Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/4424?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/4424?format=api", "purl": "pkg:deb/debian/samba@2.2.3a-15", "type": "deb", "namespace": "debian", "name": "samba", "version": "2.2.3a-15", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2:4.17.12+dfsg-0+deb12u2", "latest_non_vulnerable_version": "2:4.17.12+dfsg-0+deb12u2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3643?format=api", "vulnerability_id": "VCID-1yzz-fu2r-rqgy", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44142.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44142.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44142", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.35695", "scoring_system": "epss", "scoring_elements": "0.97161", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44142" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004693", "reference_id": "1004693", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046146", "reference_id": "2046146", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046146" }, { "reference_url": "https://security.archlinux.org/AVG-2648", "reference_id": "AVG-2648", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2648" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0328", "reference_id": "RHSA-2022:0328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0329", "reference_id": "RHSA-2022:0329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0330", "reference_id": "RHSA-2022:0330", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0330" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0331", "reference_id": "RHSA-2022:0331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0332", "reference_id": "RHSA-2022:0332", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0457", "reference_id": "RHSA-2022:0457", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0457" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0458", "reference_id": "RHSA-2022:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0663", "reference_id": "RHSA-2022:0663", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0663" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0664", "reference_id": "RHSA-2022:0664", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0664" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2021-44142" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1yzz-fu2r-rqgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6202?format=api", "vulnerability_id": "VCID-26vq-jj49-byez", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16841.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16841.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16841", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09452", "scoring_system": "epss", "scoring_elements": "0.92965", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16841" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642545", "reference_id": "1642545", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642545" }, { "reference_url": "https://security.archlinux.org/ASA-201811-22", "reference_id": "ASA-201811-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-22" }, { "reference_url": "https://security.archlinux.org/AVG-823", "reference_id": "AVG-823", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-823" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-16841" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-26vq-jj49-byez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6201?format=api", "vulnerability_id": "VCID-35qh-y7xf-nkdn", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16851.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16851.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16851", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08925", "scoring_system": "epss", "scoring_elements": "0.92732", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16851" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646377", "reference_id": "1646377", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646377" }, { "reference_url": "https://security.archlinux.org/ASA-201811-22", "reference_id": "ASA-201811-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-22" }, { "reference_url": "https://security.archlinux.org/AVG-823", "reference_id": "AVG-823", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-823" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-16851" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-35qh-y7xf-nkdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4311?format=api", "vulnerability_id": "VCID-3ddh-cm8f-nuf2", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1050.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1050.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1050", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19654", "scoring_system": "epss", "scoring_elements": "0.95539", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1050" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538771", "reference_id": "1538771", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538771" }, { "reference_url": "https://security.archlinux.org/ASA-201803-10", "reference_id": "ASA-201803-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-10" }, { "reference_url": "https://security.archlinux.org/AVG-651", "reference_id": "AVG-651", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-651" }, { "reference_url": "https://security.gentoo.org/glsa/201805-07", "reference_id": "GLSA-201805-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201805-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1860", "reference_id": "RHSA-2018:1860", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1860" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1883", "reference_id": "RHSA-2018:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2612", "reference_id": "RHSA-2018:2612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2613", "reference_id": "RHSA-2018:2613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3056", "reference_id": "RHSA-2018:3056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3056" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-1050" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ddh-cm8f-nuf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100665?format=api", "vulnerability_id": "VCID-4pjr-6tfv-hqgu", "summary": "The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7540.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7540.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7540", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.39597", "scoring_system": "epss", "scoring_elements": "0.97384", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1288451", "reference_id": "1288451", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1288451" }, { "reference_url": "https://security.gentoo.org/glsa/201612-47", "reference_id": "GLSA-201612-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0010", "reference_id": "RHSA-2016:0010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0015", "reference_id": "RHSA-2016:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0015" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4431?format=api", "purl": "pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-yt92-mfwy-z7er" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7" } ], "aliases": [ "CVE-2015-7540" ], "risk_score": 0.2, "exploitability": "0.5", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4pjr-6tfv-hqgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7023?format=api", "vulnerability_id": "VCID-5tub-1spq-b7c7", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25719.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25719.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25719", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43839", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019732", "reference_id": "2019732", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019732" }, { "reference_url": "https://security.archlinux.org/AVG-2538", "reference_id": "AVG-2538", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2538" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5142", "reference_id": "RHSA-2021:5142", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5142" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5195", "reference_id": "RHSA-2021:5195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0007", "reference_id": "RHSA-2022:0007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0076", "reference_id": "RHSA-2022:0076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0076" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-25719" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5tub-1spq-b7c7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6390?format=api", "vulnerability_id": "VCID-688u-s2a3-8fha", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15275.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15275.