Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1038269?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "type": "deb", "namespace": "debian", "name": "krb5", "version": "1.15-1+deb9u1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.20.1-2+deb12u4", "latest_non_vulnerable_version": "1.20.1-2+deb12u4", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83637?format=api", "vulnerability_id": "VCID-2r88-c5e9-vffv", "summary": "krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5729.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5729.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5729", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22798", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.2266", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22862", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22823", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22967", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.23011", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22803", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22877", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22929", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22948", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22911", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22854", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22869", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5729" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551083", "reference_id": "1551083", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551083" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869", "reference_id": "891869", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869" }, { "reference_url": "https://security.archlinux.org/ASA-201806-3", "reference_id": "ASA-201806-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-3" }, { "reference_url": "https://security.archlinux.org/AVG-586", "reference_id": "AVG-586", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3071", "reference_id": "RHSA-2018:3071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3071" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" } ], "aliases": [ "CVE-2018-5729" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2r88-c5e9-vffv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70395?format=api", "vulnerability_id": "VCID-3362-hawt-17ek", "summary": "krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3576.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3576.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3576", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46024", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46049", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46104", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.461", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46045", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46011", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46044", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.45992", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46048", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46046", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46069", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46041", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3576" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103525", "reference_id": "1103525", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103525" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359465", "reference_id": "2359465", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359465" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9", "reference_id": "cpe:/a:redhat:discovery:2::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-3576", "reference_id": "CVE-2025-3576", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-3576" }, { "reference_url": "https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html", "reference_id": "krb5-1.22.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11487", "reference_id": "RHSA-2025:11487", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:11487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13664", "reference_id": "RHSA-2025:13664", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13664" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13777", "reference_id": "RHSA-2025:13777", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13777" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15000", "reference_id": "RHSA-2025:15000", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15001", "reference_id": "RHSA-2025:15001", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15002", "reference_id": "RHSA-2025:15002", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15003", "reference_id": "RHSA-2025:15003", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15004", "reference_id": "RHSA-2025:15004", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8411", "reference_id": "RHSA-2025:8411", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8411" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9418", "reference_id": "RHSA-2025:9418", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9430", "reference_id": "RHSA-2025:9430", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9430" }, { "reference_url": "https://usn.ubuntu.com/7542-1/", "reference_id": "USN-7542-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7542-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1053265?format=api", "purl": "pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.20.1-2%252Bdeb12u4" } ], "aliases": [ "CVE-2025-3576" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3362-hawt-17ek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47300?format=api", "vulnerability_id": "VCID-3du2-evy8-jfa1", "summary": "Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42898.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42898.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42898", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08257", "scoring_system": "epss", "scoring_elements": "0.92249", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.08257", "scoring_system": "epss", "scoring_elements": "0.92245", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.9254", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92532", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92575", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92565", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92564", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92558", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92553", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92542", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187", "reference_id": "1024187", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024267", "reference_id": "1024267", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024267" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", "reference_id": "2140960", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960" }, { "reference_url": "https://web.mit.edu/kerberos/advisories/", "reference_id": "advisories", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://web.mit.edu/kerberos/advisories/" }, { "reference_url": "https://security.archlinux.org/AVG-2828", "reference_id": "AVG-2828", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2828" }, { "reference_url": "https://www.samba.org/samba/security/CVE-2022-42898.html", "reference_id": "CVE-2022-42898.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://www.samba.org/samba/security/CVE-2022-42898.html" }, { "reference_url": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", "reference_id": "ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583" }, { "reference_url": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", "reference_id": "GHSA-64mq-fvfj-5x3c", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://security.gentoo.org/glsa/202310-06", "reference_id": "GLSA-202310-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://security.gentoo.org/glsa/202310-06" }, { "reference_url": "https://security.gentoo.org/glsa/202405-11", "reference_id": "GLSA-202405-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-11" }, { "reference_url": "https://web.mit.edu/kerberos/krb5-1.19/", "reference_id": "krb5-1.19", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://web.mit.edu/kerberos/krb5-1.19/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230216-0008/", "reference_id": "ntap-20230216-0008", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230216-0008/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230223-0001/", "reference_id": "ntap-20230223-0001", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230223-0001/" }, { "reference_url": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", "reference_id": "README-1.20.1.txt", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8637", "reference_id": "RHSA-2022:8637", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8637" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8638", "reference_id": "RHSA-2022:8638", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8638" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8639", "reference_id": "RHSA-2022:8639", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8639" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8640", "reference_id": "RHSA-2022:8640", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8640" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8641", "reference_id": "RHSA-2022:8641", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8641" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8648", "reference_id": "RHSA-2022:8648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8662", "reference_id": "RHSA-2022:8662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8663", "reference_id": "RHSA-2022:8663", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8663" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8669", "reference_id": "RHSA-2022:8669", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9029", "reference_id": "RHSA-2022:9029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9029" }, { "reference_url": "https://bugzilla.samba.org/show_bug.cgi?id=15203", "reference_id": "show_bug.cgi?id=15203", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://bugzilla.samba.org/show_bug.cgi?id=15203" }, { "reference_url": "https://usn.ubuntu.com/5800-1/", "reference_id": "USN-5800-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5800-1/" }, { "reference_url": "https://usn.ubuntu.com/5822-1/", "reference_id": "USN-5822-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5822-1/" }, { "reference_url": "https://usn.ubuntu.com/5828-1/", "reference_id": "USN-5828-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5828-1/" }, { "reference_url": "https://usn.ubuntu.com/5936-1/", "reference_id": "USN-5936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5936-1/" }, { "reference_url": "https://usn.ubuntu.com/7582-1/", "reference_id": "USN-7582-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7582-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052296?format=api", "purl": "pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-khdw-3p5j-vya6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5" } ], "aliases": [ "CVE-2022-42898" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3du2-evy8-jfa1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47298?format=api", "vulnerability_id": "VCID-8yk4-du7p-eue4", "summary": "Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36222.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36222.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36222", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06615", "scoring_system": "epss", "scoring_elements": "0.91222", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06615", "scoring_system": "epss", "scoring_elements": "0.91183", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06615", "scoring_system": "epss", "scoring_elements": "0.91182", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06615", "scoring_system": "epss", "scoring_elements": "0.91206", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06615", "scoring_system": "epss", "scoring_elements": "0.91209", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.09227", "scoring_system": "epss", "scoring_elements": "0.92698", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.09227", "scoring_system": "epss", "scoring_elements": "0.92706", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09227", "scoring_system": "epss", "scoring_elements": "0.92711", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09227", "scoring_system": "epss", "scoring_elements": "0.92716", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.09227", "scoring_system": "epss", "scoring_elements": "0.92684", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09227", "scoring_system": "epss", "scoring_elements": "0.92692", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09227", "scoring_system": "epss", "scoring_elements": "0.92696", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983720", "reference_id": "1983720", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983720" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991365", "reference_id": "991365", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991365" }, { "reference_url": "https://security.archlinux.org/AVG-2173", "reference_id": "AVG-2173", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2173" }, { "reference_url": "https://security.gentoo.org/glsa/202405-11", "reference_id": "GLSA-202405-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3576", "reference_id": "RHSA-2021:3576", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3576" }, { "reference_url": "https://usn.ubuntu.com/5959-1/", "reference_id": "USN-5959-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5959-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1052296?format=api", "purl": "pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-khdw-3p5j-vya6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5" } ], "aliases": [ "CVE-2021-36222" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8yk4-du7p-eue4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75052?format=api", "vulnerability_id": "VCID-97k8-xbsv-87da", "summary": "krb5: GSS message token handling", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37371.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37371.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-37371", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85673", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85635", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85632", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85628", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85651", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85656", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85652", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85568", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85586", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.8559", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.8561", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85621", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-37371" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "reference_id": "2294676", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294676" }, { "reference_url": "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "reference_id": "55fbf435edbe2e92dd8101669b1ce7144bc96fef", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:31:33Z/" } ], "url": "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef" }, { "reference_url": "https://web.mit.edu/kerberos/www/advisories/", "reference_id": "advisories", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:31:33Z/" } ], "url": "https://web.mit.edu/kerberos/www/advisories/" }, { "reference_url": "https://security.archlinux.org/AVG-2856", "reference_id": "AVG-2856", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10135", "reference_id": "RHSA-2024:10135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11109", "reference_id": "RHSA-2024:11109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4734", "reference_id": "RHSA-2024:4734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4743", "reference_id": "RHSA-2024:4743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5076", "reference_id": "RHSA-2024:5076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5312", "reference_id": "RHSA-2024:5312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5316", "reference_id": "RHSA-2024:5316", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5316" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5625", "reference_id": "RHSA-2024:5625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5630", "reference_id": "RHSA-2024:5630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5643", "reference_id": "RHSA-2024:5643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5643" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5884", "reference_id": "RHSA-2024:5884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6166", "reference_id": "RHSA-2024:6166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7213", "reference_id": "RHSA-2024:7213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7374", "reference_id": "RHSA-2024:7374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1671", "reference_id": "RHSA-2025:1671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1673", "reference_id": "RHSA-2025:1673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1673" }, { "reference_url": "https://usn.ubuntu.com/6947-1/", "reference_id": "USN-6947-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6947-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052296?format=api", "purl": "pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-khdw-3p5j-vya6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5" } ], "aliases": [ "CVE-2024-37371" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-97k8-xbsv-87da" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83636?format=api", "vulnerability_id": "VCID-985p-gnv3-mfd8", "summary": "krb5: DN container check bypass by supplying special crafted data", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5730.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5730.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5730", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62087", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62247", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62253", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62236", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62148", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62179", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62147", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62197", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62214", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62232", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62222", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62201", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62245", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5730" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551082", "reference_id": "1551082", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551082" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869", "reference_id": "891869", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869" }, { "reference_url": "https://security.archlinux.org/ASA-201806-3", "reference_id": "ASA-201806-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-3" }, { "reference_url": "https://security.archlinux.org/AVG-586", "reference_id": "AVG-586", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3071", "reference_id": "RHSA-2018:3071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3071" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" } ], "aliases": [ "CVE-2018-5730" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-985p-gnv3-mfd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84179?format=api", "vulnerability_id": "VCID-9hyk-mdvc-1baq", "summary": "krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11368.