z

value	0.09227
scoring_system	epss
scoring_elements	0.92684
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-36222

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1983720
reference_id	1983720
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1983720

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991365
reference_id	991365
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991365

reference_url

https://security.archlinux.org/AVG-2173

reference_id

AVG-2173

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2173

reference_url	https://security.gentoo.org/glsa/202405-11
reference_id	GLSA-202405-11
reference_type
scores
url	https://security.gentoo.org/glsa/202405-11

reference_url	https://access.redhat.com/errata/RHSA-2021:3576
reference_id	RHSA-2021:3576
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3576

reference_url	https://usn.ubuntu.com/5959-1/
reference_id	USN-5959-1
reference_type
scores
url	https://usn.ubuntu.com/5959-1/

fixed_packages

url pkg:deb/debian/krb5@1.17-3%2Bdeb10u4

purl pkg:deb/debian/krb5@1.17-3%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3362-hawt-17ek

vulnerability	VCID-3du2-evy8-jfa1

vulnerability	VCID-8yk4-du7p-eue4

vulnerability	VCID-97k8-xbsv-87da

vulnerability	VCID-bwpn-qxzd-43g8

vulnerability	VCID-h9q8-x3n3-6qdn

vulnerability	VCID-khdw-3p5j-vya6

vulnerability	VCID-w6yc-w573-vbhy

vulnerability	VCID-zw66-w86u-cuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4

url pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5

purl pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3362-hawt-17ek

vulnerability	VCID-khdw-3p5j-vya6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5

aliases CVE-2021-36222

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8yk4-du7p-eue4

url VCID-97k8-xbsv-87da

vulnerability_id VCID-97k8-xbsv-87da

summary krb5: GSS message token handling

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37371.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37371.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-37371

reference_id

reference_type

scores

value	0.02606
scoring_system	epss
scoring_elements	0.85656
published_at	2026-04-18T12:55:00Z

value	0.02606
scoring_system	epss
scoring_elements	0.8561
published_at	2026-04-08T12:55:00Z

value	0.02606
scoring_system	epss
scoring_elements	0.85621
published_at	2026-04-09T12:55:00Z

value	0.02606
scoring_system	epss
scoring_elements	0.85635
published_at	2026-04-11T12:55:00Z

value	0.02606
scoring_system	epss
scoring_elements	0.85632
published_at	2026-04-12T12:55:00Z

value	0.02606
scoring_system	epss
scoring_elements	0.85628
published_at	2026-04-13T12:55:00Z

value	0.02606
scoring_system	epss
scoring_elements	0.85651
published_at	2026-04-16T12:55:00Z

value	0.02606
scoring_system	epss
scoring_elements	0.85568
published_at	2026-04-02T12:55:00Z

value	0.02606
scoring_system	epss
scoring_elements	0.85586
published_at	2026-04-04T12:55:00Z

value	0.02606
scoring_system	epss
scoring_elements	0.8559
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-37371

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2294676
reference_id	2294676
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2294676

reference_url

https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef

reference_id

55fbf435edbe2e92dd8101669b1ce7144bc96fef

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:31:33Z/

url

https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef

reference_url

reference_id

advisories

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:31:33Z/

url

reference_url

reference_id

AVG-2856

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5730.json

reference_url	https://access.redhat.com/errata/RHSA-2024:10135
reference_id	RHSA-2024:10135
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10135

reference_url	https://access.redhat.com/errata/RHSA-2024:11109
reference_id	RHSA-2024:11109
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:11109

reference_url	https://access.redhat.com/errata/RHSA-2024:4734
reference_id	RHSA-2024:4734
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4734

reference_url	https://access.redhat.com/errata/RHSA-2024:4743
reference_id	RHSA-2024:4743
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4743

reference_url	https://access.redhat.com/errata/RHSA-2024:5076
reference_id	RHSA-2024:5076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5076

