Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/571235?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "type": "deb", "namespace": "debian", "name": "krb5", "version": "1.10.1+dfsg-5+deb7u7", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.20.1-2+deb12u4", "latest_non_vulnerable_version": "1.20.1-2+deb12u4", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83637?format=api", "vulnerability_id": "VCID-2r88-c5e9-vffv", "summary": "krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5729.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5729.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5729", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22798", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22823", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22869", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22862", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22967", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.23011", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22803", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22877", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22929", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22948", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22911", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22854", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5729" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551083", "reference_id": "1551083", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551083" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869", "reference_id": "891869", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869" }, { "reference_url": "https://security.archlinux.org/ASA-201806-3", "reference_id": "ASA-201806-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-3" }, { "reference_url": "https://security.archlinux.org/AVG-586", "reference_id": "AVG-586", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3071", "reference_id": "RHSA-2018:3071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3071" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" } ], "aliases": [ "CVE-2018-5729" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2r88-c5e9-vffv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70395?format=api", "vulnerability_id": "VCID-3362-hawt-17ek", "summary": "krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3576.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3576.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3576", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46024", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46041", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46049", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46104", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.461", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46045", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46044", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.45992", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46048", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46046", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46069", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3576" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103525", "reference_id": "1103525", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103525" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359465", "reference_id": "2359465", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359465" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9", "reference_id": "cpe:/a:redhat:discovery:2::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-3576", "reference_id": "CVE-2025-3576", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-3576" }, { "reference_url": "https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html", "reference_id": "krb5-1.22.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11487", "reference_id": "RHSA-2025:11487", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:11487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13664", "reference_id": "RHSA-2025:13664", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13664" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13777", "reference_id": "RHSA-2025:13777", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13777" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15000", "reference_id": "RHSA-2025:15000", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15001", "reference_id": "RHSA-2025:15001", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15002", "reference_id": "RHSA-2025:15002", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15003", "reference_id": "RHSA-2025:15003", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15004", "reference_id": "RHSA-2025:15004", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8411", "reference_id": "RHSA-2025:8411", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8411" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9418", "reference_id": "RHSA-2025:9418", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9430", "reference_id": "RHSA-2025:9430", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9430" }, { "reference_url": "https://usn.ubuntu.com/7542-1/", "reference_id": "USN-7542-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7542-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1053265?format=api", "purl": "pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.20.1-2%252Bdeb12u4" } ], "aliases": [ "CVE-2025-3576" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3362-hawt-17ek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47300?format=api", "vulnerability_id": "VCID-3du2-evy8-jfa1", "summary": "Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42898.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42898.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42898", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08257", "scoring_system": "epss", "scoring_elements": "0.92245", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.9254", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92532", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92575", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92565", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92564", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92558", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92553", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92542", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187", "reference_id": "1024187", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024267", "reference_id": "1024267", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024267" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", "reference_id": "2140960", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960" }, { "reference_url": "https://web.mit.edu/kerberos/advisories/", "reference_id": "advisories", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://web.mit.edu/kerberos/advisories/" }, { "reference_url": "https://security.archlinux.org/AVG-2828", "reference_id": "AVG-2828", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2828" }, { "reference_url": "https://www.samba.org/samba/security/CVE-2022-42898.html", "reference_id": "CVE-2022-42898.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://www.samba.org/samba/security/CVE-2022-42898.html" }, { "reference_url": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", "reference_id": "ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583" }, { "reference_url": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", "reference_id": "GHSA-64mq-fvfj-5x3c", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://security.gentoo.org/glsa/202310-06", "reference_id": "GLSA-202310-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://security.gentoo.org/glsa/202310-06" }, { "reference_url": "https://security.gentoo.org/glsa/202405-11", "reference_id": "GLSA-202405-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-11" }, { "reference_url": "https://web.mit.edu/kerberos/krb5-1.19/", "reference_id": "krb5-1.19", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://web.mit.edu/kerberos/krb5-1.19/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230216-0008/", "reference_id": "ntap-20230216-0008", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230216-0008/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230223-0001/", "reference_id": "ntap-20230223-0001", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230223-0001/" }, { "reference_url": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", "reference_id": "README-1.20.1.txt", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8637", "reference_id": "RHSA-2022:8637", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8637" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8638", "reference_id": "RHSA-2022:8638", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8638" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8639", "reference_id": "RHSA-2022:8639", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8639" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8640", "reference_id": "RHSA-2022:8640", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8640" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8641", "reference_id": "RHSA-2022:8641", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8641" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8648", "reference_id": "RHSA-2022:8648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8662", "reference_id": "RHSA-2022:8662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8663", "reference_id": "RHSA-2022:8663", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8663" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8669", "reference_id": "RHSA-2022:8669", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9029", "reference_id": "RHSA-2022:9029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9029" }, { "reference_url": "https://bugzilla.samba.org/show_bug.cgi?id=15203", "reference_id": "show_bug.cgi?id=15203", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://bugzilla.samba.org/show_bug.cgi?id=15203" }, { "reference_url": "https://usn.ubuntu.com/5800-1/", "reference_id": "USN-5800-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5800-1/" }, { "reference_url": "https://usn.ubuntu.com/5822-1/", "reference_id": "USN-5822-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5822-1/" }, { "reference_url": "https://usn.ubuntu.com/5828-1/", "reference_id": "USN-5828-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5828-1/" }, { "reference_url": "https://usn.ubuntu.com/5936-1/", "reference_id": "USN-5936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5936-1/" }, { "reference_url": "https://usn.ubuntu.com/7582-1/", "reference_id": "USN-7582-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7582-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052296?format=api", "purl": "pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-khdw-3p5j-vya6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5" } ], "aliases": [ "CVE-2022-42898" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3du2-evy8-jfa1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49821?format=api", "vulnerability_id": "VCID-4e9j-8vtc-tbda", "summary": "A vulnerability has been found in MIT Kerberos 5, possibly\n resulting in arbitrary code execution or a Denial of Service condition.", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0477.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0477.html" }, { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8018", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8018" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140132.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140132.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151103.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151103.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00016.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00044.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00044.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5351.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5351.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5351", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57387", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57276", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57358", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57381", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57357", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57408", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57411", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57426", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57404", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57386", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57412", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57409", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5351" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201412-53.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201412-53.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97028", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97028" }, { "reference_url": "https://github.com/krb5/krb5/commit/af0ed4df4dfae762ab5fb605f5a0c8f59cb4f6ca", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/af0ed4df4dfae762ab5fb605f5a0c8f59cb4f6ca" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00040.html" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:224", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:224" }, { "reference_url": "http://www.securityfocus.com/bid/70380", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/70380" }, { "reference_url": "http://www.securitytracker.com/id/1031003", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031003" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2498-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2498-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1145425", "reference_id": "1145425", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1145425" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762479", "reference_id": "762479", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762479" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-5351", "reference_id": "CVE-2014-5351", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:P/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-5351" }, { "reference_url": "https://security.gentoo.org/glsa/201412-53", "reference_id": "GLSA-201412-53", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-53" }, { "reference_url": "https://usn.ubuntu.com/2498-1/", "reference_id": "USN-2498-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2498-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-5351" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4e9j-8vtc-tbda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86034?format=api", "vulnerability_id": "VCID-51sv-1nva-eqey", "summary": "krb5: NULL pointer dereference when using a ticket policy name as a password policy name", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0536.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0536.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155828.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155828.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00061.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00061.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0794.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0794.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5353.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5353.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5353", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00652", "scoring_system": "epss", "scoring_elements": "0.70902", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00652", "scoring_system": "epss", "scoring_elements": "0.70811", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00652", "scoring_system": "epss", "scoring_elements": "0.70825", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00652", "scoring_system": "epss", "scoring_elements": "0.70843", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00652", "scoring_system": "epss", "scoring_elements": "0.70818", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00652", "scoring_system": "epss", "scoring_elements": "0.70862", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00652", "scoring_system": "epss", "scoring_elements": "0.70878", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00652", "scoring_system": "epss", "scoring_elements": "0.70901", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00652", "scoring_system": "epss", "scoring_elements": "0.70885", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00652", "scoring_system": "epss", "scoring_elements": "0.7087", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00652", "scoring_system": "epss", "scoring_elements": "0.70916", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00652", "scoring_system": "epss", "scoring_elements": "0.70922", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5353" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5353" }, { "reference_url": "https://github.com/krb5/krb5/commit/d1f707024f1d0af6e54a18885322d70fa15ec4d3", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/d1f707024f1d0af6e54a18885322d70fa15ec4d3" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00040.html" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:009", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:009" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" }, { "reference_url": "http://www.securityfocus.com/bid/71679", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/71679" }, { "reference_url": "http://www.securitytracker.com/id/1031376", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031376" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2498-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2498-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1174543", "reference_id": "1174543", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1174543" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-5353", "reference_id": "CVE-2014-5353", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-5353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0794", "reference_id": "RHSA-2015:0794", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0794" }, { "reference_url": "https://usn.ubuntu.com/2498-1/", "reference_id": "USN-2498-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2498-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-5353" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-51sv-1nva-eqey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86033?format=api", "vulnerability_id": "VCID-5np7-5bb3-wbfx", "summary": "krb5: unauthenticated denial of service in recvauth_common() and others", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5355.