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11368.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11368", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71555", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71672", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71591", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71636", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71641", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71622", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71561", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71578", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71551", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71592", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71602", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71625", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.7161", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11368" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11368", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11368" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:C" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473560", "reference_id": "1473560", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473560" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869260", "reference_id": "869260", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869260" }, { "reference_url": "https://security.archlinux.org/ASA-201710-8", "reference_id": "ASA-201710-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-8" }, { "reference_url": "https://security.archlinux.org/AVG-414", "reference_id": "AVG-414", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-414" }, { "reference_url": "https://security.archlinux.org/AVG-436", "reference_id": "AVG-436", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0666", "reference_id": "RHSA-2018:0666", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0666" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" } ], "aliases": [ "CVE-2017-11368" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9hyk-mdvc-1baq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47301?format=api", "vulnerability_id": "VCID-bwpn-qxzd-43g8", "summary": "Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36054.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36054.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-36054", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00648", "scoring_system": "epss", "scoring_elements": "0.70859", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00648", "scoring_system": "epss", "scoring_elements": "0.70806", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78146", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78185", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78191", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78217", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78199", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78196", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78227", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78226", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78176", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78158", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-36054" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36054", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36054" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043431", "reference_id": "1043431", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043431" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230178", "reference_id": "2230178", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230178" }, { "reference_url": "https://web.mit.edu/kerberos/www/advisories/", "reference_id": "advisories", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/" } ], "url": "https://web.mit.edu/kerberos/www/advisories/" }, { "reference_url": "https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd", "reference_id": "ef08b09c9459551aabbe7924fb176f1583053cdd", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/" } ], "url": "https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd" }, { "reference_url": "https://security.gentoo.org/glsa/202405-11", "reference_id": "GLSA-202405-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-11" }, { "reference_url": "https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final", "reference_id": "krb5-1.20.1-final...krb5-1.20.2-final", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/" } ], "url": "https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final" }, { "reference_url": "https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final", "reference_id": "krb5-1.21-final...krb5-1.21.1-final", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/" } ], "url": "https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html", "reference_id": "msg00031.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230908-0004/", "reference_id": "ntap-20230908-0004", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230908-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6699", "reference_id": "RHSA-2023:6699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6699" }, { "reference_url": "https://usn.ubuntu.com/6467-1/", "reference_id": "USN-6467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6467-1/" }, { "reference_url": "https://usn.ubuntu.com/6467-2/", "reference_id": "USN-6467-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6467-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052296?format=api", "purl": "pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-khdw-3p5j-vya6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5" } ], "aliases": [ "CVE-2023-36054" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bwpn-qxzd-43g8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82970?format=api", "vulnerability_id": "VCID-fd9s-vn5s-gud6", "summary": "krb5: Reachable assertion in the KDC using S4U2Self requests", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20217.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.85029", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.84984", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.85005", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.85007", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.85004", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02665", "scoring_system": "epss", "scoring_elements": "0.85735", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02665", "scoring_system": "epss", "scoring_elements": "0.8576", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02665", "scoring_system": "epss", "scoring_elements": "0.85779", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02665", "scoring_system": "epss", "scoring_elements": "0.8579", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02665", "scoring_system": "epss", "scoring_elements": "0.85805", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02665", "scoring_system": "epss", "scoring_elements": "0.85801", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02665", "scoring_system": "epss", "scoring_elements": "0.85723", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02665", "scoring_system": "epss", "scoring_elements": "0.85754", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190416-0006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190416-0006/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665296", "reference_id": "1665296", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665296" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917387", "reference_id": "917387", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917387" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20217", "reference_id": "CVE-2018-20217", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20217" }, { "reference_url": "https://usn.ubuntu.com/5828-1/", "reference_id": "USN-5828-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5828-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" } ], "aliases": [ "CVE-2018-20217" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fd9s-vn5s-gud6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49487?format=api", "vulnerability_id": "VCID-h9q8-x3n3-6qdn", "summary": "A vulnerability in MIT Kerberos 5 could lead to a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28196.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28196.