reference_url	https://access.redhat.com/errata/RHSA-2024:5312
reference_id	RHSA-2024:5312
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5312

reference_url	https://access.redhat.com/errata/RHSA-2024:5316
reference_id	RHSA-2024:5316
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5316

reference_url	https://access.redhat.com/errata/RHSA-2024:5625
reference_id	RHSA-2024:5625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5625

reference_url	https://access.redhat.com/errata/RHSA-2024:5630
reference_id	RHSA-2024:5630
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5630

reference_url	https://access.redhat.com/errata/RHSA-2024:5643
reference_id	RHSA-2024:5643
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5643

reference_url	https://access.redhat.com/errata/RHSA-2024:5884
reference_id	RHSA-2024:5884
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5884

reference_url	https://access.redhat.com/errata/RHSA-2024:6166
reference_id	RHSA-2024:6166
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6166

reference_url	https://access.redhat.com/errata/RHSA-2024:7213
reference_id	RHSA-2024:7213
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7213

reference_url	https://access.redhat.com/errata/RHSA-2024:7374
reference_id	RHSA-2024:7374
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7374

reference_url	https://access.redhat.com/errata/RHSA-2025:1671
reference_id	RHSA-2025:1671
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1671

reference_url	https://access.redhat.com/errata/RHSA-2025:1673
reference_id	RHSA-2025:1673
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1673

reference_url	https://usn.ubuntu.com/6947-1/
reference_id	USN-6947-1
reference_type
scores
url	https://usn.ubuntu.com/6947-1/

fixed_packages

url pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5

purl pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3362-hawt-17ek

vulnerability	VCID-khdw-3p5j-vya6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5

aliases CVE-2024-37371

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-97k8-xbsv-87da

url VCID-985p-gnv3-mfd8

vulnerability_id VCID-985p-gnv3-mfd8

summary krb5: DN container check bypass by supplying special crafted data

references

reference_url

reference_id

reference_type

scores

value	3.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5730.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5730

reference_id

reference_type

scores

value	0.00425
scoring_system	epss
scoring_elements	0.62087
published_at	2026-04-01T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62253
published_at	2026-04-18T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62201
published_at	2026-04-13T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62245
published_at	2026-04-16T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62148
published_at	2026-04-02T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62179
published_at	2026-04-04T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62147
published_at	2026-04-07T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62197
published_at	2026-04-08T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62214
published_at	2026-04-09T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62232
published_at	2026-04-11T12:55:00Z

value	0.00425
scoring_system	epss
scoring_elements	0.62222
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5730

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1551082
reference_id	1551082
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1551082

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869
reference_id	891869
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869

reference_url	https://security.archlinux.org/ASA-201806-3
reference_id	ASA-201806-3
reference_type
scores
url	https://security.archlinux.org/ASA-201806-3

reference_url

reference_id

AVG-586

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11368.json

reference_url	https://access.redhat.com/errata/RHSA-2018:3071
reference_id	RHSA-2018:3071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3071

fixed_packages

url pkg:deb/debian/krb5@1.17-3%2Bdeb10u4

purl pkg:deb/debian/krb5@1.17-3%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3362-hawt-17ek

vulnerability	VCID-3du2-evy8-jfa1

vulnerability	VCID-8yk4-du7p-eue4

vulnerability	VCID-97k8-xbsv-87da

vulnerability	VCID-bwpn-qxzd-43g8

vulnerability	VCID-h9q8-x3n3-6qdn

vulnerability	VCID-khdw-3p5j-vya6

vulnerability	VCID-w6yc-w573-vbhy

vulnerability	VCID-zw66-w86u-cuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4

aliases CVE-2018-5730

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-985p-gnv3-mfd8

url VCID-9hyk-mdvc-1baq

vulnerability_id VCID-9hyk-mdvc-1baq

summary krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11368.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-11368

reference_id

reference_type

scores

value	0.00681
scoring_system	epss
scoring_elements	0.71555
published_at	2026-04-01T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71641
published_at	2026-04-18T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71625
published_at	2026-04-11T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.7161
published_at	2026-04-12T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71591
published_at	2026-04-13T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71636
published_at	2026-04-16T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71561
published_at	2026-04-02T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71578
published_at	2026-04-04T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71551
published_at	2026-04-07T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71592
published_at	2026-04-08T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71602
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-11368