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15275", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.4327", "scoring_system": "epss", "scoring_elements": "0.97572", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1512465", "reference_id": "1512465", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1512465" }, { "reference_url": "https://security.archlinux.org/ASA-201712-1", "reference_id": "ASA-201712-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201712-1" }, { "reference_url": "https://security.archlinux.org/AVG-535", "reference_id": "AVG-535", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-535" }, { "reference_url": "https://security.gentoo.org/glsa/201805-07", "reference_id": "GLSA-201805-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201805-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3260", "reference_id": "RHSA-2017:3260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3261", "reference_id": "RHSA-2017:3261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3261" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3278", "reference_id": "RHSA-2017:3278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3278" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4435?format=api", "purl": "pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2017-15275" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-688u-s2a3-8fha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75219?format=api", "vulnerability_id": "VCID-68mw-cr8k-qfgs", "summary": "ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5330.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5330.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5330", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01625", "scoring_system": "epss", "scoring_elements": "0.82196", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5330" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281326", "reference_id": "1281326", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281326" }, { "reference_url": "https://security.gentoo.org/glsa/201612-47", "reference_id": "GLSA-201612-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0006", "reference_id": "RHSA-2016:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0009", "reference_id": "RHSA-2016:0009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0010", "reference_id": "RHSA-2016:0010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0014", "reference_id": "RHSA-2016:0014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0015", "reference_id": "RHSA-2016:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0016", "reference_id": "RHSA-2016:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0016" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4431?format=api", "purl": "pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-yt92-mfwy-z7er" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7" } ], "aliases": [ "CVE-2015-5330" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-68mw-cr8k-qfgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100668?format=api", "vulnerability_id": "VCID-6pd7-pxth-3faj", "summary": "The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0771.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0771.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0771", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05663", "scoring_system": "epss", "scoring_elements": "0.90536", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1309978", "reference_id": "1309978", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1309978" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4431?format=api", "purl": "pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-yt92-mfwy-z7er" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7" } ], "aliases": [ "CVE-2016-0771" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6pd7-pxth-3faj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100649?format=api", "vulnerability_id": "VCID-6y1r-n3tf-qbfy", "summary": "Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4475.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4475.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4475", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06902", "scoring_system": "epss", "scoring_elements": "0.91547", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4475" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1024542", "reference_id": "1024542", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1024542" }, { "reference_url": "https://security.gentoo.org/glsa/201502-15", "reference_id": "GLSA-201502-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201502-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1806", "reference_id": "RHSA-2013:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0009", "reference_id": "RHSA-2014:0009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0009" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4431?format=api", "purl": "pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-yt92-mfwy-z7er" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7" } ], "aliases": [ "CVE-2013-4475" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6y1r-n3tf-qbfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100657?format=api", "vulnerability_id": "VCID-82sk-6wse-qkbh", "summary": "The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3493.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3493.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3493", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02413", "scoring_system": "epss", "scoring_elements": "0.85384", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1108748", "reference_id": "1108748", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1108748" }, { "reference_url": "https://security.gentoo.org/glsa/201502-15", "reference_id": "GLSA-201502-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201502-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0866", "reference_id": "RHSA-2014:0866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0867", "reference_id": "RHSA-2014:0867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1009", "reference_id": "RHSA-2014:1009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1009" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4431?format=api", "purl": "pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-yt92-mfwy-z7er" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7" } ], "aliases": [ "CVE-2014-3493" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-82sk-6wse-qkbh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100660?format=api", "vulnerability_id": "VCID-8hfr-fp5z-s3c1", "summary": "The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0240.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0240.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0240", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.90696", "scoring_system": "epss", "scoring_elements": "0.99637", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0240" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0240", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0240" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191325", "reference_id": "1191325", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191325" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779033", "reference_id": "779033", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779033" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/dos/36741.py", "reference_id": "CVE-2015-0240;OSVDB-118637", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/dos/36741.py" }, { "reference_url": "https://security.gentoo.org/glsa/201502-15", "reference_id": "GLSA-201502-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201502-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0249", "reference_id": "RHSA-2015:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0250", "reference_id": "RHSA-2015:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0251", "reference_id": "RHSA-2015:0251", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0251" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0252", "reference_id": "RHSA-2015:0252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0252" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0253", "reference_id": "RHSA-2015:0253", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0253" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0254", "reference_id": "RHSA-2015:0254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0255", "reference_id": "RHSA-2015:0255", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0255" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0256", "reference_id": "RHSA-2015:0256", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0256" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0257", "reference_id": "RHSA-2015:0257", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0257" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4431?format=api", "purl": "pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-yt92-mfwy-z7er" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7" } ], "aliases": [ "CVE-2015-0240" ], "risk_score": 1.6, "exploitability": "2.0", "weighted_severity": "0.