Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/5394?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "type": "deb", "namespace": "debian", "name": "samba", "version": "2:4.9.5+dfsg-5+deb10u3", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2:4.17.12+dfsg-0+deb12u2", "latest_non_vulnerable_version": "2:4.17.12+dfsg-0+deb12u2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3643?format=api", "vulnerability_id": "VCID-1yzz-fu2r-rqgy", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44142.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44142.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44142", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.35695", "scoring_system": "epss", "scoring_elements": "0.97167", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.35695", "scoring_system": "epss", "scoring_elements": "0.97161", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.35695", "scoring_system": "epss", "scoring_elements": "0.97165", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.35695", "scoring_system": "epss", "scoring_elements": "0.97169", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.35695", "scoring_system": "epss", "scoring_elements": "0.97168", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44142" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004693", "reference_id": "1004693", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004693" }, { "reference_url": "https://kb.cert.org/vuls/id/119678", "reference_id": "119678", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/" } ], "url": "https://kb.cert.org/vuls/id/119678" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046146", "reference_id": "2046146", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046146" }, { "reference_url": "https://security.archlinux.org/AVG-2648", "reference_id": "AVG-2648", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2648" }, { "reference_url": "https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin", "reference_id": "cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/" } ], "url": "https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin" }, { "reference_url": "https://www.samba.org/samba/security/CVE-2021-44142.html", "reference_id": "CVE-2021-44142.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/" } ], "url": "https://www.samba.org/samba/security/CVE-2021-44142.html" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/" } ], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0328", "reference_id": "RHSA-2022:0328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0329", "reference_id": "RHSA-2022:0329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0330", "reference_id": "RHSA-2022:0330", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0330" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0331", "reference_id": "RHSA-2022:0331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0332", "reference_id": "RHSA-2022:0332", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0457", "reference_id": "RHSA-2022:0457", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0457" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0458", "reference_id": "RHSA-2022:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0663", "reference_id": "RHSA-2022:0663", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0663" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0664", "reference_id": "RHSA-2022:0664", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0664" }, { "reference_url": "https://bugzilla.samba.org/show_bug.cgi?id=14914", "reference_id": "show_bug.cgi?id=14914", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/" } ], "url": "https://bugzilla.samba.org/show_bug.cgi?id=14914" }, { "reference_url": "https://usn.ubuntu.com/5260-1/", "reference_id": "USN-5260-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5260-1/" }, { "reference_url": "https://usn.ubuntu.com/5260-2/", "reference_id": "USN-5260-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5260-2/" }, { "reference_url": "https://usn.ubuntu.com/5260-3/", "reference_id": "USN-5260-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5260-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2021-44142" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1yzz-fu2r-rqgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100708?format=api", "vulnerability_id": "VCID-2f2r-y1tw-pyeq", "summary": "All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with \"log level = 3\" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process(such as the RPC server) to terminate. (In the file server case, the most likely target, smbd, operates as process-per-client and so a crash there is harmless).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14907.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14907.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14907", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10242", "scoring_system": "epss", "scoring_elements": "0.93286", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.10242", "scoring_system": "epss", "scoring_elements": "0.93298", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.10242", "scoring_system": "epss", "scoring_elements": "0.93296", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.10242", "scoring_system": "epss", "scoring_elements": "0.93294", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14907" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791207", "reference_id": "1791207", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791207" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0943", "reference_id": "RHSA-2020:0943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1878", "reference_id": "RHSA-2020:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3981", "reference_id": "RHSA-2020:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3981" }, { "reference_url": "https://usn.ubuntu.com/4244-1/", "reference_id": "USN-4244-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4244-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2019-14907" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2f2r-y1tw-pyeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95276?format=api", "vulnerability_id": "VCID-5e5h-6dg4-ryd4", "summary": "samba: infinite loop in mdssvc RPC service for spotlight", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34966.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34966.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-34966", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.1431", "scoring_system": "epss", "scoring_elements": "0.94538", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.1431", "scoring_system": "epss", "scoring_elements": "0.9454", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.1431", "scoring_system": "epss", "scoring_elements": "0.94542", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-34966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222793", "reference_id": "2222793", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222793" }, { "reference_url": "https://security.gentoo.org/glsa/202402-28", "reference_id": "GLSA-202402-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6667", "reference_id": "RHSA-2023:6667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7139", "reference_id": "RHSA-2023:7139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0423", "reference_id": "RHSA-2024:0423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0580", "reference_id": "RHSA-2024:0580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4101", "reference_id": "RHSA-2024:4101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4101" }, { "reference_url": "https://usn.ubuntu.com/6238-1/", "reference_id": "USN-6238-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6238-1/" }, { "reference_url": "https://usn.ubuntu.com/7582-1/", "reference_id": "USN-7582-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7582-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2023-34966" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5e5h-6dg4-ryd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7023?format=api", "vulnerability_id": "VCID-5tub-1spq-b7c7", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25719.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25719.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25719", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43839", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43857", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43917", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43892", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43909", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019732", "reference_id": "2019732", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019732" }, { "reference_url": "https://security.archlinux.org/AVG-2538", "reference_id": "AVG-2538", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2538" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5142", "reference_id": "RHSA-2021:5142", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5142" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5195", "reference_id": "RHSA-2021:5195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0007", "reference_id": "RHSA-2022:0007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0076", "reference_id": "RHSA-2022:0076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0076" }, { "reference_url": "https://usn.ubuntu.com/5142-1/", "reference_id": "USN-5142-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5142-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-25719" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5tub-1spq-b7c7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100725?format=api", "vulnerability_id": "VCID-76dk-atu1-ebbm", "summary": "All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43566.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43566.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43566", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.5852", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58568", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58555", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58577", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58569", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43566" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004691", "reference_id": "1004691", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004691" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009676", "reference_id": "2009676", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009676" }, { "reference_url": "https://usn.ubuntu.com/5260-1/", "reference_id": "USN-5260-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5260-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2021-43566" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-76dk-atu1-ebbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100715?format=api", "vulnerability_id": "VCID-7q6r-9cgn-5kfp", "summary": "A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14318.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14318.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14318", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36232", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36261", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36327", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36336", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36297", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14318" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14318", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14318" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892631", "reference_id": "1892631", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T14:56:23Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892631" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973400", "reference_id": "973400", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973400" }, { "reference_url": "https://www.samba.org/samba/security/CVE-2020-14318.html", "reference_id": "CVE-2020-14318.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T14:56:23Z/" } ], "url": "https://www.samba.org/samba/security/CVE-2020-14318.html" }, { "reference_url": "https://security.gentoo.org/glsa/202012-24", "reference_id": "GLSA-202012-24", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T14:56:23Z/" } ], "url": "https://security.gentoo.org/glsa/202012-24" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T14:56:23Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5439", "reference_id": "RHSA-2020:5439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1647", "reference_id": "RHSA-2021:1647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3723", "reference_id": "RHSA-2021:3723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3723" }, { "reference_url": "https://usn.ubuntu.com/4611-1/", "reference_id": "USN-4611-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4611-1/" }, { "reference_url": "https://usn.ubuntu.com/4931-1/", "reference_id": "USN-4931-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4931-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-14318" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7q6r-9cgn-5kfp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95290?format=api", "vulnerability_id": "VCID-8yhb-ghew-b3bw", "summary": "samba: spotlight server-side share path disclosure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34968.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34968.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-34968", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02345", "scoring_system": "epss", "scoring_elements": "0.85198", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02345", "scoring_system": "epss", "scoring_elements": "0.85203", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02345", "scoring_system": "epss", "scoring_elements": "0.85197", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02345", "scoring_system": "epss", "scoring_elements": "0.85186", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-34968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222795", "reference_id": "2222795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222795" }, { "reference_url": "https://security.gentoo.org/glsa/202402-28", "reference_id": "GLSA-202402-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6667", "reference_id": "RHSA-2023:6667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7139", "reference_id": "RHSA-2023:7139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0423", "reference_id": "RHSA-2024:0423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0580", "reference_id": "RHSA-2024:0580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0580" }, { "reference_url": "https://usn.ubuntu.com/6238-1/", "reference_id": "USN-6238-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6238-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2023-34968" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8yhb-ghew-b3bw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5845?format=api", "vulnerability_id": "VCID-8ztz-2n8a-gqbm", "summary": "denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10730.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10730.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10730", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03789", "scoring_system": "epss", "scoring_elements": "0.88301", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.03789", "scoring_system": "epss", "scoring_elements": "0.88279", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03789", "scoring_system": "epss", "scoring_elements": "0.883", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.03789", "scoring_system": "epss", "scoring_elements": "0.88298", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849489", "reference_id": "1849489", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849489" }, { "reference_url": "https://security.archlinux.org/AVG-1202", "reference_id": "AVG-1202", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1202" }, { "reference_url": "https://security.gentoo.org/glsa/202007-15", "reference_id": "GLSA-202007-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3118", "reference_id": "RHSA-2020:3118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3119", "reference_id": "RHSA-2020:3119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4568", "reference_id": "RHSA-2020:4568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4568" }, { "reference_url": "https://usn.ubuntu.com/4409-1/", "reference_id": "USN-4409-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4409-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-10730" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8ztz-2n8a-gqbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100722?format=api", "vulnerability_id": "VCID-95dq-xd5m-judz", "summary": "A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20254.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20254.