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28196", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79735", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79705", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79624", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79696", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79675", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79631", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79653", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79639", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79668", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79702", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79701", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79673", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.7968", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28196" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901041", "reference_id": "1901041", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901041" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45KKOZQWIIIW5C45PJVGQ32AXBSYNBE7/", "reference_id": "45KKOZQWIIIW5C45PJVGQ32AXBSYNBE7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45KKOZQWIIIW5C45PJVGQ32AXBSYNBE7/" }, { "reference_url": "https://github.com/krb5/krb5/commit/57415dda6cf04e73ffc3723be518eddfae599bfd", "reference_id": "57415dda6cf04e73ffc3723be518eddfae599bfd", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/" } ], "url": "https://github.com/krb5/krb5/commit/57415dda6cf04e73ffc3723be518eddfae599bfd" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/73IGOG6CZAVMVNS4GGRMOLOZ7B6QVA7F/", "reference_id": "73IGOG6CZAVMVNS4GGRMOLOZ7B6QVA7F", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/73IGOG6CZAVMVNS4GGRMOLOZ7B6QVA7F/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973880", "reference_id": "973880", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973880" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4795", "reference_id": "dsa-4795", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/" } ], "url": "https://www.debian.org/security/2020/dsa-4795" }, { "reference_url": "https://security.gentoo.org/glsa/202011-17", "reference_id": "GLSA-202011-17", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/" } ], "url": "https://security.gentoo.org/glsa/202011-17" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPH2V3WSQTELROZK3GFCPQDOFLKIZ6H5/", "reference_id": "KPH2V3WSQTELROZK3GFCPQDOFLKIZ6H5", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPH2V3WSQTELROZK3GFCPQDOFLKIZ6H5/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20201202-0001/", "reference_id": "ntap-20201202-0001", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20201202-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1593", "reference_id": "RHSA-2021:1593", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1593" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2239", "reference_id": "RHSA-2021:2239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2239" }, { "reference_url": "https://usn.ubuntu.com/4635-1/", "reference_id": "USN-4635-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4635-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1052296?format=api", "purl": "pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-khdw-3p5j-vya6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5" } ], "aliases": [ "CVE-2020-28196" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h9q8-x3n3-6qdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77777?format=api", "vulnerability_id": "VCID-khdw-3p5j-vya6", "summary": "krb5: overflow when calculating ulog block size", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24528.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24528.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24528", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42933", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42839", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42983", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42931", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42991", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42978", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42916", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.4296", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42898", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42948", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24528" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094730", "reference_id": "1094730", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094730" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342796", "reference_id": "2342796", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342796" }, { "reference_url": "https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0", "reference_id": "78ceba024b64d49612375be4a12d1c066b0bfbd0", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-16T17:39:31Z/" } ], "url": "https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0" }, { "reference_url": "https://github.com/krb5/krb5/compare/krb5-1.21.3-final...krb5-1.22-final", "reference_id": "krb5-1.21.3-final...krb5-1.22-final", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-16T17:39:31Z/" } ], "url": "https://github.com/krb5/krb5/compare/krb5-1.21.3-final...krb5-1.22-final" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1352", "reference_id": "RHSA-2025:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2722", "reference_id": "RHSA-2025:2722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2789", "reference_id": "RHSA-2025:2789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7067", "reference_id": "RHSA-2025:7067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8385", "reference_id": "RHSA-2025:8385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8385" }, { "reference_url": "https://usn.ubuntu.com/7314-1/", "reference_id": "USN-7314-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7314-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1053265?format=api", "purl": "pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.20.1-2%252Bdeb12u4" } ], "aliases": [ "CVE-2025-24528" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-khdw-3p5j-vya6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84016?format=api", "vulnerability_id": "VCID-qcva-cb6c-wyds", "summary": "krb5: Automatic sec context deletion could lead to double-free", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8598", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8598" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11462.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11462.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11462", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77528", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77652", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77607", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77591", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.7759", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77628", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77626", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77621", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77533", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77559", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77541", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77571", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.7758", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11462" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11462", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11462" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/56f7b1bc95a2a3eeb420e069e7655fb181ade5cf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/56f7b1bc95a2a3eeb420e069e7655fb181ade5cf" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2FPRUP4YVOEBGEROUYWZFEQ64HTMGNED/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2FPRUP4YVOEBGEROUYWZFEQ64HTMGNED/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488873", "reference_id": "1488873", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488873" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873563", "reference_id": "873563", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873563" }, { "reference_url": "https://security.archlinux.org/ASA-201710-8", "reference_id": "ASA-201710-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-8" }, { "reference_url": "https://security.archlinux.org/ASA-201710-9", "reference_id": "ASA-201710-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-9" }, { "reference_url": "https://security.archlinux.org/AVG-414", "reference_id": "AVG-414", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-414" }, { "reference_url": "https://security.archlinux.org/AVG-415", "reference_id": "AVG-415", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-415" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.15.1:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.15.1:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11462", "reference_id": "CVE-2017-11462", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11462" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" } ], "aliases": [ "CVE-2017-11462" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qcva-cb6c-wyds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83860?format=api", "vulnerability_id": "VCID-r1wa-3gtw-1qey", "summary": "krb5: Buffer overflow in get_matching_data()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15088.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15088.