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8hfr-fp5z-s3c1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100675?format=api", "vulnerability_id": "VCID-8tyg-f73c-zuh3", "summary": "Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2115.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2115.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2115", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22744", "scoring_system": "epss", "scoring_elements": "0.95973", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1312084", "reference_id": "1312084", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1312084" }, { "reference_url": "https://security.gentoo.org/glsa/201612-47", "reference_id": "GLSA-201612-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0611", "reference_id": "RHSA-2016:0611", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0611" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0612", "reference_id": "RHSA-2016:0612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0613", "reference_id": "RHSA-2016:0613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0614", "reference_id": "RHSA-2016:0614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0618", "reference_id": "RHSA-2016:0618", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0618" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0619", "reference_id": "RHSA-2016:0619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0620", "reference_id": "RHSA-2016:0620", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0620" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0624", "reference_id": "RHSA-2016:0624", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0624" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4432?format=api", "purl": "pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2016-2115" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8tyg-f73c-zuh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5845?format=api", "vulnerability_id": "VCID-8ztz-2n8a-gqbm", "summary": "denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10730.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10730.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10730", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03789", "scoring_system": "epss", "scoring_elements": "0.88279", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849489", "reference_id": "1849489", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849489" }, { "reference_url": "https://security.archlinux.org/AVG-1202", "reference_id": "AVG-1202", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1202" }, { "reference_url": "https://security.gentoo.org/glsa/202007-15", "reference_id": "GLSA-202007-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3118", "reference_id": "RHSA-2020:3118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3119", "reference_id": "RHSA-2020:3119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4568", "reference_id": "RHSA-2020:4568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4568" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-10730" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8ztz-2n8a-gqbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6199?format=api", "vulnerability_id": "VCID-92g2-se8k-ybh5", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16853.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16853.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16853", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04908", "scoring_system": "epss", "scoring_elements": "0.89783", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16853" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1647246", "reference_id": "1647246", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1647246" }, { "reference_url": "https://security.archlinux.org/ASA-201811-22", "reference_id": "ASA-201811-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-22" }, { "reference_url": "https://security.archlinux.org/AVG-823", "reference_id": "AVG-823", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-823" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-16853" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-92g2-se8k-ybh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100666?format=api", "vulnerability_id": "VCID-94d3-5rgf-x3dh", "summary": "The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7560.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7560.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7560", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03995", "scoring_system": "epss", "scoring_elements": "0.88627", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1309992", "reference_id": "1309992", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1309992" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0447", "reference_id": "RHSA-2016:0447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0447" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0448", "reference_id": "RHSA-2016:0448", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0448" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0449", "reference_id": "RHSA-2016:0449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0449" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4431?format=api", "purl": "pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-yt92-mfwy-z7er" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/4435?format=api", "purl": "pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9" } ], "aliases": [ "CVE-2015-7560" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-94d3-5rgf-x3dh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6552?format=api", "vulnerability_id": "VCID-apjj-ezss-a3hj", "summary": "arbitrary code execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7494.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7494.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.94176", "scoring_system": "epss", "scoring_elements": "0.99922", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7494" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1450347", "reference_id": "1450347", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1450347" }, { "reference_url": "https://security.archlinux.org/ASA-201705-22", "reference_id": "ASA-201705-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201705-22" }, { "reference_url": "https://security.archlinux.org/AVG-279", "reference_id": "AVG-279", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-279" }, { "reference_url": "https://github.com/rapid7/metasploit-framework/blob/ae22b4ccf4a3dde77ec339d83091b057aa7e9a77/modules/exploits/linux/samba/is_known_pipename.rb", "reference_id": "CVE-2017-7494", "reference_type": "exploit", "scores": [], "url": "https://github.com/rapid7/metasploit-framework/blob/ae22b4ccf4a3dde77ec339d83091b057aa7e9a77/modules/exploits/linux/samba/is_known_pipename.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42060.py", "reference_id": "CVE-2017-7494", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42060.py" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42084.rb", "reference_id": "CVE-2017-7494", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42084.rb" }, { "reference_url": "https://security.gentoo.org/glsa/201805-07", "reference_id": "GLSA-201805-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201805-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1270", "reference_id": "RHSA-2017:1270", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1270" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1271", "reference_id": "RHSA-2017:1271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1272", "reference_id": "RHSA-2017:1272", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1272" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1273", "reference_id": "RHSA-2017:1273", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1273" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1390", "reference_id": "RHSA-2017:1390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1390" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4435?format=api", "purl": "pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" } ], "aliases": [ "CVE-2017-7494" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-apjj-ezss-a3hj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100653?format=api", "vulnerability_id": "VCID-b1ja-e7jm-gbhc", "summary": "Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRV_SNAPSHOT_ARRAY response field, which allows remote authenticated users to obtain potentially sensitive information from process memory via a (1) FSCTL_GET_SHADOW_COPY_DATA or (2) FSCTL_SRV_ENUMERATE_SNAPSHOTS request.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0178.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0178.