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5355.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5355", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09423", "scoring_system": "epss", "scoring_elements": "0.92811", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.09423", "scoring_system": "epss", "scoring_elements": "0.92769", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09423", "scoring_system": "epss", "scoring_elements": "0.92776", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09423", "scoring_system": "epss", "scoring_elements": "0.92781", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.09423", "scoring_system": "epss", "scoring_elements": "0.92778", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09423", "scoring_system": "epss", "scoring_elements": "0.92787", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09423", "scoring_system": "epss", "scoring_elements": "0.92792", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09423", "scoring_system": "epss", "scoring_elements": "0.92796", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.09423", "scoring_system": "epss", "scoring_elements": "0.92795", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09423", "scoring_system": "epss", "scoring_elements": "0.92806", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.09423", "scoring_system": "epss", "scoring_elements": "0.92807", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5355" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1193939", "reference_id": "1193939", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1193939" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778647", "reference_id": "778647", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0794", "reference_id": "RHSA-2015:0794", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0794" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2154", "reference_id": "RHSA-2015:2154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2154" }, { "reference_url": "https://usn.ubuntu.com/2810-1/", "reference_id": "USN-2810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-5355" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5np7-5bb3-wbfx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57881?format=api", "vulnerability_id": "VCID-81qw-myh7-pbdj", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5352.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5352.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5352", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90152", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90096", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90098", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.9011", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90114", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.9013", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90136", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90145", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90144", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90139", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90156", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179856", "reference_id": "1179856", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0794", "reference_id": "RHSA-2015:0794", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0794" }, { "reference_url": "https://usn.ubuntu.com/2498-1/", "reference_id": "USN-2498-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2498-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-5352" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-81qw-myh7-pbdj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85000?format=api", "vulnerability_id": "VCID-8rxc-tf1r-wqgm", "summary": "krb5: S4U2Self KDC crash when anon is restricted", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8458", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8458" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00035.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00035.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2591.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2591.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3120.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3120.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3120", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.87089", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.87161", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.87145", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.8714", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.87157", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.87099", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.87117", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.8711", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.8713", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.87137", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03262", "scoring_system": "epss", "scoring_elements": "0.87151", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3120" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/93b4a6306a0026cf1cc31ac4bd8a49ba5d034ba7", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/93b4a6306a0026cf1cc31ac4bd8a49ba5d034ba7" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00040.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AWL3KYFRJIX37EAM4DKCQQIQP2WBKL35/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AWL3KYFRJIX37EAM4DKCQQIQP2WBKL35/" }, { "reference_url": "http://web.mit.edu/kerberos/krb5-1.13/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://web.mit.edu/kerberos/krb5-1.13/" }, { "reference_url": "http://web.mit.edu/kerberos/krb5-1.14/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://web.mit.edu/kerberos/krb5-1.14/" }, { "reference_url": "http://www.securityfocus.com/bid/92132", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/92132" }, { "reference_url": "http://www.securitytracker.com/id/1036442", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036442" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361050", "reference_id": "1361050", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361050" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832572", "reference_id": "832572", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832572" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3120", "reference_id": "CVE-2016-3120", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2591", "reference_id": "RHSA-2016:2591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2591" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2016-3120" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8rxc-tf1r-wqgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47298?format=api", "vulnerability_id": "VCID-8yk4-du7p-eue4", "summary": "Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36222.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36222.