Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/heimdal@7.7.1-r0?arch=x86&distroversion=v3.16&reponame=main
Typeapk
Namespacealpine
Nameheimdal
Version7.7.1-r0
Qualifiers
arch x86
distroversion v3.16
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-32zs-v5dt-q3dm
vulnerability_id VCID-32zs-v5dt-q3dm
summary Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferred_mech_type of GSS_C_NO_OID and a nonzero initial_response value to send_accept.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44758
reference_id
reference_type
scores
0
value 0.00349
scoring_system epss
scoring_elements 0.5767
published_at 2026-06-04T12:55:00Z
1
value 0.00349
scoring_system epss
scoring_elements 0.57722
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44758
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187
reference_id 1024187
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187
8
reference_url https://github.com/heimdal/heimdal/commit/f9ec7002cdd526ae84fbacbf153162e118f22580
reference_id f9ec7002cdd526ae84fbacbf153162e118f22580
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:56:38Z/
url https://github.com/heimdal/heimdal/commit/f9ec7002cdd526ae84fbacbf153162e118f22580
9
reference_url https://github.com/heimdal/heimdal/security/advisories/GHSA-69h9-669w-88xv
reference_id GHSA-69h9-669w-88xv
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:56:38Z/
url https://github.com/heimdal/heimdal/security/advisories/GHSA-69h9-669w-88xv
10
reference_url https://security.gentoo.org/glsa/202310-06
reference_id GLSA-202310-06
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:56:38Z/
url https://security.gentoo.org/glsa/202310-06
11
reference_url https://usn.ubuntu.com/5800-1/
reference_id USN-5800-1
reference_type
scores
url https://usn.ubuntu.com/5800-1/
fixed_packages
0
url pkg:apk/alpine/heimdal@7.7.1-r0?arch=x86&distroversion=v3.16&reponame=main
purl pkg:apk/alpine/heimdal@7.7.1-r0?arch=x86&distroversion=v3.16&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/heimdal@7.7.1-r0%3Farch=x86&distroversion=v3.16&reponame=main
aliases CVE-2021-44758
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-32zs-v5dt-q3dm
1
url VCID-7rsk-suge-a7b4
vulnerability_id VCID-7rsk-suge-a7b4
summary Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-44640
reference_id
reference_type
scores
0
value 0.01611
scoring_system epss
scoring_elements 0.82104
published_at 2026-06-04T12:55:00Z
1
value 0.01611
scoring_system epss
scoring_elements 0.82133
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-44640
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187
reference_id 1024187
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187
8
reference_url https://github.com/heimdal/heimdal/security/advisories/GHSA-88pm-hfmq-7vv4
reference_id GHSA-88pm-hfmq-7vv4
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T13:20:08Z/
url https://github.com/heimdal/heimdal/security/advisories/GHSA-88pm-hfmq-7vv4
9
reference_url https://security.gentoo.org/glsa/202310-06
reference_id GLSA-202310-06
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T13:20:08Z/
url https://security.gentoo.org/glsa/202310-06
10
reference_url https://security.netapp.com/advisory/ntap-20230216-0008/
reference_id ntap-20230216-0008
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-15T13:20:08Z/
url https://security.netapp.com/advisory/ntap-20230216-0008/
11
reference_url https://usn.ubuntu.com/5800-1/
reference_id USN-5800-1
reference_type
scores
url https://usn.ubuntu.com/5800-1/
fixed_packages
0
url pkg:apk/alpine/heimdal@7.7.1-r0?arch=x86&distroversion=v3.16&reponame=main
purl pkg:apk/alpine/heimdal@7.7.1-r0?arch=x86&distroversion=v3.16&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/heimdal@7.7.1-r0%3Farch=x86&distroversion=v3.16&reponame=main
aliases CVE-2022-44640
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7rsk-suge-a7b4
2
url VCID-np9m-wq3n-j7cq
vulnerability_id VCID-np9m-wq3n-j7cq
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3437.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3437.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3437
reference_id
reference_type
scores
0
value 0.00727
scoring_system epss
scoring_elements 0.73025
published_at 2026-06-05T12:55:00Z
1
value 0.00727
scoring_system epss
scoring_elements 0.72987
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3437
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091
13
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
14
reference_url http://www.openwall.com/lists/oss-security/2023/02/08/1
reference_id 1
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/
url http://www.openwall.com/lists/oss-security/2023/02/08/1
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187
reference_id 1024187
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2137774