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0178", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02302", "scoring_system": "epss", "scoring_elements": "0.85036", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101992", "reference_id": "1101992", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101992" }, { "reference_url": "https://security.gentoo.org/glsa/201502-15", "reference_id": "GLSA-201502-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201502-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0867", "reference_id": "RHSA-2014:0867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1009", "reference_id": "RHSA-2014:1009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1009" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4431?format=api", "purl": "pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-yt92-mfwy-z7er" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7" } ], "aliases": [ "CVE-2014-0178" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b1ja-e7jm-gbhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4668?format=api", "vulnerability_id": "VCID-b9y4-s6nz-kkby", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2123.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2123.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2123", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00863", "scoring_system": "epss", "scoring_elements": "0.75432", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2123" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1392702", "reference_id": "1392702", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1392702" }, { "reference_url": "https://security.archlinux.org/ASA-201612-19", "reference_id": "ASA-201612-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-19" }, { "reference_url": "https://security.archlinux.org/AVG-111", "reference_id": "AVG-111", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-111" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4435?format=api", "purl": "pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" } ], "aliases": [ "CVE-2016-2123" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b9y4-s6nz-kkby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100663?format=api", "vulnerability_id": "VCID-c99r-m2v5-zqa3", "summary": "The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote attackers to access snapshots by visiting a shadow copy directory.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5299.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5299.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5299", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09138", "scoring_system": "epss", "scoring_elements": "0.92829", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276126", "reference_id": "1276126", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276126" }, { "reference_url": "https://security.gentoo.org/glsa/201612-47", "reference_id": "GLSA-201612-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0006", "reference_id": "RHSA-2016:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0010", "reference_id": "RHSA-2016:0010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0011", "reference_id": "RHSA-2016:0011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0015", "reference_id": "RHSA-2016:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0016", "reference_id": "RHSA-2016:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0016" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4431?format=api", "purl": "pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-yt92-mfwy-z7er" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/4435?format=api", "purl": "pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9" } ], "aliases": [ "CVE-2015-5299" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c99r-m2v5-zqa3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6203?format=api", "vulnerability_id": "VCID-dtxj-7cam-x3g9", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14629.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14629.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14629", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08971", "scoring_system": "epss", "scoring_elements": "0.92753", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625449", "reference_id": "1625449", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625449" }, { "reference_url": "https://security.archlinux.org/ASA-201811-22", "reference_id": "ASA-201811-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-22" }, { "reference_url": "https://security.archlinux.org/AVG-823", "reference_id": "AVG-823", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-823" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-14629" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dtxj-7cam-x3g9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7018?format=api", "vulnerability_id": "VCID-dzyk-akhc-t7d2", "summary": "silent downgrade", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2124.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2124.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2124", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.72361", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019660", "reference_id": "2019660", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019660" }, { "reference_url": "https://security.archlinux.org/AVG-2539", "reference_id": "AVG-2539", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2539" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4843", "reference_id": "RHSA-2021:4843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4844", "reference_id": "RHSA-2021:4844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5082", "reference_id": "RHSA-2021:5082", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5082" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5192", "reference_id": "RHSA-2021:5192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0008", "reference_id": "RHSA-2022:0008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0074", "reference_id": "RHSA-2022:0074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0074" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2016-2124" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dzyk-akhc-t7d2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100670?format=api", "vulnerability_id": "VCID-eaxm-5jgj-eqcg", "summary": "The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2111.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2111.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2111", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02808", "scoring_system": "epss", "scoring_elements": "0.864", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2111" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311902", "reference_id": "1311902", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311902" }, { "reference_url": "https://security.gentoo.org/glsa/201612-47", "reference_id": "GLSA-201612-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0611", "reference_id": "RHSA-2016:0611", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0611" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0612", "reference_id": "RHSA-2016:0612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0613", "reference_id": "RHSA-2016:0613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0614", "reference_id": "RHSA-2016:0614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0618", "reference_id": "RHSA-2016:0618", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0618" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0619", "reference_id": "RHSA-2016:0619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0620", "reference_id": "RHSA-2016:0620", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0620" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0621", "reference_id": "RHSA-2016:0621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0623", "reference_id": "RHSA-2016:0623", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0623" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0624", "reference_id": "RHSA-2016:0624", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0625", "reference_id": "RHSA-2016:0625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0625" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4432?format=api", "purl": "pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2016-2111" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eaxm-5jgj-eqcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100676?format=api", "vulnerability_id": "VCID-egeg-4ds7-d3d1", "summary": "The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka \"BADLOCK.\"", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2118.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2118.