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11368
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11368

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:N/I:N/A:C

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1473560
reference_id	1473560
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1473560

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869260
reference_id	869260
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869260

reference_url	https://security.archlinux.org/ASA-201710-8
reference_id	ASA-201710-8
reference_type
scores
url	https://security.archlinux.org/ASA-201710-8

reference_url

reference_id

AVG-414

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-436

reference_url

reference_id

AVG-436

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-436

reference_url	https://access.redhat.com/errata/RHSA-2018:0666
reference_id	RHSA-2018:0666
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0666

fixed_packages

url pkg:deb/debian/krb5@1.17-3%2Bdeb10u4

purl pkg:deb/debian/krb5@1.17-3%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3362-hawt-17ek

vulnerability	VCID-3du2-evy8-jfa1

vulnerability	VCID-8yk4-du7p-eue4

vulnerability	VCID-97k8-xbsv-87da

vulnerability	VCID-bwpn-qxzd-43g8

vulnerability	VCID-h9q8-x3n3-6qdn

vulnerability	VCID-khdw-3p5j-vya6

vulnerability	VCID-w6yc-w573-vbhy

vulnerability	VCID-zw66-w86u-cuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4

aliases CVE-2017-11368

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9hyk-mdvc-1baq

url VCID-bwpn-qxzd-43g8

vulnerability_id VCID-bwpn-qxzd-43g8

summary Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36054.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36054.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-36054

reference_id

reference_type

scores

value	0.01116
scoring_system	epss
scoring_elements	0.78146
published_at	2026-04-02T12:55:00Z

value	0.01116
scoring_system	epss
scoring_elements	0.78226
published_at	2026-04-18T12:55:00Z

value	0.01116
scoring_system	epss
scoring_elements	0.78158
published_at	2026-04-07T12:55:00Z

value	0.01116
scoring_system	epss
scoring_elements	0.78185
published_at	2026-04-08T12:55:00Z

value	0.01116
scoring_system	epss
scoring_elements	0.78191
published_at	2026-04-09T12:55:00Z

value	0.01116
scoring_system	epss
scoring_elements	0.78217
published_at	2026-04-11T12:55:00Z

value	0.01116
scoring_system	epss
scoring_elements	0.78199
published_at	2026-04-12T12:55:00Z

value	0.01116
scoring_system	epss
scoring_elements	0.78196
published_at	2026-04-13T12:55:00Z

value	0.01116
scoring_system	epss
scoring_elements	0.78227
published_at	2026-04-16T12:55:00Z

value	0.01116
scoring_system	epss
scoring_elements	0.78176
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-36054

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36054
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36054

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043431
reference_id	1043431
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043431

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2230178
reference_id	2230178
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2230178

reference_url

reference_id

advisories

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/

url

https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd

reference_url

reference_id

ef08b09c9459551aabbe7924fb176f1583053cdd

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/

url

https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd

reference_url	https://security.gentoo.org/glsa/202405-11
reference_id	GLSA-202405-11
reference_type
scores
url	https://security.gentoo.org/glsa/202405-11

reference_url

https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final

reference_id

krb5-1.20.1-final...krb5-1.20.2-final

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/

url

https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final

reference_url

https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final

reference_id

krb5-1.21-final...krb5-1.21.1-final

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/

url

https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html

reference_id

msg00031.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html

reference_url

https://security.netapp.com/advisory/ntap-20230908-0004/

reference_id

ntap-20230908-0004

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/

url

https://security.netapp.com/advisory/ntap-20230908-0004/

reference_url	https://access.redhat.com/errata/RHSA-2023:6699
reference_id	RHSA-2023:6699
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6699