reference_id 2137774
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2137774
17
reference_url https://security.archlinux.org/AVG-2828
reference_id AVG-2828
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2828
18
reference_url https://access.redhat.com/security/cve/CVE-2022-3437
reference_id CVE-2022-3437
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/
url https://access.redhat.com/security/cve/CVE-2022-3437
19
reference_url https://www.samba.org/samba/security/CVE-2022-3437.html
reference_id CVE-2022-3437.html
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/
url https://www.samba.org/samba/security/CVE-2022-3437.html
20
reference_url https://security.gentoo.org/glsa/202309-06
reference_id GLSA-202309-06
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/
url https://security.gentoo.org/glsa/202309-06
21
reference_url https://security.gentoo.org/glsa/202310-06
reference_id GLSA-202310-06
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/
url https://security.gentoo.org/glsa/202310-06
22
reference_url https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
reference_id msg00015.html
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/
url https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
23
reference_url https://security.netapp.com/advisory/ntap-20230216-0008/
reference_id ntap-20230216-0008
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/
url https://security.netapp.com/advisory/ntap-20230216-0008/
24
reference_url https://usn.ubuntu.com/5800-1/
reference_id USN-5800-1
reference_type
scores
url https://usn.ubuntu.com/5800-1/
25
reference_url https://usn.ubuntu.com/5822-1/
reference_id USN-5822-1
reference_type
scores
url https://usn.ubuntu.com/5822-1/
26
reference_url https://usn.ubuntu.com/5936-1/
reference_id USN-5936-1
reference_type
scores
url https://usn.ubuntu.com/5936-1/
27
reference_url https://usn.ubuntu.com/7582-1/
reference_id USN-7582-1
reference_type
scores
url https://usn.ubuntu.com/7582-1/
fixed_packages
0
url pkg:apk/alpine/heimdal@7.7.1-r0?arch=x86&distroversion=v3.16&reponame=main
purl pkg:apk/alpine/heimdal@7.7.1-r0?arch=x86&distroversion=v3.16&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/heimdal@7.7.1-r0%3Farch=x86&distroversion=v3.16&reponame=main
aliases CVE-2022-3437
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-np9m-wq3n-j7cq
3
url VCID-qc3q-ht1m-aqdx
vulnerability_id VCID-qc3q-ht1m-aqdx
summary The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45142.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45142.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-45142
reference_id
reference_type
scores
0
value 0.00088
scoring_system epss
scoring_elements 0.25178
published_at 2026-06-04T12:55:00Z
1
value 0.00088
scoring_system epss
scoring_elements 0.25274
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-45142
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45142
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45142
3
reference_url https://www.openwall.com/lists/oss-security/2023/02/08/1
reference_id 1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-06T20:20:44Z/
url https://www.openwall.com/lists/oss-security/2023/02/08/1
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030849
reference_id 1030849
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030849
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2166672
reference_id 2166672
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2166672
6
reference_url https://security.gentoo.org/glsa/202310-06
reference_id GLSA-202310-06
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-06T20:20:44Z/
url https://security.gentoo.org/glsa/202310-06
7
reference_url https://usn.ubuntu.com/5849-1/
reference_id USN-5849-1
reference_type
scores
url https://usn.ubuntu.com/5849-1/
fixed_packages
0
url pkg:apk/alpine/heimdal@7.7.1-r0?arch=x86&distroversion=v3.16&reponame=main
purl pkg:apk/alpine/heimdal@7.7.1-r0?arch=x86&distroversion=v3.16&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/heimdal@7.7.1-r0%3Farch=x86&distroversion=v3.16&reponame=main
aliases CVE-2022-45142
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qc3q-ht1m-aqdx
4
url VCID-r3n1-q8uv-cfbb
vulnerability_id VCID-r3n1-q8uv-cfbb
summary All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authentication, by forcing all tickets for these clients to be non-forwardable. In AD this is implemented by a user attribute delegation_not_allowed (aka not-delegated), which translates to disallow-forwardable. However the Samba AD DC does not do that for S4U2Self and does set the forwardable flag even if the impersonated client has the not-delegated flag set.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14870.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14870.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14870