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2118", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.78522", "scoring_system": "epss", "scoring_elements": "0.99061", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2118" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317990", "reference_id": "1317990", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317990" }, { "reference_url": "https://security.gentoo.org/glsa/201612-47", "reference_id": "GLSA-201612-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0611", "reference_id": "RHSA-2016:0611", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0611" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0612", "reference_id": "RHSA-2016:0612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0613", "reference_id": "RHSA-2016:0613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0614", "reference_id": "RHSA-2016:0614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0618", "reference_id": "RHSA-2016:0618", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0618" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0619", "reference_id": "RHSA-2016:0619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0620", "reference_id": "RHSA-2016:0620", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0620" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0621", "reference_id": "RHSA-2016:0621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0623", "reference_id": "RHSA-2016:0623", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0623" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0624", "reference_id": "RHSA-2016:0624", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0625", "reference_id": "RHSA-2016:0625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0625" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4432?format=api", "purl": "pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2016-2118" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-egeg-4ds7-d3d1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100672?format=api", "vulnerability_id": "VCID-enbr-g8ae-ubbc", "summary": "Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof LDAPS and HTTPS servers and obtain sensitive information via a crafted certificate.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2113.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2113.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2113", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04197", "scoring_system": "epss", "scoring_elements": "0.88919", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2113" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311910", "reference_id": "1311910", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311910" }, { "reference_url": "https://security.gentoo.org/glsa/201612-47", "reference_id": "GLSA-201612-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0612", "reference_id": "RHSA-2016:0612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0614", "reference_id": "RHSA-2016:0614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0618", "reference_id": "RHSA-2016:0618", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0618" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0620", "reference_id": "RHSA-2016:0620", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0620" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4432?format=api", "purl": "pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2016-2113" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-enbr-g8ae-ubbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100648?format=api", "vulnerability_id": "VCID-et6f-6gtc-5ues", "summary": "Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4408.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4408.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0295", "scoring_system": "epss", "scoring_elements": "0.86719", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018032", "reference_id": "1018032", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018032" }, { "reference_url": "https://security.gentoo.org/glsa/201502-15", "reference_id": "GLSA-201502-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201502-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1805", "reference_id": "RHSA-2013:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1806", "reference_id": "RHSA-2013:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0009", "reference_id": "RHSA-2014:0009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0009" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4431?format=api", "purl": "pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-yt92-mfwy-z7er" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7" } ], "aliases": [ "CVE-2013-4408" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-et6f-6gtc-5ues" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100656?format=api", "vulnerability_id": "VCID-j317-uv8e-6fgn", "summary": "The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0244.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0244.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0244", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20011", "scoring_system": "epss", "scoring_elements": "0.95588", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0244" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1097815", "reference_id": "1097815", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1097815" }, { "reference_url": "https://security.gentoo.org/glsa/201502-15", "reference_id": "GLSA-201502-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201502-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0866", "reference_id": "RHSA-2014:0866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0867", "reference_id": "RHSA-2014:0867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1009", "reference_id": "RHSA-2014:1009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1009" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4431?format=api", "purl": "pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-yt92-mfwy-z7er" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7" } ], "aliases": [ "CVE-2014-0244" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j317-uv8e-6fgn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6391?format=api", "vulnerability_id": "VCID-jmm9-r3u7-zufe", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14746.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14746.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14746", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.31253", "scoring_system": "epss", "scoring_elements": "0.96859", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14746" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511899", "reference_id": "1511899", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511899" }, { "reference_url": "https://security.archlinux.org/ASA-201712-1", "reference_id": "ASA-201712-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201712-1" }, { "reference_url": "https://security.archlinux.org/AVG-535", "reference_id": "AVG-535", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-535" }, { "reference_url": "https://security.gentoo.org/glsa/201805-07", "reference_id": "GLSA-201805-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201805-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3260", "reference_id": "RHSA-2017:3260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3261", "reference_id": "RHSA-2017:3261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3261" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3278", "reference_id": "RHSA-2017:3278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3278" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4435?format=api", "purl": "pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2017-14746" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jmm9-r3u7-zufe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4310?format=api", "vulnerability_id": "VCID-jnby-fw2x-xyf4", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1057.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1057.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1057", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07722", "scoring_system": "epss", "scoring_elements": "0.92075", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1057" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553553", "reference_id": "1553553", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553553" }, { "reference_url": "https://security.archlinux.org/ASA-201803-10", "reference_id": "ASA-201803-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-10" }, { "reference_url": "https://security.archlinux.org/AVG-651", "reference_id": "AVG-651", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-651" }, { "reference_url": "https://security.gentoo.org/glsa/201805-07", "reference_id": "GLSA-201805-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201805-07" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-1057" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jnby-fw2x-xyf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7021?format=api", "vulnerability_id": "VCID-kwqt-87ga-1bbn", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25722.