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20254", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01764", "scoring_system": "epss", "scoring_elements": "0.82989", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01764", "scoring_system": "epss", "scoring_elements": "0.82981", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01764", "scoring_system": "epss", "scoring_elements": "0.82966", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01764", "scoring_system": "epss", "scoring_elements": "0.82993", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20254" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20254" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1949442", "reference_id": "1949442", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1949442" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987811", "reference_id": "987811", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987811" }, { "reference_url": "https://security.archlinux.org/AVG-1893", "reference_id": "AVG-1893", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1893" }, { "reference_url": "https://security.gentoo.org/glsa/202105-22", "reference_id": "GLSA-202105-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-22" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2313", "reference_id": "RHSA-2021:2313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2313" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3723", "reference_id": "RHSA-2021:3723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3724", "reference_id": "RHSA-2021:3724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3988", "reference_id": "RHSA-2021:3988", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3988" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4058", "reference_id": "RHSA-2021:4058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4866", "reference_id": "RHSA-2021:4866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4866" }, { "reference_url": "https://usn.ubuntu.com/4930-1/", "reference_id": "USN-4930-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4930-1/" }, { "reference_url": "https://usn.ubuntu.com/4931-1/", "reference_id": "USN-4931-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4931-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2021-20254" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-95dq-xd5m-judz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4862?format=api", "vulnerability_id": "VCID-9bk5-pgap-1khn", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32744.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32744.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32744", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.67016", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.67034", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.67066", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.6705", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.67057", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449", "reference_id": "1016449", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108205", "reference_id": "2108205", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108205" }, { "reference_url": "https://security.archlinux.org/AVG-2782", "reference_id": "AVG-2782", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2782" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://usn.ubuntu.com/5542-1/", "reference_id": "USN-5542-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5542-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2022-32744" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9bk5-pgap-1khn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4860?format=api", "vulnerability_id": "VCID-aza7-wkqb-m7h1", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32746.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32746.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32746", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58992", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.59021", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.59045", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.59037", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.5904", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32746" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449", "reference_id": "1016449", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108215", "reference_id": "2108215", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108215" }, { "reference_url": "https://security.archlinux.org/AVG-2782", "reference_id": "AVG-2782", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2782" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7730", "reference_id": "RHSA-2022:7730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8318", "reference_id": "RHSA-2022:8318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8318" }, { "reference_url": "https://usn.ubuntu.com/5542-1/", "reference_id": "USN-5542-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5542-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2022-32746" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aza7-wkqb-m7h1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72445?format=api", "vulnerability_id": "VCID-b843-h976-aqhr", "summary": "A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3671.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3671.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3671", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05139", "scoring_system": "epss", "scoring_elements": "0.90036", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.05139", "scoring_system": "epss", "scoring_elements": "0.90047", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.05139", "scoring_system": "epss", "scoring_elements": "0.9005", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.05139", "scoring_system": "epss", "scoring_elements": "0.90048", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.05139", "scoring_system": "epss", "scoring_elements": "0.90051", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013080", "reference_id": "2013080", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013080" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996586", "reference_id": "996586", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996586" }, { "reference_url": "https://security.archlinux.org/AVG-2418", "reference_id": "AVG-2418", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2418" }, { "reference_url": "https://usn.ubuntu.com/5142-1/", "reference_id": "USN-5142-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5142-1/" }, { "reference_url": "https://usn.ubuntu.com/5174-1/", "reference_id": "USN-5174-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5174-1/" }, { "reference_url": "https://usn.ubuntu.com/5675-1/", "reference_id": "USN-5675-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5675-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2021-3671" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b843-h976-aqhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100703?format=api", "vulnerability_id": "VCID-bykg-wucu-duay", "summary": "A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for password complexity. This configuration can fail to verify password complexity when non-ASCII characters are used in the password, which could lead to weak passwords being set for samba users, making it vulnerable to dictionary attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14833.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14833.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14833", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01267", "scoring_system": "epss", "scoring_elements": "0.79803", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01267", "scoring_system": "epss", "scoring_elements": "0.79818", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01267", "scoring_system": "epss", "scoring_elements": "0.79834", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01267", "scoring_system": "epss", "scoring_elements": "0.79829", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01267", "scoring_system": "epss", "scoring_elements": "0.79828", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14833" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764126", "reference_id": "1764126", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764126" }, { "reference_url": "https://security.archlinux.org/ASA-201911-6", "reference_id": "ASA-201911-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201911-6" }, { "reference_url": "https://security.archlinux.org/AVG-1057", "reference_id": "AVG-1057", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1057" }, { "reference_url": "https://usn.ubuntu.com/4167-1/", "reference_id": "USN-4167-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4167-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2019-14833" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bykg-wucu-duay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100704?format=api", "vulnerability_id": "VCID-d4jx-h2cx-kbf3", "summary": "A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14847.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14847.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14847", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02434", "scoring_system": "epss", "scoring_elements": "0.85437", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02434", "scoring_system": "epss", "scoring_elements": "0.85446", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.02434", "scoring_system": "epss", "scoring_elements": "0.85465", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02434", "scoring_system": "epss", "scoring_elements": "0.8546", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02434", "scoring_system": "epss", "scoring_elements": "0.85461", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14847" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14847", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14847" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764142", "reference_id": "1764142", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764142" }, { "reference_url": "https://security.archlinux.org/ASA-201911-6", "reference_id": "ASA-201911-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201911-6" }, { "reference_url": "https://security.archlinux.org/AVG-1057", "reference_id": "AVG-1057", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1057" }, { "reference_url": "https://usn.ubuntu.com/4167-1/", "reference_id": "USN-4167-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4167-1/" }, { "reference_url": "https://usn.ubuntu.com/4167-2/", "reference_id": "USN-4167-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4167-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2019-14847" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d4jx-h2cx-kbf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7018?format=api", "vulnerability_id": "VCID-dzyk-akhc-t7d2", "summary": "silent downgrade", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2124.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2124.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2124", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.72408", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.72361", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.72388", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.72374", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00699", "scoring_system": "epss", "scoring_elements": "0.72402", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019660", "reference_id": "2019660", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019660" }, { "reference_url": "https://security.archlinux.org/AVG-2539", "reference_id": "AVG-2539", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2539" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4843", "reference_id": "RHSA-2021:4843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4844", "reference_id": "RHSA-2021:4844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5082", "reference_id": "RHSA-2021:5082", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5082" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5192", "reference_id": "RHSA-2021:5192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0008", "reference_id": "RHSA-2022:0008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0074", "reference_id": "RHSA-2022:0074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0074" }, { "reference_url": "https://usn.ubuntu.com/5142-1/", "reference_id": "USN-5142-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5142-1/" }, { "reference_url": "https://usn.ubuntu.com/5174-1/", "reference_id": "USN-5174-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5174-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2016-2124" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dzyk-akhc-t7d2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95284?format=api", "vulnerability_id": "VCID-f93g-v8t6-wyf3", "summary": "samba: type confusion in mdssvc RPC service for spotlight", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34967.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34967.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-34967", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19204", "scoring_system": "epss", "scoring_elements": "0.95485", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.19204", "scoring_system": "epss", "scoring_elements": "0.95488", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.19204", "scoring_system": "epss", "scoring_elements": "0.9549", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-34967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222794", "reference_id": "2222794", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222794" }, { "reference_url": "https://security.gentoo.org/glsa/202402-28", "reference_id": "GLSA-202402-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6667", "reference_id": "RHSA-2023:6667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7139", "reference_id": "RHSA-2023:7139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0423", "reference_id": "RHSA-2024:0423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0580", "reference_id": "RHSA-2024:0580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0580" }, { "reference_url": "https://usn.ubuntu.com/6238-1/", "reference_id": "USN-6238-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6238-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2023-34967" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f93g-v8t6-wyf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100700?format=api", "vulnerability_id": "VCID-gg9p-kzw8-23bq", "summary": "A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10218.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10218.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10218", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04508", "scoring_system": "epss", "scoring_elements": "0.89345", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.04508", "scoring_system": "epss", "scoring_elements": "0.89344", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.04508", "scoring_system": "epss", "scoring_elements": "0.89325", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04508", "scoring_system": "epss", "scoring_elements": "0.89343", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10218" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1763137", "reference_id": "1763137", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1763137" }, { "reference_url": "https://security.archlinux.org/ASA-201911-6", "reference_id": "ASA-201911-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201911-6" }, { "reference_url": "https://security.archlinux.org/AVG-1057", "reference_id": "AVG-1057", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0943", "reference_id": "RHSA-2020:0943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1084", "reference_id": "RHSA-2020:1084", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1084" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1878", "reference_id": "RHSA-2020:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1878" }, { "reference_url": "https://usn.ubuntu.com/4167-1/", "reference_id": "USN-4167-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4167-1/" }, { "reference_url": "https://usn.ubuntu.com/4167-2/", "reference_id": "USN-4167-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4167-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2019-10218" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gg9p-kzw8-23bq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4861?format=api", "vulnerability_id": "VCID-hkb3-h17f-bbfc", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32745.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32745.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32745", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.6449", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64521", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64543", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64531", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00461", "scoring_system": "epss", "scoring_elements": "0.64534", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449", "reference_id": "1016449", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108211", "reference_id": "2108211", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108211" }, { "reference_url": "https://security.archlinux.org/AVG-2782", "reference_id": "AVG-2782", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2782" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://usn.ubuntu.com/5542-1/", "reference_id": "USN-5542-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5542-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2022-32745" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hkb3-h17f-bbfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100713?format=api", "vulnerability_id": "VCID-ksss-h1p9-mbaz", "summary": "A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10700.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10700.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10700", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86515", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86538", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86533", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86522", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10700" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825731", "reference_id": "1825731", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825731" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960189", "reference_id": "960189", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960189" }, { "reference_url": "https://security.gentoo.org/glsa/202007-15", "reference_id": "GLSA-202007-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-15" }, { "reference_url": "https://usn.ubuntu.com/4341-1/", "reference_id": "USN-4341-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4341-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-10700" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ksss-h1p9-mbaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7021?format=api", "vulnerability_id": "VCID-kwqt-87ga-1bbn", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25722.