Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/5328?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/5328?format=api", "purl": "pkg:deb/debian/ldb@1:1.1.17-1~bpo70%2B1", "type": "deb", "namespace": "debian", "name": "ldb", "version": "1:1.1.17-1~bpo70+1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2:2.2.3-2~deb11u2", "latest_non_vulnerable_version": "2:2.2.3-2~deb11u2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75222?format=api", "vulnerability_id": "VCID-5tc4-e6tj-3qfa", "summary": "A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20277.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20277.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20277", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09838", "scoring_system": "epss", "scoring_elements": "0.93121", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.09838", "scoring_system": "epss", "scoring_elements": "0.93132", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.09838", "scoring_system": "epss", "scoring_elements": "0.93131", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941402", "reference_id": "1941402", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941402" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985935", "reference_id": "985935", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985935" }, { "reference_url": "https://security.archlinux.org/AVG-1732", "reference_id": "AVG-1732", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1732" }, { "reference_url": "https://security.archlinux.org/AVG-1734", "reference_id": "AVG-1734", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1734" }, { "reference_url": "https://security.gentoo.org/glsa/202105-22", "reference_id": "GLSA-202105-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-22" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1072", "reference_id": "RHSA-2021:1072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1197", "reference_id": "RHSA-2021:1197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1213", "reference_id": "RHSA-2021:1213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1214", "reference_id": "RHSA-2021:1214", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1214" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2331", "reference_id": "RHSA-2021:2331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2786", "reference_id": "RHSA-2021:2786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2786" }, { "reference_url": "https://usn.ubuntu.com/4888-1/", "reference_id": "USN-4888-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4888-1/" }, { "reference_url": "https://usn.ubuntu.com/4888-2/", "reference_id": "USN-4888-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4888-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5332?format=api", "purl": "pkg:deb/debian/ldb@2:1.5.1%2Breally1.4.6-3%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-usyw-3jt1-xyez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ldb@2:1.5.1%252Breally1.4.6-3%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/5925?format=api", "purl": "pkg:deb/debian/ldb@2:2.2.3-2~deb11u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ldb@2:2.2.3-2~deb11u2" } ], "aliases": [ "CVE-2021-20277" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5tc4-e6tj-3qfa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75219?format=api", "vulnerability_id": "VCID-68mw-cr8k-qfgs", "summary": "ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5330.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5330.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5330", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01625", "scoring_system": "epss", "scoring_elements": "0.82196", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01625", "scoring_system": "epss", "scoring_elements": "0.82225", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01625", "scoring_system": "epss", "scoring_elements": "0.82226", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5330" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281326", "reference_id": "1281326", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281326" }, { "reference_url": "https://security.gentoo.org/glsa/201612-47", "reference_id": "GLSA-201612-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0006", "reference_id": "RHSA-2016:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0009", "reference_id": "RHSA-2016:0009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0010", "reference_id": "RHSA-2016:0010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0014", "reference_id": "RHSA-2016:0014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0015", "reference_id": "RHSA-2016:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0016", "reference_id": "RHSA-2016:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0016" }, { "reference_url": "https://usn.ubuntu.com/2855-1/", "reference_id": "USN-2855-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2855-1/" }, { "reference_url": "https://usn.ubuntu.com/2856-1/", "reference_id": "USN-2856-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2856-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5331?format=api", "purl": "pkg:deb/debian/ldb@2:1.1.27-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-vutz-f18f-z7a2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ldb@2:1.1.27-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-5330" ], "risk_score": 1.0, "exploitability": "0.5", "weighted_severity": "2.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-68mw-cr8k-qfgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5845?format=api", "vulnerability_id": "VCID-8ztz-2n8a-gqbm", "summary": "denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10730.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10730.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10730", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03789", "scoring_system": "epss", "scoring_elements": "0.88279", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03789", "scoring_system": "epss", "scoring_elements": "0.88298", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03789", "scoring_system": "epss", "scoring_elements": "0.88301", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849489", "reference_id": "1849489", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849489" }, { "reference_url": "https://security.archlinux.org/AVG-1202", "reference_id": "AVG-1202", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1202" }, { "reference_url": "https://security.gentoo.org/glsa/202007-15", "reference_id": "GLSA-202007-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3118", "reference_id": "RHSA-2020:3118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3119", "reference_id": "RHSA-2020:3119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4568", "reference_id": "RHSA-2020:4568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4568" }, { "reference_url": "https://usn.ubuntu.com/4409-1/", "reference_id": "USN-4409-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4409-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5332?format=api", "purl": "pkg:deb/debian/ldb@2:1.5.1%2Breally1.4.6-3%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-usyw-3jt1-xyez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ldb@2:1.5.1%252Breally1.4.6-3%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/5925?format=api", "purl": "pkg:deb/debian/ldb@2:2.2.3-2~deb11u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ldb@2:2.2.3-2~deb11u2" } ], "aliases": [ "CVE-2020-10730" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8ztz-2n8a-gqbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75221?format=api", "vulnerability_id": "VCID-e2b4-vjgq-sbdq", "summary": "A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27840.