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36222", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06615", "scoring_system": "epss", "scoring_elements": "0.91209", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06615", "scoring_system": "epss", "scoring_elements": "0.91183", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06615", "scoring_system": "epss", "scoring_elements": "0.91182", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06615", "scoring_system": "epss", "scoring_elements": "0.91206", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.09227", "scoring_system": "epss", "scoring_elements": "0.92692", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09227", "scoring_system": "epss", "scoring_elements": "0.92696", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09227", "scoring_system": "epss", "scoring_elements": "0.92706", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09227", "scoring_system": "epss", "scoring_elements": "0.92711", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09227", "scoring_system": "epss", "scoring_elements": "0.92716", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.09227", "scoring_system": "epss", "scoring_elements": "0.92684", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09227", "scoring_system": "epss", "scoring_elements": "0.92698", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983720", "reference_id": "1983720", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983720" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991365", "reference_id": "991365", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991365" }, { "reference_url": "https://security.archlinux.org/AVG-2173", "reference_id": "AVG-2173", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2173" }, { "reference_url": "https://security.gentoo.org/glsa/202405-11", "reference_id": "GLSA-202405-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3576", "reference_id": "RHSA-2021:3576", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3576" }, { "reference_url": "https://usn.ubuntu.com/5959-1/", "reference_id": "USN-5959-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5959-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1052296?format=api", "purl": "pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-khdw-3p5j-vya6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5" } ], "aliases": [ "CVE-2021-36222" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8yk4-du7p-eue4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75052?format=api", "vulnerability_id": "VCID-97k8-xbsv-87da", "summary": "krb5: GSS message token handling", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37371.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37371.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-37371", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85652", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85621", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85635", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85632", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85628", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85651", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85656", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85568", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.85586", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.8559", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02606", "scoring_system": "epss", "scoring_elements": "0.8561", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-37371" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294676", "reference_id": "2294676", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294676" }, { "reference_url": "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "reference_id": "55fbf435edbe2e92dd8101669b1ce7144bc96fef", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:31:33Z/" } ], "url": "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef" }, { "reference_url": "https://web.mit.edu/kerberos/www/advisories/", "reference_id": "advisories", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:31:33Z/" } ], "url": "https://web.mit.edu/kerberos/www/advisories/" }, { "reference_url": "https://security.archlinux.org/AVG-2856", "reference_id": "AVG-2856", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10135", "reference_id": "RHSA-2024:10135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11109", "reference_id": "RHSA-2024:11109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4734", "reference_id": "RHSA-2024:4734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4743", "reference_id": "RHSA-2024:4743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5076", "reference_id": "RHSA-2024:5076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5312", "reference_id": "RHSA-2024:5312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5316", "reference_id": "RHSA-2024:5316", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5316" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5625", "reference_id": "RHSA-2024:5625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5630", "reference_id": "RHSA-2024:5630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5643", "reference_id": "RHSA-2024:5643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5643" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5884", "reference_id": "RHSA-2024:5884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6166", "reference_id": "RHSA-2024:6166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7213", "reference_id": "RHSA-2024:7213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7374", "reference_id": "RHSA-2024:7374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1671", "reference_id": "RHSA-2025:1671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1673", "reference_id": "RHSA-2025:1673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1673" }, { "reference_url": "https://usn.ubuntu.com/6947-1/", "reference_id": "USN-6947-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6947-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052296?format=api", "purl": "pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-khdw-3p5j-vya6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5" } ], "aliases": [ "CVE-2024-37371" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-97k8-xbsv-87da" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83636?format=api", "vulnerability_id": "VCID-985p-gnv3-mfd8", "summary": "krb5: DN container check bypass by supplying special crafted data", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5730.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5730.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5730", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62087", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62236", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62245", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62253", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62148", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62179", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62147", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62197", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62214", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62232", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62222", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62201", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5730" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551082", "reference_id": "1551082", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551082" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869", "reference_id": "891869", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869" }, { "reference_url": "https://security.archlinux.org/ASA-201806-3", "reference_id": "ASA-201806-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-3" }, { "reference_url": "https://security.archlinux.org/AVG-586", "reference_id": "AVG-586", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3071", "reference_id": "RHSA-2018:3071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3071" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" } ], "aliases": [ "CVE-2018-5730" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-985p-gnv3-mfd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49819?format=api", "vulnerability_id": "VCID-9d6t-z5dr-yqgy", "summary": "A vulnerability has been found in MIT Kerberos 5, possibly\n resulting in arbitrary code execution or a Denial of Service condition.", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0345.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0345.html" }, { "reference_url": "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc" }, { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7969", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7969" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4343.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4343.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4343", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91744", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91687", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91695", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91701", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91709", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91721", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91728", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91731", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91733", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91729", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91749", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91742", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345" }, { "reference_url": "http://secunia.com/advisories/59102", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59102" }, { "reference_url": "http://secunia.com/advisories/60082", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60082" }, { "reference_url": "http://secunia.com/advisories/60448", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60448" }, { "reference_url": "http://secunia.com/advisories/61052", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61052" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201412-53.