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25722.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25722", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61724", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61755", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61781", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6177", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61773", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25722" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019764", "reference_id": "2019764", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019764" }, { "reference_url": "https://security.archlinux.org/AVG-2538", "reference_id": "AVG-2538", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2538" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://usn.ubuntu.com/5142-1/", "reference_id": "USN-5142-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5142-1/" }, { "reference_url": "https://usn.ubuntu.com/5174-1/", "reference_id": "USN-5174-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5174-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-25722" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kwqt-87ga-1bbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100716?format=api", "vulnerability_id": "VCID-m1qp-m1d3-nbgw", "summary": "A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14323.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14323.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14323", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.6239", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.6236", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.62406", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.62414", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.62405", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14323" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14323", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14323" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891685", "reference_id": "1891685", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891685" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973399", "reference_id": "973399", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973399" }, { "reference_url": "https://www.samba.org/samba/security/CVE-2020-14323.html", "reference_id": "CVE-2020-14323.html", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/" } ], "url": "https://www.samba.org/samba/security/CVE-2020-14323.html" }, { "reference_url": "https://security.gentoo.org/glsa/202012-24", "reference_id": "GLSA-202012-24", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/" } ], "url": "https://security.gentoo.org/glsa/202012-24" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JE2M4FE3N3EDXVG4UKSVFPL7SQUGFFDP/", "reference_id": "JE2M4FE3N3EDXVG4UKSVFPL7SQUGFFDP", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JE2M4FE3N3EDXVG4UKSVFPL7SQUGFFDP/" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00008.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00012.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html", "reference_id": "msg00041.html", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20201103-0001/", "reference_id": "ntap-20201103-0001", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20201103-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5439", "reference_id": "RHSA-2020:5439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1647", "reference_id": "RHSA-2021:1647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3723", "reference_id": "RHSA-2021:3723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3723" }, { "reference_url": "https://usn.ubuntu.com/4611-1/", "reference_id": "USN-4611-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4611-1/" }, { "reference_url": "https://usn.ubuntu.com/4931-1/", "reference_id": "USN-4931-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4931-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6HM73N4NEGFW5GIJJGGP6ZZBS6GTXPB/", "reference_id": "W6HM73N4NEGFW5GIJJGGP6ZZBS6GTXPB", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6HM73N4NEGFW5GIJJGGP6ZZBS6GTXPB/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-14323" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m1qp-m1d3-nbgw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5843?format=api", "vulnerability_id": "VCID-m8f3-3jf6-2bdy", "summary": "denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10760.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10760.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10760", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02353", "scoring_system": "epss", "scoring_elements": "0.85198", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02353", "scoring_system": "epss", "scoring_elements": "0.85211", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.02353", "scoring_system": "epss", "scoring_elements": "0.85228", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02353", "scoring_system": "epss", "scoring_elements": "0.85222", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02353", "scoring_system": "epss", "scoring_elements": "0.85223", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10760" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849509", "reference_id": "1849509", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849509" }, { "reference_url": "https://security.archlinux.org/AVG-1202", "reference_id": "AVG-1202", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1202" }, { "reference_url": "https://security.gentoo.org/glsa/202007-15", "reference_id": "GLSA-202007-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-15" }, { "reference_url": "https://usn.ubuntu.com/4409-1/", "reference_id": "USN-4409-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4409-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-10760" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m8f3-3jf6-2bdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5842?format=api", "vulnerability_id": "VCID-mxk6-6rwy-hfa3", "summary": "denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14303.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14303.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14303", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.26364", "scoring_system": "epss", "scoring_elements": "0.96421", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.26364", "scoring_system": "epss", "scoring_elements": "0.96413", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.26364", "scoring_system": "epss", "scoring_elements": "0.96422", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.26364", "scoring_system": "epss", "scoring_elements": "0.96418", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14303" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851298", "reference_id": "1851298", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851298" }, { "reference_url": "https://security.archlinux.org/AVG-1202", "reference_id": "AVG-1202", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1202" }, { "reference_url": "https://security.gentoo.org/glsa/202007-15", "reference_id": "GLSA-202007-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-15" }, { "reference_url": "https://usn.ubuntu.com/4454-1/", "reference_id": "USN-4454-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4454-1/" }, { "reference_url": "https://usn.ubuntu.com/4454-2/", "reference_id": "USN-4454-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4454-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-14303" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mxk6-6rwy-hfa3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3532?format=api", "vulnerability_id": "VCID-np9m-wq3n-j7cq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3437.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3437.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3437", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00727", "scoring_system": "epss", "scoring_elements": "0.73025", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00727", "scoring_system": "epss", "scoring_elements": "0.72987", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00727", "scoring_system": "epss", "scoring_elements": "0.73002", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00727", "scoring_system": "epss", "scoring_elements": "0.73014", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00727", "scoring_system": "epss", "scoring_elements": "0.73031", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/02/08/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/02/08/1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187", "reference_id": "1024187", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137774", "reference_id": "2137774", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137774" }, { "reference_url": "https://security.archlinux.org/AVG-2828", "reference_id": "AVG-2828", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2828" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2022-3437", "reference_id": "CVE-2022-3437", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2022-3437" }, { "reference_url": "https://www.samba.org/samba/security/CVE-2022-3437.html", "reference_id": "CVE-2022-3437.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/" } ], "url": "https://www.samba.org/samba/security/CVE-2022-3437.html" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/" } ], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://security.gentoo.org/glsa/202310-06", "reference_id": "GLSA-202310-06", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/" } ], "url": "https://security.gentoo.org/glsa/202310-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230216-0008/", "reference_id": "ntap-20230216-0008", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230216-0008/" }, { "reference_url": "https://usn.ubuntu.com/5800-1/", "reference_id": "USN-5800-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5800-1/" }, { "reference_url": "https://usn.ubuntu.com/5822-1/", "reference_id": "USN-5822-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5822-1/" }, { "reference_url": "https://usn.ubuntu.com/5936-1/", "reference_id": "USN-5936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5936-1/" }, { "reference_url": "https://usn.ubuntu.com/7582-1/", "reference_id": "USN-7582-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7582-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2022-3437" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-np9m-wq3n-j7cq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100719?format=api", "vulnerability_id": "VCID-prhs-c1gk-97hj", "summary": "An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels. For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020). When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1472.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1472.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1472", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.9438", "scoring_system": "epss", "scoring_elements": "0.9997", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1472" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879822", "reference_id": "1879822", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879822" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2020/09/17/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2020/09/17/2" }, { "reference_url": "https://usn.ubuntu.com/4510-1/", "reference_id": "4510-1", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/" } ], "url": "https://usn.ubuntu.com/4510-1/" }, { "reference_url": "https://usn.ubuntu.com/4510-2/", "reference_id": "4510-2", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/" } ], "url": "https://usn.ubuntu.com/4510-2/" }, { "reference_url": "https://usn.ubuntu.com/4559-1/", "reference_id": "4559-1", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/" } ], "url": "https://usn.ubuntu.com/4559-1/" }, { "reference_url": "https://www.kb.cert.org/vuls/id/490028", "reference_id": "490028", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/" } ], "url": "https://www.kb.cert.org/vuls/id/490028" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971048", "reference_id": "971048", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971048" }, { "reference_url": "https://security.archlinux.org/ASA-202009-17", "reference_id": "ASA-202009-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202009-17" }, { "reference_url": "https://security.archlinux.org/AVG-1236", "reference_id": "AVG-1236", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1236" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/49071.py", "reference_id": "CVE-2020-1472", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/49071.py" }, { "reference_url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472", "reference_id": "CVE-2020-1472", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/" } ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472" }, { "reference_url": "https://security.gentoo.org/glsa/202012-24", "reference_id": "GLSA-202012-24", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/" } ], "url": "https://security.gentoo.org/glsa/202012-24" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/", "reference_id": "H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html", "reference_id": "msg00041.html", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00080.html", "reference_id": "msg00080.html", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00080.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00086.html", "reference_id": "msg00086.html", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00086.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5439", "reference_id": "RHSA-2020:5439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1647", "reference_id": "RHSA-2021:1647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3723", "reference_id": "RHSA-2021:3723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3723" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/", "reference_id": "ST6X3A2XXYMGD4INR26DQ4FP4QSM753B", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/" }, { "reference_url": "https://www.synology.com/security/advisory/Synology_SA_20_21", "reference_id": "Synology_SA_20_21", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/" } ], "url": "https://www.synology.com/security/advisory/Synology_SA_20_21" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/", "reference_id": "TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/" }, { "reference_url": "http://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html", "reference_id": "Zerologon-Netlogon-Privilege-Escalation.html", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/" } ], "url": "http://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html" }, { "reference_url": "http://packetstormsecurity.com/files/159190/Zerologon-Proof-Of-Concept.html", "reference_id": "Zerologon-Proof-Of-Concept.html", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/" } ], "url": "http://packetstormsecurity.com/files/159190/Zerologon-Proof-Of-Concept.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-1472" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-prhs-c1gk-97hj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73522?format=api", "vulnerability_id": "VCID-pzrp-6xtn-37db", "summary": "samba: vfs_streams_xattr uninitialized memory write possible", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9640.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9640.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9640", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24436", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24559", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24549", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24494", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9640" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9640" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391698", "reference_id": "2391698", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:06:54Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391698" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-9640", "reference_id": "CVE-2025-9640", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:06:54Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-9640" }, { "reference_url": "https://www.samba.org/samba/history/security.html", "reference_id": "security.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:06:54Z/" } ], "url": "https://www.samba.org/samba/history/security.html" }, { "reference_url": "https://usn.ubuntu.com/7826-1/", "reference_id": "USN-7826-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7826-1/" }, { "reference_url": "https://usn.ubuntu.com/7826-2/", "reference_id": "USN-7826-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7826-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195389?format=api", "purl": "pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u2" } ], "aliases": [ "CVE-2025-9640" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pzrp-6xtn-37db" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4863?format=api", "vulnerability_id": "VCID-q5hu-u9th-33e7", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32742.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32742.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32742", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.69143", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.691", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.6915", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.6914", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.69127", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449", "reference_id": "1016449", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108196", "reference_id": "2108196", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108196" }, { "reference_url": "https://security.archlinux.org/AVG-2782", "reference_id": "AVG-2782", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2782" }, { "reference_url": "https://www.samba.org/samba/security/CVE-2022-32742.html", "reference_id": "CVE-2022-32742.