Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/samba@4.11.5-r0?arch=ppc64le&distroversion=v3.11&reponame=main

Type apk

Namespace alpine

Name samba

Version 4.11.5-r0

Qualifiers

arch	ppc64le
distroversion	v3.11
reponame	main

Subpath

Is_vulnerable false

Next_non_vulnerable_version 4.11.8-r0

Latest_non_vulnerable_version 4.11.16-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-rsz9-y661-qfce

vulnerability_id VCID-rsz9-y661-qfce

summary There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19344.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19344.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-19344

reference_id

reference_type

scores

value	0.02193
scoring_system	epss
scoring_elements	0.84704
published_at	2026-06-04T12:55:00Z

value	0.02193
scoring_system	epss
scoring_elements	0.84728
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-19344

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19344
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19344

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1791204
reference_id	1791204
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1791204

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950499
reference_id	950499
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950499

reference_url	https://security.gentoo.org/glsa/202003-52
reference_id	GLSA-202003-52
reference_type
scores
url	https://security.gentoo.org/glsa/202003-52

reference_url	https://usn.ubuntu.com/4244-1/
reference_id	USN-4244-1
reference_type
scores
url	https://usn.ubuntu.com/4244-1/

fixed_packages

url	pkg:apk/alpine/samba@4.11.5-r0?arch=ppc64le&distroversion=v3.11&reponame=main
purl	pkg:apk/alpine/samba@4.11.5-r0?arch=ppc64le&distroversion=v3.11&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.11.5-r0%3Farch=ppc64le&distroversion=v3.11&reponame=main

aliases CVE-2019-19344

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rsz9-y661-qfce

url VCID-u4fr-s35u-8khu

vulnerability_id VCID-u4fr-s35u-8khu

summary There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14902.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14902.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14902

reference_id

reference_type

scores

value	0.03503
scoring_system	epss
scoring_elements	0.87826
published_at	2026-06-04T12:55:00Z

value	0.03503
scoring_system	epss
scoring_elements	0.87848
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14902

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14902
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14902

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1791201
reference_id	1791201
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1791201

reference_url	https://security.gentoo.org/glsa/202003-52
reference_id	GLSA-202003-52
reference_type
scores
url	https://security.gentoo.org/glsa/202003-52

reference_url	https://usn.ubuntu.com/4244-1/
reference_id	USN-4244-1
reference_type
scores
url	https://usn.ubuntu.com/4244-1/

fixed_packages

url	pkg:apk/alpine/samba@4.11.5-r0?arch=ppc64le&distroversion=v3.11&reponame=main
purl	pkg:apk/alpine/samba@4.11.5-r0?arch=ppc64le&distroversion=v3.11&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.11.5-r0%3Farch=ppc64le&distroversion=v3.11&reponame=main

aliases CVE-2019-14902

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u4fr-s35u-8khu

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.11.5-r0%3Farch=ppc64le&distroversion=v3.11&reponame=main

Package Instance