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15088", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03704", "scoring_system": "epss", "scoring_elements": "0.87989", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03704", "scoring_system": "epss", "scoring_elements": "0.8793", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03704", "scoring_system": "epss", "scoring_elements": "0.8795", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03704", "scoring_system": "epss", "scoring_elements": "0.87957", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03704", "scoring_system": "epss", "scoring_elements": "0.87968", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03704", "scoring_system": "epss", "scoring_elements": "0.8796", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03704", "scoring_system": "epss", "scoring_elements": "0.87959", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03704", "scoring_system": "epss", "scoring_elements": "0.87973", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03704", "scoring_system": "epss", "scoring_elements": "0.87972", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0399", "scoring_system": "epss", "scoring_elements": "0.88364", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0399", "scoring_system": "epss", "scoring_elements": "0.88356", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0399", "scoring_system": "epss", "scoring_elements": "0.88379", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15088" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15088", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15088" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:C/I:C/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4" }, { "reference_url": "https://github.com/krb5/krb5/pull/707", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/pull/707" }, { "reference_url": "http://www.securityfocus.com/bid/101594", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101594" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504045", "reference_id": "1504045", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504045" }, { "reference_url": "https://security.archlinux.org/AVG-505", "reference_id": "AVG-505", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-505" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15088", "reference_id": "CVE-2017-15088", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15088" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" } ], "aliases": [ "CVE-2017-15088" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r1wa-3gtw-1qey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75053?format=api", "vulnerability_id": "VCID-w6yc-w573-vbhy", "summary": "krb5: GSS message token handling", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37370.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37370.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-37370", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67822", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67797", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67821", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67807", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67773", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67809", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67803", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67731", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67751", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67732", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67783", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-37370" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294677", "reference_id": "2294677", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294677" }, { "reference_url": "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "reference_id": "55fbf435edbe2e92dd8101669b1ce7144bc96fef", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-01T15:25:49Z/" } ], "url": "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef" }, { "reference_url": "https://web.mit.edu/kerberos/www/advisories/", "reference_id": "advisories", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-01T15:25:49Z/" } ], "url": "https://web.mit.edu/kerberos/www/advisories/" }, { "reference_url": "https://security.archlinux.org/AVG-2856", "reference_id": "AVG-2856", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10135", "reference_id": "RHSA-2024:10135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11109", "reference_id": "RHSA-2024:11109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4734", "reference_id": "RHSA-2024:4734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4743", "reference_id": "RHSA-2024:4743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5076", "reference_id": "RHSA-2024:5076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5312", "reference_id": "RHSA-2024:5312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5316", "reference_id": "RHSA-2024:5316", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5316" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5625", "reference_id": "RHSA-2024:5625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5630", "reference_id": "RHSA-2024:5630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5643", "reference_id": "RHSA-2024:5643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5643" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5884", "reference_id": "RHSA-2024:5884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6166", "reference_id": "RHSA-2024:6166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7213", "reference_id": "RHSA-2024:7213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7374", "reference_id": "RHSA-2024:7374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7374" }, { "reference_url": "https://usn.ubuntu.com/6947-1/", "reference_id": "USN-6947-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6947-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052296?format=api", "purl": "pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-khdw-3p5j-vya6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5" } ], "aliases": [ "CVE-2024-37370" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w6yc-w573-vbhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47299?format=api", "vulnerability_id": "VCID-zw66-w86u-cuge", "summary": "Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37750.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37750.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37750", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72328", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72455", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72425", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72413", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72333", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72351", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72367", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.7238", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72402", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72386", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72374", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72415", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1996834", "reference_id": "1996834", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1996834" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992607", "reference_id": "992607", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992607" }, { "reference_url": "https://security.archlinux.org/AVG-2312", "reference_id": "AVG-2312", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2312" }, { "reference_url": "https://security.gentoo.org/glsa/202405-11", "reference_id": "GLSA-202405-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3576", "reference_id": "RHSA-2021:3576", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3576" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4788", "reference_id": "RHSA-2021:4788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4788" }, { "reference_url": "https://usn.ubuntu.com/5959-1/", "reference_id": "USN-5959-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5959-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052296?format=api", "purl": "pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-khdw-3p5j-vya6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5" } ], "aliases": [ "CVE-2021-37750" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zw66-w86u-cuge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83733?format=api", "vulnerability_id": "VCID-zx87-dep4-8bg2", "summary": "krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5710.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5710.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5710", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68308", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68328", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68347", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68324", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68375", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68392", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68419", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68406", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68373", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68411", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68425", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68403", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68451", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5710" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535575", "reference_id": "1535575", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535575" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889685", "reference_id": "889685", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889685" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" } ], "aliases": [ "CVE-2018-5710" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zx87-dep4-8bg2" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85000?format=api", "vulnerability_id": "VCID-8rxc-tf1r-wqgm", "summary": "krb5: S4U2Self KDC crash when anon is restricted", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8458", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8458" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00035.