reference_url	https://usn.ubuntu.com/6467-1/
reference_id	USN-6467-1
reference_type
scores
url	https://usn.ubuntu.com/6467-1/

reference_url	https://usn.ubuntu.com/6467-2/
reference_id	USN-6467-2
reference_type
scores
url	https://usn.ubuntu.com/6467-2/

fixed_packages

url pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5

purl pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3362-hawt-17ek

vulnerability	VCID-khdw-3p5j-vya6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5

aliases CVE-2023-36054

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bwpn-qxzd-43g8

url VCID-fd9s-vn5s-gud6

vulnerability_id VCID-fd9s-vn5s-gud6

summary krb5: Reachable assertion in the KDC using S4U2Self requests

references

reference_url	http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763
reference_id
reference_type
scores
url	http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20217.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20217.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20217

reference_id

reference_type

scores

value	0.02377
scoring_system	epss
scoring_elements	0.85007
published_at	2026-04-18T12:55:00Z

value	0.02377
scoring_system	epss
scoring_elements	0.84984
published_at	2026-04-13T12:55:00Z

value	0.02377
scoring_system	epss
scoring_elements	0.85005
published_at	2026-04-16T12:55:00Z

value	0.02665
scoring_system	epss
scoring_elements	0.85723
published_at	2026-04-01T12:55:00Z

value	0.02665
scoring_system	epss
scoring_elements	0.85735
published_at	2026-04-02T12:55:00Z

value	0.02665
scoring_system	epss
scoring_elements	0.85754
published_at	2026-04-04T12:55:00Z

value	0.02665
scoring_system	epss
scoring_elements	0.8576
published_at	2026-04-07T12:55:00Z

value	0.02665
scoring_system	epss
scoring_elements	0.85779
published_at	2026-04-08T12:55:00Z

value	0.02665
scoring_system	epss
scoring_elements	0.8579
published_at	2026-04-09T12:55:00Z

value	0.02665
scoring_system	epss
scoring_elements	0.85805
published_at	2026-04-11T12:55:00Z

value	0.02665
scoring_system	epss
scoring_elements	0.85801
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20217

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086
reference_id
reference_type
scores
url	https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086

reference_url	https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html

reference_url	https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/

reference_url	https://security.netapp.com/advisory/ntap-20190416-0006/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190416-0006/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1665296
reference_id	1665296
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1665296

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917387
reference_id	917387
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917387

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos::::::::
reference_id	cpe:2.3:a:mit:kerberos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-20217

reference_id

CVE-2018-20217

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-20217

reference_url	https://usn.ubuntu.com/5828-1/
reference_id	USN-5828-1
reference_type
scores
url	https://usn.ubuntu.com/5828-1/

fixed_packages

url pkg:deb/debian/krb5@1.17-3%2Bdeb10u4

purl pkg:deb/debian/krb5@1.17-3%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3362-hawt-17ek

vulnerability	VCID-3du2-evy8-jfa1

vulnerability	VCID-8yk4-du7p-eue4

vulnerability	VCID-97k8-xbsv-87da

vulnerability	VCID-bwpn-qxzd-43g8

vulnerability	VCID-h9q8-x3n3-6qdn

vulnerability	VCID-khdw-3p5j-vya6

vulnerability	VCID-w6yc-w573-vbhy

vulnerability	VCID-zw66-w86u-cuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4

aliases CVE-2018-20217

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fd9s-vn5s-gud6

url VCID-h9q8-x3n3-6qdn

vulnerability_id VCID-h9q8-x3n3-6qdn

summary

A vulnerability in MIT Kerberos 5 could lead to a Denial of Service
    condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28196.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28196.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-28196

reference_id

reference_type

scores

value	0.01293
scoring_system	epss
scoring_elements	0.79702
published_at	2026-04-18T12:55:00Z