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201412-53.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95211", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95211" }, { "reference_url": "https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f" }, { "reference_url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15553.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15553.html" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3000", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3000" }, { "reference_url": "http://www.osvdb.org/109390", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/109390" }, { "reference_url": "http://www.securityfocus.com/bid/69159", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/69159" }, { "reference_url": "http://www.securitytracker.com/id/1030706", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1030706" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121876", "reference_id": "1121876", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121876" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755520", "reference_id": "755520", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755520" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4343", "reference_id": "CVE-2014-4343", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4343" }, { "reference_url": "https://security.gentoo.org/glsa/201412-53", "reference_id": "GLSA-201412-53", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-53" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1389", "reference_id": "RHSA-2014:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://usn.ubuntu.com/2310-1/", "reference_id": "USN-2310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-4343" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9d6t-z5dr-yqgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84179?format=api", "vulnerability_id": "VCID-9hyk-mdvc-1baq", "summary": "krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11368.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11368.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11368", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71555", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71622", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.7161", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71591", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71636", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71641", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71561", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71578", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71551", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71592", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71602", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71625", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11368" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11368", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11368" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:C" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473560", "reference_id": "1473560", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473560" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869260", "reference_id": "869260", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869260" }, { "reference_url": "https://security.archlinux.org/ASA-201710-8", "reference_id": "ASA-201710-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-8" }, { "reference_url": "https://security.archlinux.org/AVG-414", "reference_id": "AVG-414", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-414" }, { "reference_url": "https://security.archlinux.org/AVG-436", "reference_id": "AVG-436", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0666", "reference_id": "RHSA-2018:0666", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0666" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" } ], "aliases": [ "CVE-2017-11368" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9hyk-mdvc-1baq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89405?format=api", "vulnerability_id": "VCID-a9bp-26kx-p7cb", "summary": "security flaw", "references": [ { "reference_url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0971.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0971.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0971", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28961", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29049", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29127", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29177", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28987", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29052", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29094", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29099", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29055", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29005", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29029", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29006", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0971" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0971", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0971" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583" }, { "reference_url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497" }, { "reference_url": "http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2005-012.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2005-012.html" }, { "reference_url": "http://www.securityfocus.com/bid/11289", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/11289" }, { "reference_url": "http://www.trustix.org/errata/2004/0050", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.trustix.org/errata/2004/0050" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617336", "reference_id": "1617336", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617336" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278271", "reference_id": "278271", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278271" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0971", "reference_id": "CVE-2004-0971", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:012", "reference_id": "RHSA-2005:012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:012" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2004-0971" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a9bp-26kx-p7cb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51591?format=api", "vulnerability_id": "VCID-bnpa-8svd-jyct", "summary": "Multiple vulnerabilities have been discovered in MIT Kerberos 5,\n the worst of which may allow remote attackers to cause Denial of Service.", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8252", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8252" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2697.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2697.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2697", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.91048", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.9105", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.90974", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.9098", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.90989", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.90999", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.91011", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.91017", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.91025", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2697" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/f0c094a1b745d91ef2f9a4eae2149aac026a5789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/f0c094a1b745d91ef2f9a4eae2149aac026a5789" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3395", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3395" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "reference_url": "http://www.securityfocus.com/bid/77581", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/77581" }, { "reference_url": "http://www.securitytracker.com/id/1034084", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034084" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2810-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2810-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275863", "reference_id": "1275863", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275863" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803088", "reference_id": "803088", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803088" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2697", "reference_id": "CVE-2015-2697", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2697" }, { "reference_url": "https://security.gentoo.org/glsa/201611-14", "reference_id": "GLSA-201611-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-14" }, { "reference_url": "https://usn.ubuntu.com/2810-1/", "reference_id": "USN-2810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035813?