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T19:44:06Z/" } ], "url": "https://www.samba.org/samba/security/CVE-2022-32742.html" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T19:44:06Z/" } ], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T19:44:06Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7056", "reference_id": "RHSA-2022:7056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7111", "reference_id": "RHSA-2022:7111", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7111" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8317", "reference_id": "RHSA-2022:8317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8317" }, { "reference_url": "https://usn.ubuntu.com/5542-1/", "reference_id": "USN-5542-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5542-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2022-32742" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q5hu-u9th-33e7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5844?format=api", "vulnerability_id": "VCID-qn5w-t24w-xye5", "summary": "denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10745.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10745.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10745", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19658", "scoring_system": "epss", "scoring_elements": "0.95539", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.19658", "scoring_system": "epss", "scoring_elements": "0.95553", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.19658", "scoring_system": "epss", "scoring_elements": "0.9555", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.19658", "scoring_system": "epss", "scoring_elements": "0.95552", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.19658", "scoring_system": "epss", "scoring_elements": "0.95547", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10745" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849491", "reference_id": "1849491", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849491" }, { "reference_url": "https://security.archlinux.org/AVG-1202", "reference_id": "AVG-1202", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1202" }, { "reference_url": "https://security.gentoo.org/glsa/202007-15", "reference_id": "GLSA-202007-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-15" }, { "reference_url": "https://usn.ubuntu.com/4409-1/", "reference_id": "USN-4409-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4409-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-10745" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qn5w-t24w-xye5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7020?format=api", "vulnerability_id": "VCID-qsns-qxxn-1ygq", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23192.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23192.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23192", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28206", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28143", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28228", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28186", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28278", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23192" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019666", "reference_id": "2019666", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019666" }, { "reference_url": "https://security.archlinux.org/AVG-2538", "reference_id": "AVG-2538", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2538" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4843", "reference_id": "RHSA-2021:4843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5082", "reference_id": "RHSA-2021:5082", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5082" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0008", "reference_id": "RHSA-2022:0008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0008" }, { "reference_url": "https://usn.ubuntu.com/5142-1/", "reference_id": "USN-5142-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5142-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2021-23192" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qsns-qxxn-1ygq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92315?format=api", "vulnerability_id": "VCID-qtcs-hz4a-97fy", "summary": "samba: SMB clients can truncate files with read-only permissions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4091.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4091.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4091", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.6349", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63476", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63488", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63497", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4091" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241882", "reference_id": "2241882", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241882" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::resilientstorage", "reference_id": "cpe:/a:redhat:enterprise_linux:9::resilientstorage", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::resilientstorage" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::resilientstorage", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::resilientstorage", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::resilientstorage" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::resilientstorage", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::resilientstorage", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::resilientstorage" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:storage:3", "reference_id": "cpe:/a:redhat:storage:3", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:storage:3" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8", "reference_id": "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-4091", "reference_id": "CVE-2023-4091", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-4091" }, { "reference_url": "https://www.samba.org/samba/security/CVE-2023-4091.html", "reference_id": "CVE-2023-4091.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/" } ], "url": "https://www.samba.org/samba/security/CVE-2023-4091.html" }, { "reference_url": "https://security.gentoo.org/glsa/202402-28", "reference_id": "GLSA-202402-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6209", "reference_id": "RHSA-2023:6209", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:6209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6744", "reference_id": "RHSA-2023:6744", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:6744" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7371", "reference_id": "RHSA-2023:7371", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7408", "reference_id": "RHSA-2023:7408", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7464", "reference_id": "RHSA-2023:7464", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7467", "reference_id": "RHSA-2023:7467", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7467" }, { "reference_url": "https://bugzilla.samba.org/show_bug.cgi?id=15439", "reference_id": "show_bug.cgi?id=15439", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/" } ], "url": "https://bugzilla.samba.org/show_bug.cgi?id=15439" }, { "reference_url": "https://usn.ubuntu.com/6425-1/", "reference_id": "USN-6425-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6425-1/" }, { "reference_url": "https://usn.ubuntu.com/6425-3/", "reference_id": "USN-6425-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6425-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2023-4091" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtcs-hz4a-97fy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72444?format=api", "vulnerability_id": "VCID-r3n1-q8uv-cfbb", "summary": "All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authentication, by forcing all tickets for these clients to be non-forwardable. In AD this is implemented by a user attribute delegation_not_allowed (aka not-delegated), which translates to disallow-forwardable. However the Samba AD DC does not do that for S4U2Self and does set the forwardable flag even if the impersonated client has the not-delegated flag set.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14870.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14870.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14870", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04669", "scoring_system": "epss", "scoring_elements": "0.89506", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04669", "scoring_system": "epss", "scoring_elements": "0.89525", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.04669", "scoring_system": "epss", "scoring_elements": "0.89524", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.04669", "scoring_system": "epss", "scoring_elements": "0.89523", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14870" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14870", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14870" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1778589", "reference_id": "1778589", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1778589" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946786", "reference_id": "946786", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946786" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" }, { "reference_url": "https://security.gentoo.org/glsa/202310-06", "reference_id": "GLSA-202310-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202310-06" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2019-14870" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r3n1-q8uv-cfbb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7025?format=api", "vulnerability_id": "VCID-r7zv-4yyc-mqeu", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25717.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25717.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25717", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.67053", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.67069", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.67102", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.67087", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.67094", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25717" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019672", "reference_id": "2019672", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019672" }, { "reference_url": "https://security.archlinux.org/AVG-2538", "reference_id": "AVG-2538", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2538" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4843", "reference_id": "RHSA-2021:4843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4844", "reference_id": "RHSA-2021:4844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5082", "reference_id": "RHSA-2021:5082", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5082" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5192", "reference_id": "RHSA-2021:5192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0008", "reference_id": "RHSA-2022:0008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0074", "reference_id": "RHSA-2022:0074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0133", "reference_id": "RHSA-2022:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0443", "reference_id": "RHSA-2022:0443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0443" }, { "reference_url": "https://usn.ubuntu.com/5142-1/", "reference_id": "USN-5142-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5142-1/" }, { "reference_url": "https://usn.ubuntu.com/5174-1/", "reference_id": "USN-5174-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5174-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-25717" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r7zv-4yyc-mqeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7019?format=api", "vulnerability_id": "VCID-rmda-jcc9-2bam", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3738.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3738.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3738", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.61092", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.61118", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.61148", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.61136", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.61141", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021726", "reference_id": "2021726", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021726" }, { "reference_url": "https://security.archlinux.org/AVG-2538", "reference_id": "AVG-2538", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2538" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://usn.ubuntu.com/5142-1/", "reference_id": "USN-5142-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5142-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2021-3738" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rmda-jcc9-2bam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100710?format=api", "vulnerability_id": "VCID-rsz9-y661-qfce", "summary": "There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19344.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19344.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19344", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02193", "scoring_system": "epss", "scoring_elements": "0.84704", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02193", "scoring_system": "epss", "scoring_elements": "0.84728", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02193", "scoring_system": "epss", "scoring_elements": "0.84714", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.02193", "scoring_system": "epss", "scoring_elements": "0.84732", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02193", "scoring_system": "epss", "scoring_elements": "0.84726", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19344" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791204", "reference_id": "1791204", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791204" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950499", "reference_id": "950499", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950499" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" }, { "reference_url": "https://usn.ubuntu.com/4244-1/", "reference_id": "USN-4244-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4244-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2019-19344" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rsz9-y661-qfce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100699?format=api", "vulnerability_id": "VCID-ss54-ft8h-rufv", "summary": "A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10197.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10197.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10197", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0479", "scoring_system": "epss", "scoring_elements": "0.89662", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0479", "scoring_system": "epss", "scoring_elements": "0.89679", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0479", "scoring_system": "epss", "scoring_elements": "0.8968", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10197" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10197", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10197" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746225", "reference_id": "1746225", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746225" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3253", "reference_id": "RHSA-2019:3253", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3253" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4023", "reference_id": "RHSA-2019:4023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:4023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1084", "reference_id": "RHSA-2020:1084", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1084" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1878", "reference_id": "RHSA-2020:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1878" }, { "reference_url": "https://usn.ubuntu.com/4121-1/", "reference_id": "USN-4121-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4121-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2019-10197" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ss54-ft8h-rufv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7022?format=api", "vulnerability_id": "VCID-ssh4-ukvg-5fej", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25721.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25721.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25721", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58908", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58936", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.5896", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58952", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58954", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021728", "reference_id": "2021728", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021728" }, { "reference_url": "https://security.archlinux.org/AVG-2538", "reference_id": "AVG-2538", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2538" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://usn.ubuntu.com/5142-1/", "reference_id": "USN-5142-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5142-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-25721" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ssh4-ukvg-5fej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100718?format=api", "vulnerability_id": "VCID-t35b-ur7m-vqeu", "summary": "A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate, but many RPC services will not.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14383.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14383.