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25722.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25722", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61724", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25722" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019764", "reference_id": "2019764", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019764" }, { "reference_url": "https://security.archlinux.org/AVG-2538", "reference_id": "AVG-2538", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2538" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-25722" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kwqt-87ga-1bbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100664?format=api", "vulnerability_id": "VCID-m364-w7f6-aug7", "summary": "Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5370.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5370.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5370", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21108", "scoring_system": "epss", "scoring_elements": "0.95764", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5370" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1309987", "reference_id": "1309987", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1309987" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0611", "reference_id": "RHSA-2016:0611", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0611" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0612", "reference_id": "RHSA-2016:0612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0613", "reference_id": "RHSA-2016:0613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0614", "reference_id": "RHSA-2016:0614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0618", "reference_id": "RHSA-2016:0618", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0618" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0619", "reference_id": "RHSA-2016:0619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0620", "reference_id": "RHSA-2016:0620", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0620" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0624", "reference_id": "RHSA-2016:0624", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0624" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4432?format=api", "purl": "pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2015-5370" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m364-w7f6-aug7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5843?format=api", "vulnerability_id": "VCID-m8f3-3jf6-2bdy", "summary": "denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10760.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10760.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10760", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02353", "scoring_system": "epss", "scoring_elements": "0.85198", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849509", "reference_id": "1849509", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849509" }, { "reference_url": "https://security.archlinux.org/AVG-1202", "reference_id": "AVG-1202", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1202" }, { "reference_url": "https://security.gentoo.org/glsa/202007-15", "reference_id": "GLSA-202007-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-10760" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m8f3-3jf6-2bdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5842?format=api", "vulnerability_id": "VCID-mxk6-6rwy-hfa3", "summary": "denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14303.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14303.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14303", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.26364", "scoring_system": "epss", "scoring_elements": "0.96413", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14303" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851298", "reference_id": "1851298", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851298" }, { "reference_url": "https://security.archlinux.org/AVG-1202", "reference_id": "AVG-1202", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1202" }, { "reference_url": "https://security.gentoo.org/glsa/202007-15", "reference_id": "GLSA-202007-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-14303" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mxk6-6rwy-hfa3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4666?format=api", "vulnerability_id": "VCID-n6xc-pvqq-9bgs", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2126.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2126.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2126", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04506", "scoring_system": "epss", "scoring_elements": "0.89323", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1403115", "reference_id": "1403115", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1403115" }, { "reference_url": "https://security.archlinux.org/ASA-201612-19", "reference_id": "ASA-201612-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-19" }, { "reference_url": "https://security.archlinux.org/AVG-111", "reference_id": "AVG-111", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-111" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0494", "reference_id": "RHSA-2017:0494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0495", "reference_id": "RHSA-2017:0495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0662", "reference_id": "RHSA-2017:0662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0744", "reference_id": "RHSA-2017:0744", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0744" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1265", "reference_id": "RHSA-2017:1265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1265" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4435?format=api", "purl": "pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" } ], "aliases": [ "CVE-2016-2126" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n6xc-pvqq-9bgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6198?format=api", "vulnerability_id": "VCID-njb3-9hmh-s3cg", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16857.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16857.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16857", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0224", "scoring_system": "epss", "scoring_elements": "0.84863", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16857" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649278", "reference_id": "1649278", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649278" }, { "reference_url": "https://security.archlinux.org/ASA-201811-22", "reference_id": "ASA-201811-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-22" }, { "reference_url": "https://security.archlinux.org/AVG-823", "reference_id": "AVG-823", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-823" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-16857" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-njb3-9hmh-s3cg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100673?format=api", "vulnerability_id": "VCID-p4mk-1t9q-sbb3", "summary": "The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the \"server signing = mandatory\" setting, which allows man-in-the-middle attackers to spoof SMB servers by modifying the client-server data stream.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2114.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2114.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2114", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05863", "scoring_system": "epss", "scoring_elements": "0.90727", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1312082", "reference_id": "1312082", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1312082" }, { "reference_url": "https://security.gentoo.org/glsa/201612-47", "reference_id": "GLSA-201612-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0612", "reference_id": "RHSA-2016:0612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0614", "reference_id": "RHSA-2016:0614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0618", "reference_id": "RHSA-2016:0618", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0618" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0620", "reference_id": "RHSA-2016:0620", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0620" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4432?format=api", "purl": "pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2016-2114" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p4mk-1t9q-sbb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5844?format=api", "vulnerability_id": "VCID-qn5w-t24w-xye5", "summary": "denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10745.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10745.