Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/samba@4.8.4-r0?arch=x86&distroversion=v3.9&reponame=main
Typeapk
Namespacealpine
Namesamba
Version4.8.4-r0
Qualifiers
arch x86
distroversion v3.9
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version4.8.7-r0
Latest_non_vulnerable_version4.8.12-r2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1drk-e3vx-wbe8
vulnerability_id VCID-1drk-e3vx-wbe8
summary A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1139.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1139.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1139
reference_id
reference_type
scores
0
value 0.0162
scoring_system epss
scoring_elements 0.82164
published_at 2026-06-04T12:55:00Z
1
value 0.0162
scoring_system epss
scoring_elements 0.82193
published_at 2026-06-05T12:55:00Z
2
value 0.0162
scoring_system epss
scoring_elements 0.82195
published_at 2026-06-06T12:55:00Z
3
value 0.0162
scoring_system epss
scoring_elements 0.82196
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1139
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1139
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1139
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1589651
reference_id 1589651
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1589651
5
reference_url https://security.gentoo.org/glsa/202003-52
reference_id GLSA-202003-52
reference_type
scores
url https://security.gentoo.org/glsa/202003-52
6
reference_url https://access.redhat.com/errata/RHSA-2018:2612
reference_id RHSA-2018:2612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2612
7
reference_url https://access.redhat.com/errata/RHSA-2018:2613
reference_id RHSA-2018:2613
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2613
8
reference_url https://access.redhat.com/errata/RHSA-2018:3056
reference_id RHSA-2018:3056
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3056
9
reference_url https://usn.ubuntu.com/3738-1/
reference_id USN-3738-1
reference_type
scores
url https://usn.ubuntu.com/3738-1/
fixed_packages
0
url pkg:apk/alpine/samba@4.8.4-r0?arch=x86&distroversion=v3.9&reponame=main
purl pkg:apk/alpine/samba@4.8.4-r0?arch=x86&distroversion=v3.9&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.8.4-r0%3Farch=x86&distroversion=v3.9&reponame=main
aliases CVE-2018-1139
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1drk-e3vx-wbe8
1
url VCID-5uh7-w6s9-47gr
vulnerability_id VCID-5uh7-w6s9-47gr
summary The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10919.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10919.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10919
reference_id
reference_type
scores
0
value 0.01373
scoring_system epss
scoring_elements 0.80567
published_at 2026-06-04T12:55:00Z
1
value 0.01373
scoring_system epss
scoring_elements 0.80594
published_at 2026-06-05T12:55:00Z
2
value 0.01373
scoring_system epss
scoring_elements 0.80596
published_at 2026-06-06T12:55:00Z
3
value 0.01373
scoring_system epss
scoring_elements 0.80592
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10919
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10858
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10858
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10919
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10919
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1610645
reference_id 1610645
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1610645
5
reference_url https://security.gentoo.org/glsa/202003-52
reference_id GLSA-202003-52
reference_type
scores
url https://security.gentoo.org/glsa/202003-52
6
reference_url https://usn.ubuntu.com/3738-1/
reference_id USN-3738-1
reference_type
scores
url https://usn.ubuntu.com/3738-1/
fixed_packages
0
url pkg:apk/alpine/samba@4.8.4-r0?arch=x86&distroversion=v3.9&reponame=main
purl pkg:apk/alpine/samba@4.8.4-r0?arch=x86&distroversion=v3.9&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.8.4-r0%3Farch=x86&distroversion=v3.9&reponame=main
aliases CVE-2018-10919
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5uh7-w6s9-47gr
2
url VCID-jeut-pn1j-gfg6
vulnerability_id VCID-jeut-pn1j-gfg6
summary A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10858.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10858.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10858
reference_id
reference_type
scores
0
value 0.0594
scoring_system epss
scoring_elements 0.90803
published_at 2026-06-04T12:55:00Z
1
value 0.0594
scoring_system epss
scoring_elements 0.90817
published_at 2026-06-06T12:55:00Z
2
value 0.0594
scoring_system epss
scoring_elements 0.90815
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10858
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10858
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10858
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10919
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10919