value	0.01293
scoring_system	epss
scoring_elements	0.79701
published_at	2026-04-16T12:55:00Z

value	0.01293
scoring_system	epss
scoring_elements	0.79624
published_at	2026-04-01T12:55:00Z

value	0.01293
scoring_system	epss
scoring_elements	0.79696
published_at	2026-04-11T12:55:00Z

value	0.01293
scoring_system	epss
scoring_elements	0.79675
published_at	2026-04-09T12:55:00Z

value	0.01293
scoring_system	epss
scoring_elements	0.79631
published_at	2026-04-02T12:55:00Z

value	0.01293
scoring_system	epss
scoring_elements	0.79653
published_at	2026-04-04T12:55:00Z

value	0.01293
scoring_system	epss
scoring_elements	0.79639
published_at	2026-04-07T12:55:00Z

value	0.01293
scoring_system	epss
scoring_elements	0.79668
published_at	2026-04-08T12:55:00Z

value	0.01293
scoring_system	epss
scoring_elements	0.79673
published_at	2026-04-13T12:55:00Z

value	0.01293
scoring_system	epss
scoring_elements	0.7968
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-28196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28196
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28196

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1901041
reference_id	1901041
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1901041

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45KKOZQWIIIW5C45PJVGQ32AXBSYNBE7/

reference_id

45KKOZQWIIIW5C45PJVGQ32AXBSYNBE7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45KKOZQWIIIW5C45PJVGQ32AXBSYNBE7/

reference_url

https://github.com/krb5/krb5/commit/57415dda6cf04e73ffc3723be518eddfae599bfd

reference_id

57415dda6cf04e73ffc3723be518eddfae599bfd

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/

url

https://github.com/krb5/krb5/commit/57415dda6cf04e73ffc3723be518eddfae599bfd

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/73IGOG6CZAVMVNS4GGRMOLOZ7B6QVA7F/

reference_id

73IGOG6CZAVMVNS4GGRMOLOZ7B6QVA7F

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/73IGOG6CZAVMVNS4GGRMOLOZ7B6QVA7F/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973880
reference_id	973880
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973880

reference_url

https://www.debian.org/security/2020/dsa-4795

reference_id

dsa-4795

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/

url

https://www.debian.org/security/2020/dsa-4795

reference_url

https://security.gentoo.org/glsa/202011-17

reference_id

GLSA-202011-17

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/

url

https://security.gentoo.org/glsa/202011-17

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPH2V3WSQTELROZK3GFCPQDOFLKIZ6H5/

reference_id

KPH2V3WSQTELROZK3GFCPQDOFLKIZ6H5

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPH2V3WSQTELROZK3GFCPQDOFLKIZ6H5/

reference_url

https://lists.debian.org/debian-lts-announce/2020/11/msg00011.html

reference_id

msg00011.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/

url

https://lists.debian.org/debian-lts-announce/2020/11/msg00011.html

reference_url

https://security.netapp.com/advisory/ntap-20201202-0001/

reference_id

ntap-20201202-0001

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/

url

https://security.netapp.com/advisory/ntap-20201202-0001/

reference_url	https://access.redhat.com/errata/RHSA-2021:1593
reference_id	RHSA-2021:1593
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1593

reference_url	https://access.redhat.com/errata/RHSA-2021:2239
reference_id	RHSA-2021:2239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2239

reference_url	https://usn.ubuntu.com/4635-1/
reference_id	USN-4635-1
reference_type
scores
url	https://usn.ubuntu.com/4635-1/

fixed_packages

url pkg:deb/debian/krb5@1.17-3%2Bdeb10u4

purl pkg:deb/debian/krb5@1.17-3%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3362-hawt-17ek