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14383", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00465", "scoring_system": "epss", "scoring_elements": "0.64688", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00465", "scoring_system": "epss", "scoring_elements": "0.64716", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00465", "scoring_system": "epss", "scoring_elements": "0.64729", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00465", "scoring_system": "epss", "scoring_elements": "0.64738", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00465", "scoring_system": "epss", "scoring_elements": "0.64727", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14383" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892636", "reference_id": "1892636", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:10:17Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892636" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973398", "reference_id": "973398", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973398" }, { "reference_url": "https://www.samba.org/samba/security/CVE-2020-14383.html", "reference_id": "CVE-2020-14383.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:10:17Z/" } ], "url": "https://www.samba.org/samba/security/CVE-2020-14383.html" }, { "reference_url": "https://security.gentoo.org/glsa/202012-24", "reference_id": "GLSA-202012-24", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:10:17Z/" } ], "url": "https://security.gentoo.org/glsa/202012-24" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:10:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html" }, { "reference_url": "https://usn.ubuntu.com/4611-1/", "reference_id": "USN-4611-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4611-1/" }, { "reference_url": "https://usn.ubuntu.com/4931-1/", "reference_id": "USN-4931-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4931-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-14383" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t35b-ur7m-vqeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100706?format=api", "vulnerability_id": "VCID-u4fr-s35u-8khu", "summary": "There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14902.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14902.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14902", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03503", "scoring_system": "epss", "scoring_elements": "0.87826", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03503", "scoring_system": "epss", "scoring_elements": "0.87848", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03503", "scoring_system": "epss", "scoring_elements": "0.8785", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.03503", "scoring_system": "epss", "scoring_elements": "0.87852", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14902" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791201", "reference_id": "1791201", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791201" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" }, { "reference_url": "https://usn.ubuntu.com/4244-1/", "reference_id": "USN-4244-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4244-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2019-14902" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u4fr-s35u-8khu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7024?format=api", "vulnerability_id": "VCID-uwmy-xe5s-yubn", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25718.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25718.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25718", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41646", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41665", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41728", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41698", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41721", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019726", "reference_id": "2019726", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019726" }, { "reference_url": "https://security.archlinux.org/AVG-2538", "reference_id": "AVG-2538", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2538" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://usn.ubuntu.com/5142-1/", "reference_id": "USN-5142-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5142-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-25718" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uwmy-xe5s-yubn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95264?format=api", "vulnerability_id": "VCID-uyuw-v56z-93ez", "summary": "samba: out-of-bounds read in winbind AUTH_CRAP", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2127.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2127.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2127", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01225", "scoring_system": "epss", "scoring_elements": "0.795", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01225", "scoring_system": "epss", "scoring_elements": "0.79467", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01225", "scoring_system": "epss", "scoring_elements": "0.79493", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01225", "scoring_system": "epss", "scoring_elements": "0.79494", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01225", "scoring_system": "epss", "scoring_elements": "0.79483", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222791", "reference_id": "2222791", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:21:45Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222791" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::resilientstorage", "reference_id": "cpe:/a:redhat:enterprise_linux:9::resilientstorage", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::resilientstorage" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:storage:3", "reference_id": "cpe:/a:redhat:storage:3", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:storage:3" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8", "reference_id": "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2022-2127", "reference_id": "CVE-2022-2127", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:21:45Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2022-2127" }, { "reference_url": "https://www.samba.org/samba/security/CVE-2022-2127.html", "reference_id": "CVE-2022-2127.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:21:45Z/" } ], "url": "https://www.samba.org/samba/security/CVE-2022-2127.html" }, { "reference_url": "https://security.gentoo.org/glsa/202402-28", "reference_id": "GLSA-202402-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6667", "reference_id": "RHSA-2023:6667", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:21:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:6667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7139", "reference_id": "RHSA-2023:7139", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:21:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0423", "reference_id": "RHSA-2024:0423", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:21:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0580", "reference_id": "RHSA-2024:0580", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:21:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0580" }, { "reference_url": "https://usn.ubuntu.com/6238-1/", "reference_id": "USN-6238-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6238-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2022-2127" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uyuw-v56z-93ez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4864?format=api", "vulnerability_id": "VCID-vrxh-bq3q-xudq", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2031.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2031.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2031", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57804", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57842", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57866", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57855", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57857", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2031" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449", "reference_id": "1016449", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094789", "reference_id": "2094789", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094789" }, { "reference_url": "https://security.archlinux.org/AVG-2782", "reference_id": "AVG-2782", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2782" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://usn.ubuntu.com/5542-1/", "reference_id": "USN-5542-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5542-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2022-2031" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vrxh-bq3q-xudq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100714?format=api", "vulnerability_id": "VCID-wc26-trz1-u7fv", "summary": "A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10704.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10704.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10704", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14522", "scoring_system": "epss", "scoring_elements": "0.94579", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.14522", "scoring_system": "epss", "scoring_elements": "0.94588", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.14522", "scoring_system": "epss", "scoring_elements": "0.94591", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.14522", "scoring_system": "epss", "scoring_elements": "0.94589", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.14522", "scoring_system": "epss", "scoring_elements": "0.9459", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825734", "reference_id": "1825734", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825734" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960188", "reference_id": "960188", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960188" }, { "reference_url": "https://security.gentoo.org/glsa/202007-15", "reference_id": "GLSA-202007-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202007-15" }, { "reference_url": "https://usn.ubuntu.com/4341-1/", "reference_id": "USN-4341-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4341-1/" }, { "reference_url": "https://usn.ubuntu.com/4341-2/", "reference_id": "USN-4341-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4341-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-10704" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wc26-trz1-u7fv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3642?format=api", "vulnerability_id": "VCID-y3rv-fdkr-qyd2", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0336.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0336.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0336", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59871", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59895", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59923", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59913", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.5992", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0336" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0336", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0336" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004694", "reference_id": "1004694", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004694" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046134", "reference_id": "2046134", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046134" }, { "reference_url": "https://security.archlinux.org/AVG-2648", "reference_id": "AVG-2648", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2648" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://usn.ubuntu.com/5260-1/", "reference_id": "USN-5260-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5260-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2022-0336" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y3rv-fdkr-qyd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100705?format=api", "vulnerability_id": "VCID-ytdy-akzb-a7e1", "summary": "All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default permissions on the DNS partition allow creation of new records by authenticated users. This is used for example to allow machines to self-register in DNS. If a DNS record was created that case-insensitively matched the name of the zone, the ldb_qsort() and dns_name_compare() routines could be confused into reading memory prior to the list of DNS entries when responding to DnssrvEnumRecords() or DnssrvEnumRecords2() and so following invalid memory as a pointer.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14861.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14861.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14861", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04997", "scoring_system": "epss", "scoring_elements": "0.89895", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.04997", "scoring_system": "epss", "scoring_elements": "0.89881", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04997", "scoring_system": "epss", "scoring_elements": "0.89897", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.04997", "scoring_system": "epss", "scoring_elements": "0.89898", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14861" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1778586", "reference_id": "1778586", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1778586" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/06/24/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/06/24/3" }, { "reference_url": "https://usn.ubuntu.com/4217-1/", "reference_id": "4217-1", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/" } ], "url": "https://usn.ubuntu.com/4217-1/" }, { "reference_url": "https://usn.ubuntu.com/4217-2/", "reference_id": "4217-2", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/" } ], "url": "https://usn.ubuntu.com/4217-2/" }, { "reference_url": "https://www.samba.org/samba/security/CVE-2019-14861.html", "reference_id": "CVE-2019-14861.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/" } ], "url": "https://www.samba.org/samba/security/CVE-2019-14861.html" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/" } ], "url": "https://security.gentoo.org/glsa/202003-52" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html", "reference_id": "msg00023.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00038.html", "reference_id": "msg00038.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00038.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191210-0002/", "reference_id": "ntap-20191210-0002", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20191210-0002/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PJH3ROOFYMOATD2UEPC47P5RPBDTY77E/", "reference_id": "PJH3ROOFYMOATD2UEPC47P5RPBDTY77E", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PJH3ROOFYMOATD2UEPC47P5RPBDTY77E/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14861", "reference_id": "show_bug.cgi?id=CVE-2019-14861", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14861" }, { "reference_url": "https://www.synology.com/security/advisory/Synology_SA_19_40", "reference_id": "Synology_SA_19_40", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/" } ], "url": "https://www.synology.com/security/advisory/Synology_SA_19_40" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNKA4YIPV7AZR7KK3GW6L3HKGHSGJZFE/", "reference_id": "WNKA4YIPV7AZR7KK3GW6L3HKGHSGJZFE", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNKA4YIPV7AZR7KK3GW6L3HKGHSGJZFE/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2019-14861" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ytdy-akzb-a7e1" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100694?format=api", "vulnerability_id": "VCID-1drk-e3vx-wbe8", "summary": "A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1139.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1139.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1139", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0162", "scoring_system": "epss", "scoring_elements": "0.82164", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0162", "scoring_system": "epss", "scoring_elements": "0.82193", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0162", "scoring_system": "epss", "scoring_elements": "0.8219", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0162", "scoring_system": "epss", "scoring_elements": "0.82195", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0162", "scoring_system": "epss", "scoring_elements": "0.82196", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1139" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1589651", "reference_id": "1589651", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1589651" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2612", "reference_id": "RHSA-2018:2612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2613", "reference_id": "RHSA-2018:2613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3056", "reference_id": "RHSA-2018:3056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3056" }, { "reference_url": "https://usn.ubuntu.com/3738-1/", "reference_id": "USN-3738-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3738-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-1139" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1drk-e3vx-wbe8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3643?format=api", "vulnerability_id": "VCID-1yzz-fu2r-rqgy", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44142.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44142.