reference_id
reference_type
scores
0
value 0.04669
scoring_system epss
scoring_elements 0.89506
published_at 2026-06-04T12:55:00Z
1
value 0.04669
scoring_system epss
scoring_elements 0.89525
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14870
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14870
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14870
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1778589
reference_id 1778589
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1778589
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946786
reference_id 946786
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946786
6
reference_url https://security.gentoo.org/glsa/202003-52
reference_id GLSA-202003-52
reference_type
scores
url https://security.gentoo.org/glsa/202003-52
7
reference_url https://security.gentoo.org/glsa/202310-06
reference_id GLSA-202310-06
reference_type
scores
url https://security.gentoo.org/glsa/202310-06
fixed_packages
0
url pkg:apk/alpine/heimdal@7.7.1-r0?arch=x86&distroversion=v3.16&reponame=main
purl pkg:apk/alpine/heimdal@7.7.1-r0?arch=x86&distroversion=v3.16&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/heimdal@7.7.1-r0%3Farch=x86&distroversion=v3.16&reponame=main
aliases CVE-2019-14870
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r3n1-q8uv-cfbb
5
url VCID-wc2t-bbf1-mua5
vulnerability_id VCID-wc2t-bbf1-mua5
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42898.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42898.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-42898
reference_id
reference_type
scores
0
value 0.10832
scoring_system epss
scoring_elements 0.935
published_at 2026-06-04T12:55:00Z
1
value 0.10832
scoring_system epss
scoring_elements 0.9351
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-42898
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187
reference_id 1024187
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024267
reference_id 1024267
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024267
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2140960
reference_id 2140960
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2140960
12
reference_url https://web.mit.edu/kerberos/advisories/
reference_id advisories
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://web.mit.edu/kerberos/advisories/
13
reference_url https://security.archlinux.org/AVG-2828
reference_id AVG-2828
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2828
14
reference_url https://www.samba.org/samba/security/CVE-2022-42898.html
reference_id CVE-2022-42898.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://www.samba.org/samba/security/CVE-2022-42898.html
15
reference_url https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583
reference_id ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583
16
reference_url https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c
reference_id GHSA-64mq-fvfj-5x3c
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c
17
reference_url https://security.gentoo.org/glsa/202309-06
reference_id GLSA-202309-06
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://security.gentoo.org/glsa/202309-06
18
reference_url https://security.gentoo.org/glsa/202310-06
reference_id GLSA-202310-06
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://security.gentoo.org/glsa/202310-06
19
reference_url https://security.gentoo.org/glsa/202405-11
reference_id GLSA-202405-11
reference_type
scores
url https://security.gentoo.org/glsa/202405-11
20
reference_url https://web.mit.edu/kerberos/krb5-1.19/
reference_id krb5-1.19
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://web.mit.edu/kerberos/krb5-1.19/
21
reference_url https://security.netapp.com/advisory/ntap-20230216-0008/
reference_id ntap-20230216-0008
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://security.netapp.com/advisory/ntap-20230216-0008/
22
reference_url https://security.netapp.com/advisory/ntap-20230223-0001/
reference_id ntap-20230223-0001
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://security.netapp.com/advisory/ntap-20230223-0001/
23
reference_url https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt
reference_id README-1.20.1.txt
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt
24
reference_url https://access.redhat.com/errata/RHSA-2022:8637
reference_id RHSA-2022:8637
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8637
25
reference_url https://access.redhat.com/errata/RHSA-2022:8638
reference_id RHSA-2022:8638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8638
26
reference_url https://access.redhat.com/errata/RHSA-2022:8639
reference_id RHSA-2022:8639
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8639
27