vulnerability	VCID-3du2-evy8-jfa1

vulnerability	VCID-8yk4-du7p-eue4

vulnerability	VCID-97k8-xbsv-87da

vulnerability	VCID-bwpn-qxzd-43g8

vulnerability	VCID-h9q8-x3n3-6qdn

vulnerability	VCID-khdw-3p5j-vya6

vulnerability	VCID-w6yc-w573-vbhy

vulnerability	VCID-zw66-w86u-cuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4

url pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5

purl pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3362-hawt-17ek

vulnerability	VCID-khdw-3p5j-vya6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5

aliases CVE-2020-28196

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h9q8-x3n3-6qdn

url VCID-khdw-3p5j-vya6

vulnerability_id VCID-khdw-3p5j-vya6

summary krb5: overflow when calculating ulog block size

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24528.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24528.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-24528

reference_id

reference_type

scores

value	0.00206
scoring_system	epss
scoring_elements	0.42933
published_at	2026-04-02T12:55:00Z

value	0.00206
scoring_system	epss
scoring_elements	0.42978
published_at	2026-04-18T12:55:00Z

value	0.00206
scoring_system	epss
scoring_elements	0.42898
published_at	2026-04-07T12:55:00Z

value	0.00206
scoring_system	epss
scoring_elements	0.42948
published_at	2026-04-12T12:55:00Z

value	0.00206
scoring_system	epss
scoring_elements	0.42983
published_at	2026-04-11T12:55:00Z

value	0.00206
scoring_system	epss
scoring_elements	0.42931
published_at	2026-04-13T12:55:00Z

value	0.00206
scoring_system	epss
scoring_elements	0.42991
published_at	2026-04-16T12:55:00Z

value	0.00206
scoring_system	epss
scoring_elements	0.4296
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-24528

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24528
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24528

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094730
reference_id	1094730
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094730

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2342796
reference_id	2342796
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2342796

reference_url

https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0

reference_id

78ceba024b64d49612375be4a12d1c066b0bfbd0

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-16T17:39:31Z/

url

https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0

reference_url

https://github.com/krb5/krb5/compare/krb5-1.21.3-final...krb5-1.22-final

reference_id

krb5-1.21.3-final...krb5-1.22-final

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-16T17:39:31Z/

url

https://github.com/krb5/krb5/compare/krb5-1.21.3-final...krb5-1.22-final

reference_url	https://access.redhat.com/errata/RHSA-2025:1352
reference_id	RHSA-2025:1352
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1352

reference_url	https://access.redhat.com/errata/RHSA-2025:2722
reference_id	RHSA-2025:2722
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2722

reference_url	https://access.redhat.com/errata/RHSA-2025:2789
reference_id	RHSA-2025:2789
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2789

reference_url	https://access.redhat.com/errata/RHSA-2025:7067
reference_id	RHSA-2025:7067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7067

reference_url	https://access.redhat.com/errata/RHSA-2025:8385
reference_id	RHSA-2025:8385
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8385

reference_url	https://usn.ubuntu.com/7314-1/
reference_id	USN-7314-1
reference_type
scores
url	https://usn.ubuntu.com/7314-1/

fixed_packages

url	pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4
purl	pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.20.1-2%252Bdeb12u4

aliases CVE-2025-24528

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-khdw-3p5j-vya6

url VCID-qcva-cb6c-wyds

vulnerability_id VCID-qcva-cb6c-wyds

summary krb5: Automatic sec context deletion could lead to double-free

references

reference_url	http://krbdev.mit.edu/rt/Ticket/Display.html?id=8598
reference_id
reference_type
scores
url	http://krbdev.mit.edu/rt/Ticket/Display.html?id=8598