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10745", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19658", "scoring_system": "epss", "scoring_elements": "0.95539", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10745" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849491", "reference_id": "1849491", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849491" }, { "reference_url": "https://security.archlinux.org/AVG-1202", "reference_id": "AVG-1202", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1202" }, { "reference_url": "https://security.gentoo.org/glsa/202007-15", "reference_id": "GLSA-202007-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-10745" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qn5w-t24w-xye5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7025?format=api", "vulnerability_id": "VCID-r7zv-4yyc-mqeu", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25717.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25717.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25717", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.67053", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25717" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019672", "reference_id": "2019672", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019672" }, { "reference_url": "https://security.archlinux.org/AVG-2538", "reference_id": "AVG-2538", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2538" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4843", "reference_id": "RHSA-2021:4843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4844", "reference_id": "RHSA-2021:4844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5082", "reference_id": "RHSA-2021:5082", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5082" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5192", "reference_id": "RHSA-2021:5192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0008", "reference_id": "RHSA-2022:0008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0074", "reference_id": "RHSA-2022:0074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0133", "reference_id": "RHSA-2022:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0443", "reference_id": "RHSA-2022:0443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0443" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-25717" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r7zv-4yyc-mqeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100667?format=api", "vulnerability_id": "VCID-sdjf-rkjd-sudg", "summary": "The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass intended access restrictions by leveraging the existence of a domain with both a Samba DC and a Windows DC, a similar issue to CVE-2015-2535.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8467.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8467.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8467", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01714", "scoring_system": "epss", "scoring_elements": "0.82702", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8467" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290294", "reference_id": "1290294", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290294" }, { "reference_url": "https://security.gentoo.org/glsa/201612-47", "reference_id": "GLSA-201612-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-47" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4431?format=api", "purl": "pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-yt92-mfwy-z7er" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7" } ], "aliases": [ "CVE-2015-8467" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sdjf-rkjd-sudg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6200?format=api", "vulnerability_id": "VCID-sg5x-7v6b-ffgk", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16852.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16852.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16852", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02897", "scoring_system": "epss", "scoring_elements": "0.86592", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16852" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646386", "reference_id": "1646386", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646386" }, { "reference_url": "https://security.archlinux.org/ASA-201811-22", "reference_id": "ASA-201811-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-22" }, { "reference_url": "https://security.archlinux.org/AVG-823", "reference_id": "AVG-823", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-823" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-16852" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sg5x-7v6b-ffgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7022?format=api", "vulnerability_id": "VCID-ssh4-ukvg-5fej", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25721.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25721.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25721", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58908", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021728", "reference_id": "2021728", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021728" }, { "reference_url": "https://security.archlinux.org/AVG-2538", "reference_id": "AVG-2538", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2538" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-25721" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ssh4-ukvg-5fej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75218?format=api", "vulnerability_id": "VCID-tyhs-5xjv-c7b5", "summary": "The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3223.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3223.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3223", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20255", "scoring_system": "epss", "scoring_elements": "0.95629", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290287", "reference_id": "1290287", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290287" }, { "reference_url": "https://security.gentoo.org/glsa/201612-47", "reference_id": "GLSA-201612-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0009", "reference_id": "RHSA-2016:0009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0014", "reference_id": "RHSA-2016:0014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0014" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4431?format=api", "purl": "pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-yt92-mfwy-z7er" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7" } ], "aliases": [ "CVE-2015-3223" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tyhs-5xjv-c7b5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7024?format=api", "vulnerability_id": "VCID-uwmy-xe5s-yubn", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25718.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25718.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25718", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41646", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019726", "reference_id": "2019726", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019726" }, { "reference_url": "https://security.archlinux.org/AVG-2538", "reference_id": "AVG-2538", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2538" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-25718" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uwmy-xe5s-yubn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4667?format=api", "vulnerability_id": "VCID-vedj-x1yz-3uec", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2125.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2125.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2125", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08663", "scoring_system": "epss", "scoring_elements": "0.92601", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1403114", "reference_id": "1403114", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1403114" }, { "reference_url": "https://security.archlinux.org/ASA-201612-19", "reference_id": "ASA-201612-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-19" }, { "reference_url": "https://security.archlinux.org/AVG-111", "reference_id": "AVG-111", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-111" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0494", "reference_id": "RHSA-2017:0494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0495", "reference_id": "RHSA-2017:0495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0662", "reference_id": "RHSA-2017:0662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0744", "reference_id": "RHSA-2017:0744", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0744" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1265", "reference_id": "RHSA-2017:1265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1265" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4435?format=api", "purl": "pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" } ], "aliases": [ "CVE-2016-2125" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vedj-x1yz-3uec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100669?format=api", "vulnerability_id": "VCID-vtne-we7s-tuet", "summary": "The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2110.