Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/samba@4.12.9-r0?arch=aarch64&distroversion=v3.20&reponame=main

Type apk

Namespace alpine

Name samba

Version 4.12.9-r0

Qualifiers

arch	aarch64
distroversion	v3.20
reponame	main

Subpath

Is_vulnerable false

Next_non_vulnerable_version 4.14.2-r0

Latest_non_vulnerable_version 4.18.9-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-7q6r-9cgn-5kfp

vulnerability_id VCID-7q6r-9cgn-5kfp

summary A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14318.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14318.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14318

reference_id

reference_type

scores

value	0.00157
scoring_system	epss
scoring_elements	0.36232
published_at	2026-06-04T12:55:00Z

value	0.00157
scoring_system	epss
scoring_elements	0.36336
published_at	2026-06-06T12:55:00Z

value	0.00157
scoring_system	epss
scoring_elements	0.36327
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14318

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14318
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14318

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1892631

reference_id

1892631

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T14:56:23Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1892631

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973400
reference_id	973400
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973400

reference_url

https://www.samba.org/samba/security/CVE-2020-14318.html

reference_id

CVE-2020-14318.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T14:56:23Z/

url

https://www.samba.org/samba/security/CVE-2020-14318.html

reference_url

https://security.gentoo.org/glsa/202012-24

reference_id

GLSA-202012-24

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T14:56:23Z/

url

https://security.gentoo.org/glsa/202012-24

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T14:56:23Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

reference_url	https://access.redhat.com/errata/RHSA-2020:5439
reference_id	RHSA-2020:5439
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5439

reference_url	https://access.redhat.com/errata/RHSA-2021:1647
reference_id	RHSA-2021:1647
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1647

reference_url	https://access.redhat.com/errata/RHSA-2021:3723
reference_id	RHSA-2021:3723
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3723

reference_url	https://usn.ubuntu.com/4611-1/
reference_id	USN-4611-1
reference_type
scores
url	https://usn.ubuntu.com/4611-1/

reference_url	https://usn.ubuntu.com/4931-1/
reference_id	USN-4931-1
reference_type
scores
url	https://usn.ubuntu.com/4931-1/

fixed_packages

url	pkg:apk/alpine/samba@4.12.9-r0?arch=aarch64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/samba@4.12.9-r0?arch=aarch64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.12.9-r0%3Farch=aarch64&distroversion=v3.20&reponame=main

aliases CVE-2020-14318

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7q6r-9cgn-5kfp

url VCID-m1qp-m1d3-nbgw

vulnerability_id VCID-m1qp-m1d3-nbgw

summary A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14323.json

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14323.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14323

reference_id

reference_type

scores

value	0.00421
scoring_system	epss
scoring_elements	0.62414
published_at	2026-06-06T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.6236
published_at	2026-06-04T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62406
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14323

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14323
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14323

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1891685

reference_id

1891685

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1891685

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973399
reference_id	973399
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973399

reference_url

https://www.samba.org/samba/security/CVE-2020-14323.html

reference_id

CVE-2020-14323.html

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

https://www.samba.org/samba/security/CVE-2020-14323.html

reference_url

https://security.gentoo.org/glsa/202012-24

reference_id

GLSA-202012-24

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

https://security.gentoo.org/glsa/202012-24

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JE2M4FE3N3EDXVG4UKSVFPL7SQUGFFDP/

reference_id

JE2M4FE3N3EDXVG4UKSVFPL7SQUGFFDP

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JE2M4FE3N3EDXVG4UKSVFPL7SQUGFFDP/

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00008.html

reference_id

msg00008.html

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00008.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00012.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

reference_url

https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html

reference_id

msg00041.html

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html

reference_url

https://security.netapp.com/advisory/ntap-20201103-0001/

reference_id

ntap-20201103-0001

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

https://security.netapp.com/advisory/ntap-20201103-0001/

reference_url	https://access.redhat.com/errata/RHSA-2020:5439
reference_id	RHSA-2020:5439
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5439

reference_url	https://access.redhat.com/errata/RHSA-2021:1647
reference_id	RHSA-2021:1647
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1647

reference_url	https://access.redhat.com/errata/RHSA-2021:3723
reference_id	RHSA-2021:3723
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3723

reference_url	https://usn.ubuntu.com/4611-1/
reference_id	USN-4611-1
reference_type
scores
url	https://usn.ubuntu.com/4611-1/

reference_url	https://usn.ubuntu.com/4931-1/
reference_id	USN-4931-1
reference_type
scores
url	https://usn.ubuntu.com/4931-1/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6HM73N4NEGFW5GIJJGGP6ZZBS6GTXPB/

reference_id

W6HM73N4NEGFW5GIJJGGP6ZZBS6GTXPB

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6HM73N4NEGFW5GIJJGGP6ZZBS6GTXPB/

fixed_packages

url	pkg:apk/alpine/samba@4.12.9-r0?arch=aarch64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/samba@4.12.9-r0?arch=aarch64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.12.9-r0%3Farch=aarch64&distroversion=v3.20&reponame=main

aliases CVE-2020-14323

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m1qp-m1d3-nbgw

url VCID-t35b-ur7m-vqeu

vulnerability_id VCID-t35b-ur7m-vqeu

summary A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate, but many RPC services will not.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14383.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14383.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14383

reference_id

reference_type

scores

value	0.00465
scoring_system	epss
scoring_elements	0.64688
published_at	2026-06-04T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64738
published_at	2026-06-06T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64729
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14383

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1892636

reference_id

1892636

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:10:17Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1892636

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973398
reference_id	973398
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973398

reference_url

https://www.samba.org/samba/security/CVE-2020-14383.html

reference_id

CVE-2020-14383.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:10:17Z/

url

https://www.samba.org/samba/security/CVE-2020-14383.html

reference_url

https://security.gentoo.org/glsa/202012-24

reference_id

GLSA-202012-24

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:10:17Z/

url

https://security.gentoo.org/glsa/202012-24

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:10:17Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

reference_url	https://usn.ubuntu.com/4611-1/
reference_id	USN-4611-1
reference_type
scores
url	https://usn.ubuntu.com/4611-1/

reference_url	https://usn.ubuntu.com/4931-1/
reference_id	USN-4931-1
reference_type
scores
url	https://usn.ubuntu.com/4931-1/

fixed_packages

url	pkg:apk/alpine/samba@4.12.9-r0?arch=aarch64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/samba@4.12.9-r0?arch=aarch64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.12.9-r0%3Farch=aarch64&distroversion=v3.20&reponame=main

aliases CVE-2020-14383

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t35b-ur7m-vqeu

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.12.9-r0%3Farch=aarch64&distroversion=v3.20&reponame=main

Package Instance