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-2697" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bnpa-8svd-jyct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47301?format=api", "vulnerability_id": "VCID-bwpn-qxzd-43g8", "summary": "Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36054.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36054.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-36054", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00648", "scoring_system": "epss", "scoring_elements": "0.70806", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78146", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78185", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78191", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78217", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78199", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78196", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78227", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78226", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78176", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78158", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-36054" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36054", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36054" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043431", "reference_id": "1043431", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043431" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230178", "reference_id": "2230178", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230178" }, { "reference_url": "https://web.mit.edu/kerberos/www/advisories/", "reference_id": "advisories", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/" } ], "url": "https://web.mit.edu/kerberos/www/advisories/" }, { "reference_url": "https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd", "reference_id": "ef08b09c9459551aabbe7924fb176f1583053cdd", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/" } ], "url": "https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd" }, { "reference_url": "https://security.gentoo.org/glsa/202405-11", "reference_id": "GLSA-202405-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-11" }, { "reference_url": "https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final", "reference_id": "krb5-1.20.1-final...krb5-1.20.2-final", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/" } ], "url": "https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final" }, { "reference_url": "https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final", "reference_id": "krb5-1.21-final...krb5-1.21.1-final", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/" } ], "url": "https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html", "reference_id": "msg00031.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230908-0004/", "reference_id": "ntap-20230908-0004", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230908-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6699", "reference_id": "RHSA-2023:6699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6699" }, { "reference_url": "https://usn.ubuntu.com/6467-1/", "reference_id": "USN-6467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6467-1/" }, { "reference_url": "https://usn.ubuntu.com/6467-2/", "reference_id": "USN-6467-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6467-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052296?format=api", "purl": "pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-khdw-3p5j-vya6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5" } ], "aliases": [ "CVE-2023-36054" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bwpn-qxzd-43g8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85460?format=api", "vulnerability_id": "VCID-caxe-5ejt-ffgy", "summary": "krb5: IAKERB context export/import", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8273", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8273" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00116.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00116.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00124.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00124.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2698.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2698.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2698", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75185", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75098", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.751", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75129", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75106", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75141", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75153", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75174", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00867", "scoring_system": "epss", "scoring_elements": "0.75178", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2698" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2698", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2698" }, { "reference_url": "https://github.com/krb5/krb5/commit/3db8dfec1ef50ddd78d6ba9503185995876a39fd", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/3db8dfec1ef50ddd78d6ba9503185995876a39fd" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2810-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2810-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1278951", "reference_id": "1278951", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1278951" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2698", "reference_id": "CVE-2015-2698", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2698" }, { "reference_url": "https://usn.ubuntu.com/2810-1/", "reference_id": "USN-2810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-2698" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-caxe-5ejt-ffgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57846?format=api", "vulnerability_id": "VCID-d1a1-yfu1-kuaz", "summary": "security update", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0345.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0345.html" }, { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4342.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4342.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4342", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.92182", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.9218", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.92138", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.92145", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.92151", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.92155", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.92166", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.92169", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.92174", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.9217", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345" }, { "reference_url": "http://secunia.com/advisories/59102", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59102" }, { "reference_url": "http://secunia.com/advisories/60082", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60082" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94903" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3000", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3000" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "reference_url": "http://www.securityfocus.com/bid/68908", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/68908" }, { "reference_url": "http://www.securitytracker.com/id/1030706", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1030706" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120581", "reference_id": "1120581", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120581" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753625", "reference_id": "753625", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753625" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.10.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos:5-1.10.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.10.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.10.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos:5-1.10.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.10.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.10.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos:5-1.10.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.10.