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00035.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2591.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2591.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3120.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3120.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3120", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.87089", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.87175", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.8714", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.87157", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.87161", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.87099", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.87117", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.8711", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.8713", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.87137", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.87151", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.87145", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3120" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/93b4a6306a0026cf1cc31ac4bd8a49ba5d034ba7", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/93b4a6306a0026cf1cc31ac4bd8a49ba5d034ba7" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00040.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AWL3KYFRJIX37EAM4DKCQQIQP2WBKL35/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AWL3KYFRJIX37EAM4DKCQQIQP2WBKL35/" }, { "reference_url": "http://web.mit.edu/kerberos/krb5-1.13/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://web.mit.edu/kerberos/krb5-1.13/" }, { "reference_url": "http://web.mit.edu/kerberos/krb5-1.14/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://web.mit.edu/kerberos/krb5-1.14/" }, { "reference_url": "http://www.securityfocus.com/bid/92132", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/92132" }, { "reference_url": "http://www.securitytracker.com/id/1036442", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036442" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361050", "reference_id": "1361050", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361050" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832572", "reference_id": "832572", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832572" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3120", "reference_id": "CVE-2016-3120", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2591", "reference_id": "RHSA-2016:2591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2591" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2016-3120" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8rxc-tf1r-wqgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89405?format=api", "vulnerability_id": "VCID-a9bp-26kx-p7cb", "summary": "security flaw", "references": [ { "reference_url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0971.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0971.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0971", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28839", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29049", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29127", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29177", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28987", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29052", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29094", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29099", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29055", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29005", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29029", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29006", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28961", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0971" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0971", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0971" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583" }, { "reference_url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497" }, { "reference_url": "http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2005-012.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2005-012.html" }, { "reference_url": "http://www.securityfocus.com/bid/11289", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/11289" }, { "reference_url": "http://www.trustix.org/errata/2004/0050", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.trustix.org/errata/2004/0050" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617336", "reference_id": "1617336", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617336" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278271", "reference_id": "278271", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278271" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0971", "reference_id": "CVE-2004-0971", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:012", "reference_id": "RHSA-2005:012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:012" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2004-0971" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a9bp-26kx-p7cb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51591?format=api", "vulnerability_id": "VCID-bnpa-8svd-jyct", "summary": "Multiple vulnerabilities have been discovered in MIT Kerberos 5,\n the worst of which may allow remote attackers to cause Denial of Service.", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8252", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8252" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2697.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2697.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2697", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.91063", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.91048", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.90974", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.9098", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.90989", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.90999", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.91011", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.91017", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.91025", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.9105", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2697" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/f0c094a1b745d91ef2f9a4eae2149aac026a5789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/f0c094a1b745d91ef2f9a4eae2149aac026a5789" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3395", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3395" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "reference_url": "http://www.securityfocus.com/bid/77581", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/77581" }, { "reference_url": "http://www.securitytracker.com/id/1034084", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034084" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2810-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2810-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275863", "reference_id": "1275863", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275863" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803088", "reference_id": "803088", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803088" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2697", "reference_id": "CVE-2015-2697", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2697" }, { "reference_url": "https://security.gentoo.org/glsa/201611-14", "reference_id": "GLSA-201611-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-14" }, { "reference_url": "https://usn.ubuntu.com/2810-1/", "reference_id": "USN-2810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035813?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-2697" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bnpa-8svd-jyct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85460?format=api", "vulnerability_id": "VCID-caxe-5ejt-ffgy", "summary": "krb5: IAKERB context export/import", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8273", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8273" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00116.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00116.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00124.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00124.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2698.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2698.