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27840.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27840", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14523", "scoring_system": "epss", "scoring_elements": "0.9458", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.14523", "scoring_system": "epss", "scoring_elements": "0.94589", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.14523", "scoring_system": "epss", "scoring_elements": "0.9459", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941400", "reference_id": "1941400", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941400" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985936", "reference_id": "985936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985936" }, { "reference_url": "https://security.archlinux.org/AVG-1732", "reference_id": "AVG-1732", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1732" }, { "reference_url": "https://security.archlinux.org/AVG-1734", "reference_id": "AVG-1734", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1734" }, { "reference_url": "https://security.gentoo.org/glsa/202105-22", "reference_id": "GLSA-202105-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-22" }, { "reference_url": "https://usn.ubuntu.com/4888-1/", "reference_id": "USN-4888-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4888-1/" }, { "reference_url": "https://usn.ubuntu.com/4888-2/", "reference_id": "USN-4888-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4888-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5332?format=api", "purl": "pkg:deb/debian/ldb@2:1.5.1%2Breally1.4.6-3%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-usyw-3jt1-xyez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ldb@2:1.5.1%252Breally1.4.6-3%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/5925?format=api", "purl": "pkg:deb/debian/ldb@2:2.2.3-2~deb11u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ldb@2:2.2.3-2~deb11u2" } ], "aliases": [ "CVE-2020-27840" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e2b4-vjgq-sbdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75218?format=api", "vulnerability_id": "VCID-tyhs-5xjv-c7b5", "summary": "The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3223.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3223.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3223", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20255", "scoring_system": "epss", "scoring_elements": "0.95629", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.20255", "scoring_system": "epss", "scoring_elements": "0.95635", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.20255", "scoring_system": "epss", "scoring_elements": "0.95639", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290287", "reference_id": "1290287", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290287" }, { "reference_url": "https://security.gentoo.org/glsa/201612-47", "reference_id": "GLSA-201612-47", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-47" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0009", "reference_id": "RHSA-2016:0009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0014", "reference_id": "RHSA-2016:0014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0014" }, { "reference_url": "https://usn.ubuntu.com/2855-1/", "reference_id": "USN-2855-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2855-1/" }, { "reference_url": "https://usn.ubuntu.com/2856-1/", "reference_id": "USN-2856-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2856-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5331?format=api", "purl": "pkg:deb/debian/ldb@2:1.1.27-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-vutz-f18f-z7a2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ldb@2:1.1.27-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-3223" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tyhs-5xjv-c7b5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75223?format=api", "vulnerability_id": "VCID-usyw-3jt1-xyez", "summary": "MaxQueryDuration not honoured in Samba AD DC LDAP", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3670.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3670.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3670", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03426", "scoring_system": "epss", "scoring_elements": "0.87679", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03426", "scoring_system": "epss", "scoring_elements": "0.877", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03426", "scoring_system": "epss", "scoring_elements": "0.87702", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3670" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3670" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077533", "reference_id": "2077533", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077533" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://usn.ubuntu.com/5542-1/", "reference_id": "USN-5542-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5542-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5925?format=api", "purl": "pkg:deb/debian/ldb@2:2.2.3-2~deb11u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ldb@2:2.2.3-2~deb11u2" } ], "aliases": [ "CVE-2021-3670" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-usyw-3jt1-xyez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75220?format=api", "vulnerability_id": "VCID-vutz-f18f-z7a2", "summary": "A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3824.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3824.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3824", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07704", "scoring_system": "epss", "scoring_elements": "0.92063", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.07704", "scoring_system": "epss", "scoring_elements": "0.92076", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.07704", "scoring_system": "epss", "scoring_elements": "0.92073", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3824" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3824" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671845", "reference_id": "1671845", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671845" }, { "reference_url": "https://usn.ubuntu.com/3895-1/", "reference_id": "USN-3895-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3895-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5331?format=api", "purl": "pkg:deb/debian/ldb@2:1.1.27-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-vutz-f18f-z7a2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ldb@2:1.1.27-1%252Bdeb9u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/5332?format=api", "purl": "pkg:deb/debian/ldb@2:1.5.1%2Breally1.4.6-3%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-usyw-3jt1-xyez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ldb@2:1.5.1%252Breally1.4.6-3%252Bdeb10u1" } ], "aliases": [ "CVE-2019-3824" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vutz-f18f-z7a2" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ldb@1:1.1.17-1~bpo70%252B1" }