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.8:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos:5-1.8:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.8:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4342", "reference_id": "CVE-2014-4342", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1389", "reference_id": "RHSA-2014:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://usn.ubuntu.com/2310-1/", "reference_id": "USN-2310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-4342" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d1a1-yfu1-kuaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86046?format=api", "vulnerability_id": "VCID-dzr3-ncxx-jkck", "summary": "krb5: NULL pointer dereference when using keyless entries", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00061.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00061.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5354.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5354.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5354", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.6768", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67557", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67593", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67614", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67645", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67659", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67682", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67666", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67634", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67668", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5354" }, { "reference_url": "https://github.com/krb5/krb5/commit/04038bf3633c4b909b5ded3072dc88c8c419bf16", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/04038bf3633c4b909b5ded3072dc88c8c419bf16" }, { "reference_url": "http://www.securityfocus.com/bid/71680", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/71680" }, { "reference_url": "http://www.securitytracker.com/id/1031376", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031376" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2498-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2498-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1174546", "reference_id": "1174546", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1174546" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773228", "reference_id": "773228", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773228" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5_1.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos:5_1.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5_1.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-5354", "reference_id": "CVE-2014-5354", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-5354" }, { "reference_url": "https://usn.ubuntu.com/2498-1/", "reference_id": "USN-2498-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2498-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-5354" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dzr3-ncxx-jkck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82970?format=api", "vulnerability_id": "VCID-fd9s-vn5s-gud6", "summary": "krb5: Reachable assertion in the KDC using S4U2Self requests", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20217.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.85004", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.84984", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.85005", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02377", "scoring_system": "epss", "scoring_elements": "0.85007", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02665", "scoring_system": "epss", "scoring_elements": "0.85735", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02665", "scoring_system": "epss", "scoring_elements": "0.85754", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02665", "scoring_system": "epss", "scoring_elements": "0.8576", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02665", "scoring_system": "epss", "scoring_elements": "0.85779", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02665", "scoring_system": "epss", "scoring_elements": "0.8579", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02665", "scoring_system": "epss", "scoring_elements": "0.85805", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02665", "scoring_system": "epss", "scoring_elements": "0.85801", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02665", "scoring_system": "epss", "scoring_elements": "0.85723", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190416-0006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190416-0006/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665296", "reference_id": "1665296", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665296" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917387", "reference_id": "917387", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917387" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20217", "reference_id": "CVE-2018-20217", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20217" }, { "reference_url": "https://usn.ubuntu.com/5828-1/", "reference_id": "USN-5828-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5828-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" } ], "aliases": [ "CVE-2018-20217" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fd9s-vn5s-gud6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62177?format=api", "vulnerability_id": "VCID-fg2w-sjkb-ebgb", "summary": "security update", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8341", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8341" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00059.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00059.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0493.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0493.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0532.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0532.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8629.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8629.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8629", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81797", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81793", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81794", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81692", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81702", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81725", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81723", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.8175", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81754", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81773", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81761", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81756", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/df17a1224a3406f57477bcd372c61e04c0e5a5bb", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/df17a1224a3406f57477bcd372c61e04c0e5a5bb" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3466", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3466" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securityfocus.com/bid/82801", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/82801" }, { "reference_url": "http://www.securitytracker.com/id/1034914", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034914" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302617", "reference_id": "1302617", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302617" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813296", "reference_id": "813296", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813296" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8629", "reference_id": "CVE-2015-8629", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0493", "reference_id": "RHSA-2016:0493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0532", "reference_id": "RHSA-2016:0532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0532" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035813?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-8629" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fg2w-sjkb-ebgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49487?format=api", "vulnerability_id": "VCID-h9q8-x3n3-6qdn", "summary": "A vulnerability in MIT Kerberos 5 could lead to a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28196.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28196.