reference_url https://access.redhat.com/errata/RHSA-2022:8640
reference_id RHSA-2022:8640
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8640
28
reference_url https://access.redhat.com/errata/RHSA-2022:8641
reference_id RHSA-2022:8641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8641
29
reference_url https://access.redhat.com/errata/RHSA-2022:8648
reference_id RHSA-2022:8648
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8648
30
reference_url https://access.redhat.com/errata/RHSA-2022:8662
reference_id RHSA-2022:8662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8662
31
reference_url https://access.redhat.com/errata/RHSA-2022:8663
reference_id RHSA-2022:8663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8663
32
reference_url https://access.redhat.com/errata/RHSA-2022:8669
reference_id RHSA-2022:8669
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8669
33
reference_url https://access.redhat.com/errata/RHSA-2022:9029
reference_id RHSA-2022:9029
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9029
34
reference_url https://bugzilla.samba.org/show_bug.cgi?id=15203
reference_id show_bug.cgi?id=15203
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://bugzilla.samba.org/show_bug.cgi?id=15203
35
reference_url https://usn.ubuntu.com/5800-1/
reference_id USN-5800-1
reference_type
scores
url https://usn.ubuntu.com/5800-1/
36
reference_url https://usn.ubuntu.com/5822-1/
reference_id USN-5822-1
reference_type
scores
url https://usn.ubuntu.com/5822-1/
37
reference_url https://usn.ubuntu.com/5828-1/
reference_id USN-5828-1
reference_type
scores
url https://usn.ubuntu.com/5828-1/
38
reference_url https://usn.ubuntu.com/5936-1/
reference_id USN-5936-1
reference_type
scores
url https://usn.ubuntu.com/5936-1/
39
reference_url https://usn.ubuntu.com/7582-1/
reference_id USN-7582-1
reference_type
scores
url https://usn.ubuntu.com/7582-1/
fixed_packages
0
url pkg:apk/alpine/heimdal@7.7.1-r0?arch=x86&distroversion=v3.16&reponame=main
purl pkg:apk/alpine/heimdal@7.7.1-r0?arch=x86&distroversion=v3.16&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/heimdal@7.7.1-r0%3Farch=x86&distroversion=v3.16&reponame=main
aliases CVE-2022-42898
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wc2t-bbf1-mua5
6
url VCID-x8wd-mfqy-tfd3
vulnerability_id VCID-x8wd-mfqy-tfd3
summary Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal's PKI certificate validation library, affecting the KDC (via PKINIT) and kinit (via PKINIT), as well as any third-party applications using Heimdal's libhx509. Users should upgrade to Heimdal 7.7.1 or 7.8. There are no known workarounds for this issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41916
reference_id
reference_type
scores
0
value 0.00322
scoring_system epss
scoring_elements 0.55589
published_at 2026-06-04T12:55:00Z
1
value 0.00322
scoring_system epss
scoring_elements 0.55645
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41916
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187
reference_id 1024187
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187
8
reference_url https://www.debian.org/security/2022/dsa-5287
reference_id dsa-5287
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:54:33Z/
url https://www.debian.org/security/2022/dsa-5287
9
reference_url https://github.com/heimdal/heimdal/security/advisories/GHSA-mgqr-gvh6-23cx
reference_id GHSA-mgqr-gvh6-23cx
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:54:33Z/
url https://github.com/heimdal/heimdal/security/advisories/GHSA-mgqr-gvh6-23cx
10
reference_url https://security.gentoo.org/glsa/202310-06
reference_id GLSA-202310-06
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:54:33Z/
url https://security.gentoo.org/glsa/202310-06
11
reference_url https://lists.debian.org/debian-lts-announce/2022/11/msg00034.html
reference_id msg00034.html
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:54:33Z/
url https://lists.debian.org/debian-lts-announce/2022/11/msg00034.html
12
reference_url https://security.netapp.com/advisory/ntap-20230216-0008/
reference_id ntap-20230216-0008
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:54:33Z/
url https://security.netapp.com/advisory/ntap-20230216-0008/
13
reference_url https://usn.ubuntu.com/5766-1/
reference_id USN-5766-1
reference_type
scores
url https://usn.ubuntu.com/5766-1/
fixed_packages
0
url pkg:apk/alpine/heimdal@7.7.1-r0?arch=x86&distroversion=v3.16&reponame=main
purl pkg:apk/alpine/heimdal@7.7.1-r0?arch=x86&distroversion=v3.16&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/heimdal@7.7.1-r0%3Farch=x86&distroversion=v3.16&reponame=main
aliases CVE-2022-41916
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x8wd-mfqy-tfd3
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/heimdal@7.7.1-r0%3Farch=x86&distroversion=v3.16&reponame=main