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44142", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.35695", "scoring_system": "epss", "scoring_elements": "0.97167", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.35695", "scoring_system": "epss", "scoring_elements": "0.97161", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.35695", "scoring_system": "epss", "scoring_elements": "0.97165", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.35695", "scoring_system": "epss", "scoring_elements": "0.97169", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.35695", "scoring_system": "epss", "scoring_elements": "0.97168", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44142" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004693", "reference_id": "1004693", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004693" }, { "reference_url": "https://kb.cert.org/vuls/id/119678", "reference_id": "119678", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/" } ], "url": "https://kb.cert.org/vuls/id/119678" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046146", "reference_id": "2046146", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046146" }, { "reference_url": "https://security.archlinux.org/AVG-2648", "reference_id": "AVG-2648", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2648" }, { "reference_url": "https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin", "reference_id": "cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/" } ], "url": "https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin" }, { "reference_url": "https://www.samba.org/samba/security/CVE-2021-44142.html", "reference_id": "CVE-2021-44142.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/" } ], "url": "https://www.samba.org/samba/security/CVE-2021-44142.html" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/" } ], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0328", "reference_id": "RHSA-2022:0328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0329", "reference_id": "RHSA-2022:0329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0330", "reference_id": "RHSA-2022:0330", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0330" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0331", "reference_id": "RHSA-2022:0331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0332", "reference_id": "RHSA-2022:0332", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0457", "reference_id": "RHSA-2022:0457", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0457" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0458", "reference_id": "RHSA-2022:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0663", "reference_id": "RHSA-2022:0663", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0663" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0664", "reference_id": "RHSA-2022:0664", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0664" }, { "reference_url": "https://bugzilla.samba.org/show_bug.cgi?id=14914", "reference_id": "show_bug.cgi?id=14914", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/" } ], "url": "https://bugzilla.samba.org/show_bug.cgi?id=14914" }, { "reference_url": "https://usn.ubuntu.com/5260-1/", "reference_id": "USN-5260-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5260-1/" }, { "reference_url": "https://usn.ubuntu.com/5260-2/", "reference_id": "USN-5260-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5260-2/" }, { "reference_url": "https://usn.ubuntu.com/5260-3/", "reference_id": "USN-5260-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5260-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2021-44142" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1yzz-fu2r-rqgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6202?format=api", "vulnerability_id": "VCID-26vq-jj49-byez", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16841.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16841.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16841", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09452", "scoring_system": "epss", "scoring_elements": "0.92965", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.09452", "scoring_system": "epss", "scoring_elements": "0.92966", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.09452", "scoring_system": "epss", "scoring_elements": "0.92972", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.09452", "scoring_system": "epss", "scoring_elements": "0.92968", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.09452", "scoring_system": "epss", "scoring_elements": "0.92975", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16841" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642545", "reference_id": "1642545", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642545" }, { "reference_url": "https://security.archlinux.org/ASA-201811-22", "reference_id": "ASA-201811-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-22" }, { "reference_url": "https://security.archlinux.org/AVG-823", "reference_id": "AVG-823", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-823" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" }, { "reference_url": "https://usn.ubuntu.com/3827-1/", "reference_id": "USN-3827-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3827-1/" }, { "reference_url": "https://usn.ubuntu.com/3827-2/", "reference_id": "USN-3827-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3827-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-16841" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-26vq-jj49-byez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6201?format=api", "vulnerability_id": "VCID-35qh-y7xf-nkdn", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16851.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16851.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16851", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08925", "scoring_system": "epss", "scoring_elements": "0.92732", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.08925", "scoring_system": "epss", "scoring_elements": "0.92733", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.08925", "scoring_system": "epss", "scoring_elements": "0.9274", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.08925", "scoring_system": "epss", "scoring_elements": "0.92735", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.08925", "scoring_system": "epss", "scoring_elements": "0.92744", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16851" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646377", "reference_id": "1646377", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646377" }, { "reference_url": "https://security.archlinux.org/ASA-201811-22", "reference_id": "ASA-201811-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-22" }, { "reference_url": "https://security.archlinux.org/AVG-823", "reference_id": "AVG-823", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-823" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" }, { "reference_url": "https://usn.ubuntu.com/3827-1/", "reference_id": "USN-3827-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3827-1/" }, { "reference_url": "https://usn.ubuntu.com/3827-2/", "reference_id": "USN-3827-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3827-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-16851" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-35qh-y7xf-nkdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4311?format=api", "vulnerability_id": "VCID-3ddh-cm8f-nuf2", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1050.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1050.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1050", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19654", "scoring_system": "epss", "scoring_elements": "0.95539", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.19654", "scoring_system": "epss", "scoring_elements": "0.95553", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.19654", "scoring_system": "epss", "scoring_elements": "0.9555", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.19654", "scoring_system": "epss", "scoring_elements": "0.95552", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.19654", "scoring_system": "epss", "scoring_elements": "0.95547", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1050" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538771", "reference_id": "1538771", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538771" }, { "reference_url": "https://security.archlinux.org/ASA-201803-10", "reference_id": "ASA-201803-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-10" }, { "reference_url": "https://security.archlinux.org/AVG-651", "reference_id": "AVG-651", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-651" }, { "reference_url": "https://security.gentoo.org/glsa/201805-07", "reference_id": "GLSA-201805-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201805-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1860", "reference_id": "RHSA-2018:1860", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1860" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1883", "reference_id": "RHSA-2018:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2612", "reference_id": "RHSA-2018:2612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2613", "reference_id": "RHSA-2018:2613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3056", "reference_id": "RHSA-2018:3056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3056" }, { "reference_url": "https://usn.ubuntu.com/3595-1/", "reference_id": "USN-3595-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3595-1/" }, { "reference_url": "https://usn.ubuntu.com/3595-2/", "reference_id": "USN-3595-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3595-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-1050" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ddh-cm8f-nuf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100678?format=api", "vulnerability_id": "VCID-44hn-cr8c-akft", "summary": "It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce \"SMB signing\" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12150.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12150.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12150", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.221", "scoring_system": "epss", "scoring_elements": "0.95905", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.221", "scoring_system": "epss", "scoring_elements": "0.95897", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.221", "scoring_system": "epss", "scoring_elements": "0.95901", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.221", "scoring_system": "epss", "scoring_elements": "0.95904", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:H/Au:N/C:C/I:C/A:N" }, { "value": "8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488400", "reference_id": "1488400", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488400" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2789", "reference_id": "RHSA-2017:2789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2790", "reference_id": "RHSA-2017:2790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2791", "reference_id": "RHSA-2017:2791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2858", "reference_id": "RHSA-2017:2858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2858" }, { "reference_url": "https://usn.ubuntu.com/3426-1/", "reference_id": "USN-3426-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3426-1/" }, { "reference_url": "https://usn.ubuntu.com/3426-2/", "reference_id": "USN-3426-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3426-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4435?format=api", "purl": "pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-6pd7-pxth-3faj" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hbe8-zptv-f7dr" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-n9bw-bctz-pqfx" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-yt92-mfwy-z7er" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2017-12150" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-44hn-cr8c-akft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72439?format=api", "vulnerability_id": "VCID-53zv-2nms-e3da", "summary": "Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in 'enc_part' instead of the unencrypted version stored in 'ticket'. Use of the unencrypted version provides an opportunity for successful server impersonation and other attacks. NOTE: this CVE is only for Heimdal and other products that embed Heimdal code; it does not apply to other instances in which this part of the Kerberos 5 protocol specification is violated.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11103.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11103.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11103", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05637", "scoring_system": "epss", "scoring_elements": "0.9051", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.05637", "scoring_system": "epss", "scoring_elements": "0.90524", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.05637", "scoring_system": "epss", "scoring_elements": "0.90525", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.05637", "scoring_system": "epss", "scoring_elements": "0.90523", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.05637", "scoring_system": "epss", "scoring_elements": "0.90522", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11103" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11103", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11103" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1469976", "reference_id": "1469976", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1469976" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868208", "reference_id": "868208", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868208" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868209", "reference_id": "868209", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868209" }, { "reference_url": "https://usn.ubuntu.com/3353-1/", "reference_id": "USN-3353-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3353-1/" }, { "reference_url": "https://usn.ubuntu.com/3353-2/", "reference_id": "USN-3353-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3353-2/" }, { "reference_url": "https://usn.ubuntu.com/3353-3/", "reference_id": "USN-3353-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3353-3/" }, { "reference_url": "https://usn.ubuntu.com/3353-4/", "reference_id": "USN-3353-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3353-4/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4435?format=api", "purl": "pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-6pd7-pxth-3faj" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hbe8-zptv-f7dr" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-n9bw-bctz-pqfx" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-yt92-mfwy-z7er" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2017-11103" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-53zv-2nms-e3da" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100692?format=api", "vulnerability_id": "VCID-5uh7-w6s9-47gr", "summary": "The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10919.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10919.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01373", "scoring_system": "epss", "scoring_elements": "0.80567", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01373", "scoring_system": "epss", "scoring_elements": "0.80594", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01373", "scoring_system": "epss", "scoring_elements": "0.80596", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01373", "scoring_system": "epss", "scoring_elements": "0.80592", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01373", "scoring_system": "epss", "scoring_elements": "0.80588", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10858", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10858" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10919" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610645", "reference_id": "1610645", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610645" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" }, { "reference_url": "https://usn.ubuntu.com/3738-1/", "reference_id": "USN-3738-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3738-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-10919" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5uh7-w6s9-47gr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6390?format=api", "vulnerability_id": "VCID-688u-s2a3-8fha", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15275.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15275.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15275", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.4327", "scoring_system": "epss", "scoring_elements": "0.97578", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.4327", "scoring_system": "epss", "scoring_elements": "0.97572", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.4327", "scoring_system": "epss", "scoring_elements": "0.97577", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.4327", "scoring_system": "epss", "scoring_elements": "0.97579", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.4327", "scoring_system": "epss", "scoring_elements": "0.97576", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1512465", "reference_id": "1512465", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1512465" }, { "reference_url": "https://security.archlinux.org/ASA-201712-1", "reference_id": "ASA-201712-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201712-1" }, { "reference_url": "https://security.archlinux.org/AVG-535", "reference_id": "AVG-535", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-535" }, { "reference_url": "https://security.gentoo.org/glsa/201805-07", "reference_id": "GLSA-201805-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201805-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3260", "reference_id": "RHSA-2017:3260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3261", "reference_id": "RHSA-2017:3261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3261" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3278", "reference_id": "RHSA-2017:3278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3278" }, { "reference_url": "https://usn.ubuntu.com/3486-1/", "reference_id": "USN-3486-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3486-1/" }, { "reference_url": "https://usn.ubuntu.com/3486-2/", "reference_id": "USN-3486-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3486-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4435?format=api", "purl": "pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-6pd7-pxth-3faj" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hbe8-zptv-f7dr" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-n9bw-bctz-pqfx" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-yt92-mfwy-z7er" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2017-15275" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-688u-s2a3-8fha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6199?format=api", "vulnerability_id": "VCID-92g2-se8k-ybh5", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16853.