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2698", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75213", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75098", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.751", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75129", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75106", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75141", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75153", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75174", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75178", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75185", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2698" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2698", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2698" }, { "reference_url": "https://github.com/krb5/krb5/commit/3db8dfec1ef50ddd78d6ba9503185995876a39fd", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/3db8dfec1ef50ddd78d6ba9503185995876a39fd" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2810-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2810-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1278951", "reference_id": "1278951", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1278951" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2698", "reference_id": "CVE-2015-2698", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2698" }, { "reference_url": "https://usn.ubuntu.com/2810-1/", "reference_id": "USN-2810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-2698" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-caxe-5ejt-ffgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62177?format=api", "vulnerability_id": "VCID-fg2w-sjkb-ebgb", "summary": "security update", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8341", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8341" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00059.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00059.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0493.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0493.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0532.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0532.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8629.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8629.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8629", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81821", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81794", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81797", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81692", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81702", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81725", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81723", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.8175", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81754", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81773", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81761", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81756", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81793", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/df17a1224a3406f57477bcd372c61e04c0e5a5bb", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/df17a1224a3406f57477bcd372c61e04c0e5a5bb" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3466", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3466" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securityfocus.com/bid/82801", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/82801" }, { "reference_url": "http://www.securitytracker.com/id/1034914", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034914" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302617", "reference_id": "1302617", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302617" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813296", "reference_id": "813296", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813296" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8629", "reference_id": "CVE-2015-8629", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0493", "reference_id": "RHSA-2016:0493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0532", "reference_id": "RHSA-2016:0532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0532" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035813?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-8629" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fg2w-sjkb-ebgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85694?format=api", "vulnerability_id": "VCID-j6tv-fz95-3kb8", "summary": "krb5: issues in OTP and PKINIT kdcpreauth modules leading to requires_preauth bypass", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2694.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2694.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2694", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75463", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75465", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75497", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75477", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75519", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75529", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75548", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75527", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75517", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.7556", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75566", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75552", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.7559", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2694" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2694", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2694" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216133", "reference_id": "1216133", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216133" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783557", "reference_id": "783557", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783557" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2154", "reference_id": "RHSA-2015:2154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2154" }, { "reference_url": "https://usn.ubuntu.com/2810-1/", "reference_id": "USN-2810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-2694" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j6tv-fz95-3kb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51590?format=api", "vulnerability_id": "VCID-q2tg-s1kk-4bhc", "summary": "Multiple vulnerabilities have been discovered in MIT Kerberos 5,\n the worst of which may allow remote attackers to cause Denial of Service.", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2696.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2696.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2696", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92264", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92259", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92212", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92219", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92225", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92228", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92239", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92243", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92248", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92246", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92258", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2696" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/e04f0283516e80d2f93366e0d479d13c9b5c8c2a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/e04f0283516e80d2f93366e0d479d13c9b5c8c2a" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3395", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3395" }, { "reference_url": "http://www.securityfocus.com/bid/90675", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90675" }, { "reference_url": "http://www.securitytracker.com/id/1034084", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034084" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2810-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2810-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275869", "reference_id": "1275869", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275869" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803084", "reference_id": "803084", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803084" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2696", "reference_id": "CVE-2015-2696", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2696" }, { "reference_url": "https://security.gentoo.org/glsa/201611-14", "reference_id": "GLSA-201611-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-14" }, { "reference_url": "https://usn.ubuntu.com/2810-1/", "reference_id": "USN-2810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035813?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-2696" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q2tg-s1kk-4bhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51589?format=api", "vulnerability_id": "VCID-rpxk-f19y-87dq", "summary": "Multiple vulnerabilities have been discovered in MIT Kerberos 5,\n the worst of which may allow remote attackers to cause Denial of Service.", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2695.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2695.