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11462.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11462.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-11462

reference_id

reference_type

scores

value	0.01055
scoring_system	epss
scoring_elements	0.77528
published_at	2026-04-01T12:55:00Z

value	0.01055
scoring_system	epss
scoring_elements	0.77626
published_at	2026-04-18T12:55:00Z

value	0.01055
scoring_system	epss
scoring_elements	0.77571
published_at	2026-04-08T12:55:00Z

value	0.01055
scoring_system	epss
scoring_elements	0.7758
published_at	2026-04-09T12:55:00Z

value	0.01055
scoring_system	epss
scoring_elements	0.77607
published_at	2026-04-11T12:55:00Z

value	0.01055
scoring_system	epss
scoring_elements	0.77591
published_at	2026-04-12T12:55:00Z

value	0.01055
scoring_system	epss
scoring_elements	0.7759
published_at	2026-04-13T12:55:00Z

value	0.01055
scoring_system	epss
scoring_elements	0.77628
published_at	2026-04-16T12:55:00Z

value	0.01055
scoring_system	epss
scoring_elements	0.77533
published_at	2026-04-02T12:55:00Z

value	0.01055
scoring_system	epss
scoring_elements	0.77559
published_at	2026-04-04T12:55:00Z

value	0.01055
scoring_system	epss
scoring_elements	0.77541
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-11462

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11462
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11462

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:P/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/krb5/krb5/commit/56f7b1bc95a2a3eeb420e069e7655fb181ade5cf
reference_id
reference_type
scores
url	https://github.com/krb5/krb5/commit/56f7b1bc95a2a3eeb420e069e7655fb181ade5cf

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2FPRUP4YVOEBGEROUYWZFEQ64HTMGNED/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2FPRUP4YVOEBGEROUYWZFEQ64HTMGNED/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1488873
reference_id	1488873
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1488873

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873563
reference_id	873563
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873563

reference_url	https://security.archlinux.org/ASA-201710-8
reference_id	ASA-201710-8
reference_type
scores
url	https://security.archlinux.org/ASA-201710-8

reference_url	https://security.archlinux.org/ASA-201710-9
reference_id	ASA-201710-9
reference_type
scores
url	https://security.archlinux.org/ASA-201710-9

reference_url

reference_id

AVG-414

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-415

reference_url

reference_id

AVG-415

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-415

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:::::::*
reference_id	cpe:2.3:a:mit:kerberos_5:1.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.1:::::::*
reference_id	cpe:2.3:a:mit:kerberos_5:1.14.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.2:::::::*
reference_id	cpe:2.3:a:mit:kerberos_5:1.14.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.3:::::::*
reference_id	cpe:2.3:a:mit:kerberos_5:1.14.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.4:::::::*
reference_id	cpe:2.3:a:mit:kerberos_5:1.14.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.5:::::::*
reference_id	cpe:2.3:a:mit:kerberos_5:1.14.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:alpha1::::::
reference_id	cpe:2.3:a:mit:kerberos_5:1.14:alpha1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:alpha1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta1::::::
reference_id	cpe:2.3:a:mit:kerberos_5:1.14:beta1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2::::::
reference_id	cpe:2.3:a:mit:kerberos_5:1.14:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15:::::::*
reference_id	cpe:2.3:a:mit:kerberos_5:1.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:::::::*
reference_id	cpe:2.3:a:mit:kerberos_5:1.15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:beta1::::::
reference_id	cpe:2.3:a:mit:kerberos_5:1.15.1:beta1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:beta1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:beta2::::::
reference_id	cpe:2.3:a:mit:kerberos_5:1.15.1:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:beta2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:25:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:25:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:25:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:26:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:26:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:26:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-11462

reference_id

CVE-2017-11462

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-11462

fixed_packages

url pkg:deb/debian/krb5@1.17-3%2Bdeb10u4

purl pkg:deb/debian/krb5@1.17-3%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3362-hawt-17ek

vulnerability	VCID-3du2-evy8-jfa1

vulnerability	VCID-8yk4-du7p-eue4

vulnerability	VCID-97k8-xbsv-87da

vulnerability	VCID-bwpn-qxzd-43g8

vulnerability	VCID-h9q8-x3n3-6qdn

vulnerability	VCID-khdw-3p5j-vya6

vulnerability	VCID-w6yc-w573-vbhy

vulnerability	VCID-zw66-w86u-cuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4