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2110.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2110", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17748", "scoring_system": "epss", "scoring_elements": "0.95244", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2110" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311893", "reference_id": "1311893", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311893" }, { "reference_url": "https://security.gentoo.org/glsa/201612-47", "reference_id": "GLSA-201612-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0611", "reference_id": "RHSA-2016:0611", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0611" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0612", "reference_id": "RHSA-2016:0612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0613", "reference_id": "RHSA-2016:0613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0614", "reference_id": "RHSA-2016:0614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0618", "reference_id": "RHSA-2016:0618", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0618" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0619", "reference_id": "RHSA-2016:0619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0620", "reference_id": "RHSA-2016:0620", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0620" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0621", "reference_id": "RHSA-2016:0621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0623", "reference_id": "RHSA-2016:0623", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0623" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0624", "reference_id": "RHSA-2016:0624", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0625", "reference_id": "RHSA-2016:0625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0625" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4432?format=api", "purl": "pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2016-2110" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vtne-we7s-tuet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100661?format=api", "vulnerability_id": "VCID-x55t-cux2-q3gw", "summary": "vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5252.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5252.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5252", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17333", "scoring_system": "epss", "scoring_elements": "0.95169", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290288", "reference_id": "1290288", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290288" }, { "reference_url": "https://security.gentoo.org/glsa/201612-47", "reference_id": "GLSA-201612-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0006", "reference_id": "RHSA-2016:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0010", "reference_id": "RHSA-2016:0010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0011", "reference_id": "RHSA-2016:0011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0015", "reference_id": "RHSA-2016:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0016", "reference_id": "RHSA-2016:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0016" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4431?format=api", "purl": "pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-yt92-mfwy-z7er" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7" } ], "aliases": [ "CVE-2015-5252" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x55t-cux2-q3gw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100686?format=api", "vulnerability_id": "VCID-xvjy-amhr-z3d8", "summary": "Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2619.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2619.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2619", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.47493", "scoring_system": "epss", "scoring_elements": "0.97756", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2619" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429472", "reference_id": "1429472", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429472" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1039", "reference_id": "CVE-2017-2619", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1039" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/41740.txt", "reference_id": "CVE-2017-2619", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/41740.txt" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1265", "reference_id": "RHSA-2017:1265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2338", "reference_id": "RHSA-2017:2338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2778", "reference_id": "RHSA-2017:2778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2789", "reference_id": "RHSA-2017:2789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2789" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4435?format=api", "purl": "pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9" } ], "aliases": [ "CVE-2017-2619" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xvjy-amhr-z3d8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100671?format=api", "vulnerability_id": "VCID-yt92-mfwy-z7er", "summary": "The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the \"client ldap sasl wrapping\" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2112.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2112.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2112", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16609", "scoring_system": "epss", "scoring_elements": "0.95043", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2112" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311903", "reference_id": "1311903", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311903" }, { "reference_url": "https://security.gentoo.org/glsa/201612-47", "reference_id": "GLSA-201612-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0611", "reference_id": "RHSA-2016:0611", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0611" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0612", "reference_id": "RHSA-2016:0612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0613", "reference_id": "RHSA-2016:0613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0614", "reference_id": "RHSA-2016:0614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0618", "reference_id": "RHSA-2016:0618", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0618" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0619", "reference_id": "RHSA-2016:0619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0620", "reference_id": "RHSA-2016:0620", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0620" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0624", "reference_id": "RHSA-2016:0624", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0624" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4432?format=api", "purl": "pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2016-2112" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yt92-mfwy-z7er" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100662?format=api", "vulnerability_id": "VCID-zfyb-9wrs-eyfx", "summary": "Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream, related to clidfs.c, libsmb_server.c, and smbXcli_base.c.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5296.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5296.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5296", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03652", "scoring_system": "epss", "scoring_elements": "0.88073", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290292", "reference_id": "1290292", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290292" }, { "reference_url": "https://security.gentoo.org/glsa/201612-47", "reference_id": "GLSA-201612-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0006", "reference_id": "RHSA-2016:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0010", "reference_id": "RHSA-2016:0010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0011", "reference_id": "RHSA-2016:0011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0015", "reference_id": "RHSA-2016:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0016", "reference_id": "RHSA-2016:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0016" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4431?format=api", "purl": "pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-c99r-m2v5-zqa3" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-yt92-mfwy-z7er" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7" } ], "aliases": [ "CVE-2015-5296" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zfyb-9wrs-eyfx" } ], "fixing_vulnerabilities": [], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2.2.3a-15" }