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2695", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.9015", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90135", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90078", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90081", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90093", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90097", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90113", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90119", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90128", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90126", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90121", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90138", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2695" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/b51b33f2bc5d1497ddf5bd107f791c101695000d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/b51b33f2bc5d1497ddf5bd107f791c101695000d" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3395", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3395" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "reference_url": "http://www.securityfocus.com/bid/90687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90687" }, { "reference_url": "http://www.securitytracker.com/id/1034084", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034084" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2810-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2810-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275871", "reference_id": "1275871", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275871" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803083", "reference_id": "803083", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803083" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2695", "reference_id": "CVE-2015-2695", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2695" }, { "reference_url": "https://security.gentoo.org/glsa/201611-14", "reference_id": "GLSA-201611-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-14" }, { "reference_url": "https://usn.ubuntu.com/2810-1/", "reference_id": "USN-2810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035813?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-2695" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rpxk-f19y-87dq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62179?format=api", "vulnerability_id": "VCID-sgnn-emh7-kqgh", "summary": "security update", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8343", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8343" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00059.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00059.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0493.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0493.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0532.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0532.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8631.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8631.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8631", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84508", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84479", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84481", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84384", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84399", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84419", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84422", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84443", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84448", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84467", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84461", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84456", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84478", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/83ed75feba32e46f736fcce0d96a0445f29b96c2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/83ed75feba32e46f736fcce0d96a0445f29b96c2" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3466", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3466" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securitytracker.com/id/1034916", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034916" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302642", "reference_id": "1302642", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302642" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813126", "reference_id": "813126", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813126" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8631", "reference_id": "CVE-2015-8631", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0493", "reference_id": "RHSA-2016:0493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0532", "reference_id": "RHSA-2016:0532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0532" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035813?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-8631" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sgnn-emh7-kqgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85294?format=api", "vulnerability_id": "VCID-z6ca-snvn-jyh9", "summary": "krb5: null pointer dereference in kadmin", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-04/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-04/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-04/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-04/msg00055.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2591.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2591.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3119.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3119.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3119", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92704", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92701", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.9265", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92657", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92664", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92674", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92679", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92684", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92683", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92698", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92697", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3119" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3119", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3119" }, { "reference_url": "https://github.com/krb5/krb5/commit/08c642c09c38a9c6454ab43a9b53b2a89b9eef99", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/08c642c09c38a9c6454ab43a9b53b2a89b9eef99" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00040.html" }, { "reference_url": "http://www.securityfocus.com/bid/85392", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/85392" }, { "reference_url": "http://www.securitytracker.com/id/1035399", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035399" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1319616", "reference_id": "1319616", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1319616" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819468", "reference_id": "819468", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819468" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3119", "reference_id": "CVE-2016-3119", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2591", "reference_id": "RHSA-2016:2591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2591" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2016-3119" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z6ca-snvn-jyh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85384?format=api", "vulnerability_id": "VCID-zxvf-pz4q-myey", "summary": "krb5: krb5 doesn't check for null policy when KADM5_POLICY is set in the mask", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8342", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8342" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00059.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00059.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0532.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0532.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8630.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8630.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8630", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86607", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86591", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86596", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86516", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86527", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86545", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86564", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86574", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86588", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86585", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86578", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8630" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8630", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8630" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/b863de7fbf080b15e347a736fdda0a82d42f4f6b", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/b863de7fbf080b15e347a736fdda0a82d42f4f6b" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3466", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3466" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securitytracker.com/id/1034915", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034915" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302632", "reference_id": "1302632", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302632" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813127", "reference_id": "813127", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813127" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8630", "reference_id": "CVE-2015-8630", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0532", "reference_id": "RHSA-2016:0532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0532" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-8630" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zxvf-pz4q-myey" } ], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" }