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1612805
reference_id 1612805
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1612805
6
reference_url https://security.gentoo.org/glsa/202003-52
reference_id GLSA-202003-52
reference_type
scores
url https://security.gentoo.org/glsa/202003-52
7
reference_url https://access.redhat.com/errata/RHSA-2018:2612
reference_id RHSA-2018:2612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2612
8
reference_url https://access.redhat.com/errata/RHSA-2018:2613
reference_id RHSA-2018:2613
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2613
9
reference_url https://access.redhat.com/errata/RHSA-2018:3056
reference_id RHSA-2018:3056
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3056
10
reference_url https://access.redhat.com/errata/RHSA-2018:3470
reference_id RHSA-2018:3470
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3470
11
reference_url https://usn.ubuntu.com/3738-1/
reference_id USN-3738-1
reference_type
scores
url https://usn.ubuntu.com/3738-1/
fixed_packages
0
url pkg:apk/alpine/samba@4.8.4-r0?arch=x86&distroversion=v3.9&reponame=main
purl pkg:apk/alpine/samba@4.8.4-r0?arch=x86&distroversion=v3.9&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.8.4-r0%3Farch=x86&distroversion=v3.9&reponame=main
aliases CVE-2018-10858
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jeut-pn1j-gfg6
3
url VCID-tbhp-xkw4-hucg
vulnerability_id VCID-tbhp-xkw4-hucg
summary A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer. An authenticated attacker could use this flaw to crash a samba server in an Active Directory Domain Controller configuration. Samba versions before 4.7.9 and 4.8.4 are vulnerable.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10918.json
reference_id
reference_type
scores
0
value 5.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10918.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10918
reference_id
reference_type
scores
0
value 0.04739
scoring_system epss
scoring_elements 0.89599
published_at 2026-06-04T12:55:00Z
1
value 0.04739
scoring_system epss
scoring_elements 0.89616
published_at 2026-06-06T12:55:00Z
2
value 0.04739
scoring_system epss
scoring_elements 0.89614
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10918
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10918
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10918
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1610640
reference_id 1610640
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1610640
5
reference_url https://security.gentoo.org/glsa/202003-52
reference_id GLSA-202003-52
reference_type
scores
url https://security.gentoo.org/glsa/202003-52
6
reference_url https://usn.ubuntu.com/3738-1/
reference_id USN-3738-1
reference_type
scores
url https://usn.ubuntu.com/3738-1/
fixed_packages
0
url pkg:apk/alpine/samba@4.8.4-r0?arch=x86&distroversion=v3.9&reponame=main
purl pkg:apk/alpine/samba@4.8.4-r0?arch=x86&distroversion=v3.9&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.8.4-r0%3Farch=x86&distroversion=v3.9&reponame=main
aliases CVE-2018-10918
risk_score 2.4
exploitability 0.5
weighted_severity 4.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tbhp-xkw4-hucg
4
url VCID-zcfp-hhne-tuf2
vulnerability_id VCID-zcfp-hhne-tuf2
summary A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used as a Active Directory Domain Controller. All versions of Samba from 4.8.0 onwards are vulnerable
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1140.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1140.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1140
reference_id
reference_type
scores
0
value 0.14432
scoring_system epss
scoring_elements 0.94554
published_at 2026-06-04T12:55:00Z
1
value 0.14432
scoring_system epss
scoring_elements 0.94563
published_at 2026-06-05T12:55:00Z
2
value 0.14432
scoring_system epss
scoring_elements 0.94564
published_at 2026-06-06T12:55:00Z
3
value 0.14432
scoring_system epss
scoring_elements 0.94566
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1140
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1140
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1140
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1580230
reference_id 1580230
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1580230
5
reference_url https://security.gentoo.org/glsa/202003-52
reference_id GLSA-202003-52
reference_type
scores
url https://security.gentoo.org/glsa/202003-52
fixed_packages
0
url pkg:apk/alpine/samba@4.8.4-r0?arch=x86&distroversion=v3.9&reponame=main
purl pkg:apk/alpine/samba@4.8.4-r0?arch=x86&distroversion=v3.9&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.8.4-r0%3Farch=x86&distroversion=v3.9&reponame=main
aliases CVE-2018-1140
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zcfp-hhne-tuf2
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.8.4-r0%3Farch=x86&distroversion=v3.9&reponame=main