aliases CVE-2017-11462

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qcva-cb6c-wyds

url VCID-r1wa-3gtw-1qey

vulnerability_id VCID-r1wa-3gtw-1qey

summary krb5: Buffer overflow in get_matching_data()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15088.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15088.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15088

reference_id

reference_type

scores

value	0.03704
scoring_system	epss
scoring_elements	0.87973
published_at	2026-04-18T12:55:00Z

value	0.03704
scoring_system	epss
scoring_elements	0.8793
published_at	2026-04-07T12:55:00Z

value	0.03704
scoring_system	epss
scoring_elements	0.8795
published_at	2026-04-08T12:55:00Z

value	0.03704
scoring_system	epss
scoring_elements	0.87957
published_at	2026-04-09T12:55:00Z

value	0.03704
scoring_system	epss
scoring_elements	0.87968
published_at	2026-04-11T12:55:00Z

value	0.03704
scoring_system	epss
scoring_elements	0.8796
published_at	2026-04-12T12:55:00Z

value	0.03704
scoring_system	epss
scoring_elements	0.87959
published_at	2026-04-13T12:55:00Z

value	0.0399
scoring_system	epss
scoring_elements	0.88379
published_at	2026-04-04T12:55:00Z

value	0.0399
scoring_system	epss
scoring_elements	0.88356
published_at	2026-04-01T12:55:00Z

value	0.0399
scoring_system	epss
scoring_elements	0.88364
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15088

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698
reference_id
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15088
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15088

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:S/C:C/I:C/A:C

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4
reference_id
reference_type
scores
url	https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4

reference_url	https://github.com/krb5/krb5/pull/707
reference_id
reference_type
scores
url	https://github.com/krb5/krb5/pull/707

reference_url	http://www.securityfocus.com/bid/101594
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101594

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1504045
reference_id	1504045
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1504045

reference_url

https://security.archlinux.org/AVG-505

reference_id

AVG-505

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-505

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5::::::::
reference_id	cpe:2.3:a:mit:kerberos_5::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-15088

reference_id

CVE-2017-15088

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-15088

fixed_packages

url pkg:deb/debian/krb5@1.17-3%2Bdeb10u4

purl pkg:deb/debian/krb5@1.17-3%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3362-hawt-17ek

vulnerability	VCID-3du2-evy8-jfa1

vulnerability	VCID-8yk4-du7p-eue4

vulnerability	VCID-97k8-xbsv-87da

vulnerability	VCID-bwpn-qxzd-43g8

vulnerability	VCID-h9q8-x3n3-6qdn

vulnerability	VCID-khdw-3p5j-vya6

vulnerability	VCID-w6yc-w573-vbhy

vulnerability	VCID-zw66-w86u-cuge

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4

aliases CVE-2017-15088

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r1wa-3gtw-1qey

url VCID-w6yc-w573-vbhy

vulnerability_id VCID-w6yc-w573-vbhy

summary krb5: GSS message token handling

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37370.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37370.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-37370

reference_id

reference_type

scores

value	0.00545
scoring_system	epss
scoring_elements	0.67809
published_at	2026-04-16T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.67732
published_at	2026-04-07T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.67783
published_at	2026-04-08T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.67797
published_at	2026-04-09T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.67821
published_at	2026-04-18T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.67807
published_at	2026-04-12T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.67773
published_at	2026-04-13T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.67731
published_at	2026-04-02T12:55:00Z

value	0.00545
scoring_system	epss
scoring_elements	0.67751
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-37370

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2294677
reference_id	2294677
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2294677

reference_url

https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef

reference_id

55fbf435edbe2e92dd8101669b1ce7144bc96fef

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-01T15:25:49Z/

url

https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef

reference_url

reference_id

advisories

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-01T15:25:49Z/

url

reference_url

reference_id

AVG-2856

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url