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16853.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16853", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04908", "scoring_system": "epss", "scoring_elements": "0.89783", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04908", "scoring_system": "epss", "scoring_elements": "0.89799", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.04908", "scoring_system": "epss", "scoring_elements": "0.89801", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16853" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1647246", "reference_id": "1647246", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1647246" }, { "reference_url": "https://security.archlinux.org/ASA-201811-22", "reference_id": "ASA-201811-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-22" }, { "reference_url": "https://security.archlinux.org/AVG-823", "reference_id": "AVG-823", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-823" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-16853" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-92g2-se8k-ybh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100712?format=api", "vulnerability_id": "VCID-ddag-h7en-efed", "summary": "A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3880.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3880.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3880", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03388", "scoring_system": "epss", "scoring_elements": "0.87614", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03388", "scoring_system": "epss", "scoring_elements": "0.87635", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.03388", "scoring_system": "epss", "scoring_elements": "0.87636", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.03388", "scoring_system": "epss", "scoring_elements": "0.87634", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3880" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3880", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3880" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1691518", "reference_id": "1691518", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1691518" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1966", "reference_id": "RHSA-2019:1966", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1966" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1967", "reference_id": "RHSA-2019:1967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2099", "reference_id": "RHSA-2019:2099", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3582", "reference_id": "RHSA-2019:3582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3582" }, { "reference_url": "https://usn.ubuntu.com/3939-1/", "reference_id": "USN-3939-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3939-1/" }, { "reference_url": "https://usn.ubuntu.com/3939-2/", "reference_id": "USN-3939-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3939-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2019-3880" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ddag-h7en-efed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6203?format=api", "vulnerability_id": "VCID-dtxj-7cam-x3g9", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14629.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14629.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14629", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08971", "scoring_system": "epss", "scoring_elements": "0.92753", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.08971", "scoring_system": "epss", "scoring_elements": "0.92754", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.08971", "scoring_system": "epss", "scoring_elements": "0.9276", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.08971", "scoring_system": "epss", "scoring_elements": "0.92756", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.08971", "scoring_system": "epss", "scoring_elements": "0.92765", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625449", "reference_id": "1625449", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625449" }, { "reference_url": "https://security.archlinux.org/ASA-201811-22", "reference_id": "ASA-201811-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-22" }, { "reference_url": "https://security.archlinux.org/AVG-823", "reference_id": "AVG-823", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-823" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" }, { "reference_url": "https://usn.ubuntu.com/3827-1/", "reference_id": "USN-3827-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3827-1/" }, { "reference_url": "https://usn.ubuntu.com/3827-2/", "reference_id": "USN-3827-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3827-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-14629" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dtxj-7cam-x3g9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100679?format=api", "vulnerability_id": "VCID-e45f-ty2v-g7g8", "summary": "A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12151.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12151.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12151", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04146", "scoring_system": "epss", "scoring_elements": "0.88867", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.04146", "scoring_system": "epss", "scoring_elements": "0.88852", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04146", "scoring_system": "epss", "scoring_elements": "0.88869", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.05265", "scoring_system": "epss", "scoring_elements": "0.90173", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:M/Au:N/C:C/I:C/A:N" }, { "value": "8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488197", "reference_id": "1488197", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2790", "reference_id": "RHSA-2017:2790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2858", "reference_id": "RHSA-2017:2858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2858" }, { "reference_url": "https://usn.ubuntu.com/3426-1/", "reference_id": "USN-3426-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3426-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4435?format=api", "purl": "pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-6pd7-pxth-3faj" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hbe8-zptv-f7dr" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-n9bw-bctz-pqfx" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-yt92-mfwy-z7er" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2017-12151" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e45f-ty2v-g7g8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100688?format=api", "vulnerability_id": "VCID-jeut-pn1j-gfg6", "summary": "A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10858.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10858.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10858", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0594", "scoring_system": "epss", "scoring_elements": "0.90803", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0594", "scoring_system": "epss", "scoring_elements": "0.90817", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0594", "scoring_system": "epss", "scoring_elements": "0.90815", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0594", "scoring_system": "epss", "scoring_elements": "0.90813", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10858" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10858", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10858" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10919" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1612805", "reference_id": "1612805", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1612805" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2612", "reference_id": "RHSA-2018:2612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2613", "reference_id": "RHSA-2018:2613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3056", "reference_id": "RHSA-2018:3056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3470", "reference_id": "RHSA-2018:3470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3470" }, { "reference_url": "https://usn.ubuntu.com/3738-1/", "reference_id": "USN-3738-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3738-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-10858" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jeut-pn1j-gfg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6391?format=api", "vulnerability_id": "VCID-jmm9-r3u7-zufe", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14746.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14746.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14746", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.31253", "scoring_system": "epss", "scoring_elements": "0.96867", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.31253", "scoring_system": "epss", "scoring_elements": "0.96859", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.31253", "scoring_system": "epss", "scoring_elements": "0.96868", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.31253", "scoring_system": "epss", "scoring_elements": "0.96863", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14746" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511899", "reference_id": "1511899", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511899" }, { "reference_url": "https://security.archlinux.org/ASA-201712-1", "reference_id": "ASA-201712-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201712-1" }, { "reference_url": "https://security.archlinux.org/AVG-535", "reference_id": "AVG-535", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-535" }, { "reference_url": "https://security.gentoo.org/glsa/201805-07", "reference_id": "GLSA-201805-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201805-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3260", "reference_id": "RHSA-2017:3260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3261", "reference_id": "RHSA-2017:3261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3261" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3278", "reference_id": "RHSA-2017:3278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3278" }, { "reference_url": "https://usn.ubuntu.com/3486-1/", "reference_id": "USN-3486-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3486-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4435?format=api", "purl": "pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-6pd7-pxth-3faj" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hbe8-zptv-f7dr" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-n9bw-bctz-pqfx" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-yt92-mfwy-z7er" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2017-14746" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jmm9-r3u7-zufe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4310?format=api", "vulnerability_id": "VCID-jnby-fw2x-xyf4", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1057.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1057.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1057", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07722", "scoring_system": "epss", "scoring_elements": "0.92075", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.07722", "scoring_system": "epss", "scoring_elements": "0.92088", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.07722", "scoring_system": "epss", "scoring_elements": "0.92084", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.07722", "scoring_system": "epss", "scoring_elements": "0.92085", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.07722", "scoring_system": "epss", "scoring_elements": "0.92083", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1057" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553553", "reference_id": "1553553", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553553" }, { "reference_url": "https://security.archlinux.org/ASA-201803-10", "reference_id": "ASA-201803-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-10" }, { "reference_url": "https://security.archlinux.org/AVG-651", "reference_id": "AVG-651", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-651" }, { "reference_url": "https://security.gentoo.org/glsa/201805-07", "reference_id": "GLSA-201805-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201805-07" }, { "reference_url": "https://usn.ubuntu.com/3595-1/", "reference_id": "USN-3595-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3595-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-1057" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jnby-fw2x-xyf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100701?format=api", "vulnerability_id": "VCID-mktu-yt4c-tkfq", "summary": "Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer dereference, leading to Denial of Service. This is related to the AD DC DNS management server (dnsserver) RPC server process.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12435.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12435.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12435", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03816", "scoring_system": "epss", "scoring_elements": "0.88321", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03816", "scoring_system": "epss", "scoring_elements": "0.88339", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03816", "scoring_system": "epss", "scoring_elements": "0.88341", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.03816", "scoring_system": "epss", "scoring_elements": "0.8834", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12435" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12435", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12435" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1711816", "reference_id": "1711816", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1711816" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930748", "reference_id": "930748", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930748" }, { "reference_url": "https://usn.ubuntu.com/4018-1/", "reference_id": "USN-4018-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4018-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2019-12435" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mktu-yt4c-tkfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100681?format=api", "vulnerability_id": "VCID-nazc-kauc-rqb6", "summary": "An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12163.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12163.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12163", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.41375", "scoring_system": "epss", "scoring_elements": "0.97477", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.41375", "scoring_system": "epss", "scoring_elements": "0.97483", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.41375", "scoring_system": "epss", "scoring_elements": "0.97484", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12163" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:N/A:N" }, { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491206", "reference_id": "1491206", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491206" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2789", "reference_id": "RHSA-2017:2789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2790", "reference_id": "RHSA-2017:2790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2791", "reference_id": "RHSA-2017:2791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2858", "reference_id": "RHSA-2017:2858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2858" }, { "reference_url": "https://usn.ubuntu.com/3426-1/", "reference_id": "USN-3426-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3426-1/" }, { "reference_url": "https://usn.ubuntu.com/3426-2/", "reference_id": "USN-3426-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3426-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4435?format=api", "purl": "pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-6pd7-pxth-3faj" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8tyg-f73c-zuh3" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-94d3-5rgf-x3dh" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-apjj-ezss-a3hj" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-b9y4-s6nz-kkby" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-eaxm-5jgj-eqcg" }, { "vulnerability": "VCID-egeg-4ds7-d3d1" }, { "vulnerability": "VCID-enbr-g8ae-ubbc" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hbe8-zptv-f7dr" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m364-w7f6-aug7" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-n6xc-pvqq-9bgs" }, { "vulnerability": "VCID-n9bw-bctz-pqfx" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-p4mk-1t9q-sbb3" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vedj-x1yz-3uec" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vtne-we7s-tuet" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-xvjy-amhr-z3d8" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-yt92-mfwy-z7er" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2017-12163" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nazc-kauc-rqb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100711?format=api", "vulnerability_id": "VCID-nhvj-h5wu-xfgy", "summary": "A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3870.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3870.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3870", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.6834", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68383", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.6839", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0055", "scoring_system": "epss", "scoring_elements": "0.68368", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3870" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3870", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3870" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689010", "reference_id": "1689010", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689010" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2019-3870" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nhvj-h5wu-xfgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6198?format=api", "vulnerability_id": "VCID-njb3-9hmh-s3cg", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16857.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16857.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16857", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0224", "scoring_system": "epss", "scoring_elements": "0.84863", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0224", "scoring_system": "epss", "scoring_elements": "0.84875", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0224", "scoring_system": "epss", "scoring_elements": "0.84891", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0224", "scoring_system": "epss", "scoring_elements": "0.84885", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0224", "scoring_system": "epss", "scoring_elements": "0.84886", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16857" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649278", "reference_id": "1649278", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649278" }, { "reference_url": "https://security.archlinux.org/ASA-201811-22", "reference_id": "ASA-201811-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-22" }, { "reference_url": "https://security.archlinux.org/AVG-823", "reference_id": "AVG-823", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-823" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-16857" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-njb3-9hmh-s3cg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7025?format=api", "vulnerability_id": "VCID-r7zv-4yyc-mqeu", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25717.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25717.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25717", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.67053", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.67069", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.67102", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.67087", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.67094", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25717" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019672", "reference_id": "2019672", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019672" }, { "reference_url": "https://security.archlinux.org/AVG-2538", "reference_id": "AVG-2538", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2538" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4843", "reference_id": "RHSA-2021:4843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4844", "reference_id": "RHSA-2021:4844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5082", "reference_id": "RHSA-2021:5082", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5082" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5192", "reference_id": "RHSA-2021:5192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0008", "reference_id": "RHSA-2022:0008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0074", "reference_id": "RHSA-2022:0074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0133", "reference_id": "RHSA-2022:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0443", "reference_id": "RHSA-2022:0443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0443" }, { "reference_url": "https://usn.ubuntu.com/5142-1/", "reference_id": "USN-5142-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5142-1/" }, { "reference_url": "https://usn.ubuntu.com/5174-1/", "reference_id": "USN-5174-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5174-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2020-25717" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r7zv-4yyc-mqeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6200?format=api", "vulnerability_id": "VCID-sg5x-7v6b-ffgk", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16852.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16852.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16852", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02897", "scoring_system": "epss", "scoring_elements": "0.8661", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02897", "scoring_system": "epss", "scoring_elements": "0.86592", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02897", "scoring_system": "epss", "scoring_elements": "0.866", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.02897", "scoring_system": "epss", "scoring_elements": "0.86615", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16852" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646386", "reference_id": "1646386", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646386" }, { "reference_url": "https://security.archlinux.org/ASA-201811-22", "reference_id": "ASA-201811-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-22" }, { "reference_url": "https://security.archlinux.org/AVG-823", "reference_id": "AVG-823", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-823" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-16852" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sg5x-7v6b-ffgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100699?format=api", "vulnerability_id": "VCID-ss54-ft8h-rufv", "summary": "A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10197.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10197.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10197", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0479", "scoring_system": "epss", "scoring_elements": "0.89662", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0479", "scoring_system": "epss", "scoring_elements": "0.89679", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0479", "scoring_system": "epss", "scoring_elements": "0.8968", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10197" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10197", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10197" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746225", "reference_id": "1746225", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746225" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3253", "reference_id": "RHSA-2019:3253", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3253" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4023", "reference_id": "RHSA-2019:4023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:4023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1084", "reference_id": "RHSA-2020:1084", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1084" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1878", "reference_id": "RHSA-2020:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1878" }, { "reference_url": "https://usn.ubuntu.com/4121-1/", "reference_id": "USN-4121-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4121-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/5636?format=api", "purl": "pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5tc4-e6tj-3qfa" }, { "vulnerability": "VCID-7n9k-74nf-ayah" }, { "vulnerability": "VCID-7rsk-suge-a7b4" }, { "vulnerability": "VCID-8jp7-e281-tqha" }, { "vulnerability": "VCID-8yq8-wp1b-p7gt" }, { "vulnerability": "VCID-9cv8-xnmm-cyh8" }, { "vulnerability": "VCID-9kyr-nxjs-xkaw" }, { "vulnerability": "VCID-afjh-h9hy-u7dz" }, { "vulnerability": "VCID-atg1-qx5q-hfdu" }, { "vulnerability": "VCID-bkse-muh9-t7a8" }, { "vulnerability": "VCID-e2b4-vjgq-sbdq" }, { "vulnerability": "VCID-fb3p-pr3k-wbhj" }, { "vulnerability": "VCID-fj5p-xkmp-vken" }, { "vulnerability": "VCID-gec9-c1be-dkba" }, { "vulnerability": "VCID-gx57-3mtp-hqdh" }, { "vulnerability": "VCID-hxfw-6htj-wkhg" }, { "vulnerability": "VCID-j1a6-7vhx-sbh7" }, { "vulnerability": "VCID-j358-djx5-8qdw" }, { "vulnerability": "VCID-mnnu-hrtz-uyeg" }, { "vulnerability": "VCID-mtrk-m8jm-gyfg" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-t156-69p4-s7gu" }, { "vulnerability": "VCID-usyw-3jt1-xyez" }, { "vulnerability": "VCID-wc2t-bbf1-mua5" }, { "vulnerability": "VCID-x9ky-gfg3-hfen" }, { "vulnerability": "VCID-xmpf-4zxw-dybe" }, { "vulnerability": "VCID-xt8n-4rnc-b7fs" }, { "vulnerability": "VCID-zx6s-p6p1-z7ft" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6" } ], "aliases": [ "CVE-2019-10197" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ss54-ft8h-rufv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100690?format=api", "vulnerability_id": "VCID-tbhp-xkw4-hucg", "summary": "A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer. An authenticated attacker could use this flaw to crash a samba server in an Active Directory Domain Controller configuration. Samba versions before 4.7.9 and 4.8.4 are vulnerable.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10918.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10918.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10918", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04739", "scoring_system": "epss", "scoring_elements": "0.89599", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04739", "scoring_system": "epss", "scoring_elements": "0.89616", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.04739", "scoring_system": "epss", "scoring_elements": "0.89614", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10918" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610640", "reference_id": "1610640", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610640" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" }, { "reference_url": "https://usn.ubuntu.com/3738-1/", "reference_id": "USN-3738-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3738-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-10918" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tbhp-xkw4-hucg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75220?format=api", "vulnerability_id": "VCID-vutz-f18f-z7a2", "summary": "A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3824.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3824.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3824", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07704", "scoring_system": "epss", "scoring_elements": "0.92063", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.07704", "scoring_system": "epss", "scoring_elements": "0.92076", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.07704", "scoring_system": "epss", "scoring_elements": "0.92073", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.07704", "scoring_system": "epss", "scoring_elements": "0.92072", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3824" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3824" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671845", "reference_id": "1671845", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671845" }, { "reference_url": "https://usn.ubuntu.com/3895-1/", "reference_id": "USN-3895-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3895-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2019-3824" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vutz-f18f-z7a2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72442?format=api", "vulnerability_id": "VCID-yxjb-u3xu-9kcc", "summary": "A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket for that principal.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16860.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16860.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16860", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01169", "scoring_system": "epss", "scoring_elements": "0.78998", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01169", "scoring_system": "epss", "scoring_elements": "0.79025", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01169", "scoring_system": "epss", "scoring_elements": "0.79009", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01169", "scoring_system": "epss", "scoring_elements": "0.79031", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01169", "scoring_system": "epss", "scoring_elements": "0.79022", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12098", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12098" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705877", "reference_id": "1705877", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705877" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928966", "reference_id": "928966", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928966" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" }, { "reference_url": "https://usn.ubuntu.com/3976-1/", "reference_id": "USN-3976-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3976-1/" }, { "reference_url": "https://usn.ubuntu.com/3976-2/", "reference_id": "USN-3976-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3976-2/" }, { "reference_url": "https://usn.ubuntu.com/5675-1/", "reference_id": "USN-5675-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5675-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5042?format=api", "purl": "pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1drk-e3vx-wbe8" }, { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-26vq-jj49-byez" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-35qh-y7xf-nkdn" }, { "vulnerability": "VCID-3ddh-cm8f-nuf2" }, { "vulnerability": "VCID-44hn-cr8c-akft" }, { "vulnerability": "VCID-53zv-2nms-e3da" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-5uh7-w6s9-47gr" }, { "vulnerability": "VCID-688u-s2a3-8fha" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-92g2-se8k-ybh5" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-ddag-h7en-efed" }, { "vulnerability": "VCID-dtxj-7cam-x3g9" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-e45f-ty2v-g7g8" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-jeut-pn1j-gfg6" }, { "vulnerability": "VCID-jmm9-r3u7-zufe" }, { "vulnerability": "VCID-jnby-fw2x-xyf4" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mktu-yt4c-tkfq" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-nazc-kauc-rqb6" }, { "vulnerability": "VCID-nhvj-h5wu-xfgy" }, { "vulnerability": "VCID-njb3-9hmh-s3cg" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-sg5x-7v6b-ffgk" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-tbhp-xkw4-hucg" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-vutz-f18f-z7a2" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" }, { "vulnerability": "VCID-yxjb-u3xu-9kcc" }, { "vulnerability": "VCID-zcfp-hhne-tuf2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-16860" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yxjb-u3xu-9kcc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100695?format=api", "vulnerability_id": "VCID-zcfp-hhne-tuf2", "summary": "A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used as a Active Directory Domain Controller. All versions of Samba from 4.8.0 onwards are vulnerable", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1140.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1140.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1140", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14432", "scoring_system": "epss", "scoring_elements": "0.94554", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.14432", "scoring_system": "epss", "scoring_elements": "0.94563", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.14432", "scoring_system": "epss", "scoring_elements": "0.94564", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.14432", "scoring_system": "epss", "scoring_elements": "0.94566", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1140" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580230", "reference_id": "1580230", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580230" }, { "reference_url": "https://security.gentoo.org/glsa/202003-52", "reference_id": "GLSA-202003-52", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-52" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5394?format=api", "purl": "pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yzz-fu2r-rqgy" }, { "vulnerability": "VCID-2f2r-y1tw-pyeq" }, { "vulnerability": "VCID-5e5h-6dg4-ryd4" }, { "vulnerability": "VCID-5tub-1spq-b7c7" }, { "vulnerability": "VCID-76dk-atu1-ebbm" }, { "vulnerability": "VCID-7q6r-9cgn-5kfp" }, { "vulnerability": "VCID-8yhb-ghew-b3bw" }, { "vulnerability": "VCID-8ztz-2n8a-gqbm" }, { "vulnerability": "VCID-95dq-xd5m-judz" }, { "vulnerability": "VCID-9bk5-pgap-1khn" }, { "vulnerability": "VCID-aza7-wkqb-m7h1" }, { "vulnerability": "VCID-b843-h976-aqhr" }, { "vulnerability": "VCID-bykg-wucu-duay" }, { "vulnerability": "VCID-d4jx-h2cx-kbf3" }, { "vulnerability": "VCID-dzyk-akhc-t7d2" }, { "vulnerability": "VCID-f93g-v8t6-wyf3" }, { "vulnerability": "VCID-gg9p-kzw8-23bq" }, { "vulnerability": "VCID-hkb3-h17f-bbfc" }, { "vulnerability": "VCID-ksss-h1p9-mbaz" }, { "vulnerability": "VCID-kwqt-87ga-1bbn" }, { "vulnerability": "VCID-m1qp-m1d3-nbgw" }, { "vulnerability": "VCID-m8f3-3jf6-2bdy" }, { "vulnerability": "VCID-mxk6-6rwy-hfa3" }, { "vulnerability": "VCID-np9m-wq3n-j7cq" }, { "vulnerability": "VCID-prhs-c1gk-97hj" }, { "vulnerability": "VCID-pzrp-6xtn-37db" }, { "vulnerability": "VCID-q5hu-u9th-33e7" }, { "vulnerability": "VCID-qn5w-t24w-xye5" }, { "vulnerability": "VCID-qsns-qxxn-1ygq" }, { "vulnerability": "VCID-qtcs-hz4a-97fy" }, { "vulnerability": "VCID-r3n1-q8uv-cfbb" }, { "vulnerability": "VCID-r7zv-4yyc-mqeu" }, { "vulnerability": "VCID-rmda-jcc9-2bam" }, { "vulnerability": "VCID-rsz9-y661-qfce" }, { "vulnerability": "VCID-ss54-ft8h-rufv" }, { "vulnerability": "VCID-ssh4-ukvg-5fej" }, { "vulnerability": "VCID-t35b-ur7m-vqeu" }, { "vulnerability": "VCID-u4fr-s35u-8khu" }, { "vulnerability": "VCID-uwmy-xe5s-yubn" }, { "vulnerability": "VCID-uyuw-v56z-93ez" }, { "vulnerability": "VCID-vrxh-bq3q-xudq" }, { "vulnerability": "VCID-wc26-trz1-u7fv" }, { "vulnerability": "VCID-y3rv-fdkr-qyd2" }, { "vulnerability": "VCID-ytdy-akzb-a7e1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" } ], "aliases": [ "CVE-2018-1140" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zcfp-hhne-tuf2" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3" }