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28196", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79705", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79702", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79624", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79696", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79675", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79631", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79653", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79639", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79668", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79701", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.79673", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01293", "scoring_system": "epss", "scoring_elements": "0.7968", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28196" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901041", "reference_id": "1901041", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901041" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45KKOZQWIIIW5C45PJVGQ32AXBSYNBE7/", "reference_id": "45KKOZQWIIIW5C45PJVGQ32AXBSYNBE7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45KKOZQWIIIW5C45PJVGQ32AXBSYNBE7/" }, { "reference_url": "https://github.com/krb5/krb5/commit/57415dda6cf04e73ffc3723be518eddfae599bfd", "reference_id": "57415dda6cf04e73ffc3723be518eddfae599bfd", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/" } ], "url": "https://github.com/krb5/krb5/commit/57415dda6cf04e73ffc3723be518eddfae599bfd" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/73IGOG6CZAVMVNS4GGRMOLOZ7B6QVA7F/", "reference_id": "73IGOG6CZAVMVNS4GGRMOLOZ7B6QVA7F", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/73IGOG6CZAVMVNS4GGRMOLOZ7B6QVA7F/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973880", "reference_id": "973880", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973880" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4795", "reference_id": "dsa-4795", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/" } ], "url": "https://www.debian.org/security/2020/dsa-4795" }, { "reference_url": "https://security.gentoo.org/glsa/202011-17", "reference_id": "GLSA-202011-17", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/" } ], "url": "https://security.gentoo.org/glsa/202011-17" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPH2V3WSQTELROZK3GFCPQDOFLKIZ6H5/", "reference_id": "KPH2V3WSQTELROZK3GFCPQDOFLKIZ6H5", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPH2V3WSQTELROZK3GFCPQDOFLKIZ6H5/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20201202-0001/", "reference_id": "ntap-20201202-0001", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20201202-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1593", "reference_id": "RHSA-2021:1593", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1593" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2239", "reference_id": "RHSA-2021:2239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2239" }, { "reference_url": "https://usn.ubuntu.com/4635-1/", "reference_id": "USN-4635-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4635-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1052296?format=api", "purl": "pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-khdw-3p5j-vya6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5" } ], "aliases": [ "CVE-2020-28196" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h9q8-x3n3-6qdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85694?format=api", "vulnerability_id": "VCID-j6tv-fz95-3kb8", "summary": "krb5: issues in OTP and PKINIT kdcpreauth modules leading to requires_preauth bypass", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2694.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2694.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2694", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75463", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75465", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75497", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75477", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75519", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75529", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75548", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75527", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75517", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.7556", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75566", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0089", "scoring_system": "epss", "scoring_elements": "0.75552", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2694" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2694", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2694" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216133", "reference_id": "1216133", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216133" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783557", "reference_id": "783557", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783557" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2154", "reference_id": "RHSA-2015:2154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2154" }, { "reference_url": "https://usn.ubuntu.com/2810-1/", "reference_id": "USN-2810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-2694" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j6tv-fz95-3kb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57885?format=api", "vulnerability_id": "VCID-jask-8b2h-p3h8", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9423.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9423.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9423", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81386", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81283", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81292", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81314", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81313", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81342", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81347", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81368", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81353", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81345", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81383", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81385", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9423" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179863", "reference_id": "1179863", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://usn.ubuntu.com/2498-1/", "reference_id": "USN-2498-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2498-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-9423" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jask-8b2h-p3h8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41396?format=api", "vulnerability_id": "VCID-ka4c-q3hq-6fe3", "summary": "Multiple vulnerabilities have been discovered in MIT Kerberos 5,\n allowing execution of arbitrary code or Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1418.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1418.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1418", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07674", "scoring_system": "epss", "scoring_elements": "0.91863", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07674", "scoring_system": "epss", "scoring_elements": "0.91872", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07674", "scoring_system": "epss", "scoring_elements": "0.91879", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07674", "scoring_system": "epss", "scoring_elements": "0.91886", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07674", "scoring_system": "epss", "scoring_elements": "0.91898", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07674", "scoring_system": "epss", "scoring_elements": "0.91904", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07674", "scoring_system": "epss", "scoring_elements": "0.91907", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07674", "scoring_system": "epss", "scoring_elements": "0.91903", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07674", "scoring_system": "epss", "scoring_elements": "0.91922", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07674", "scoring_system": "epss", "scoring_elements": "0.91919", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.07674", "scoring_system": "epss", "scoring_elements": "0.91915", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1418" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1418", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1418" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1026942", "reference_id": "1026942", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1026942" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728845", "reference_id": "728845", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728845" }, { "reference_url": "https://security.gentoo.org/glsa/201312-12", "reference_id": "GLSA-201312-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1245", "reference_id": "RHSA-2014:1245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1389", "reference_id": "RHSA-2014:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1389" }, { "reference_url": "https://usn.ubuntu.com/2310-1/", "reference_id": "USN-2310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2013-1418" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ka4c-q3hq-6fe3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77777?format=api", "vulnerability_id": "VCID-khdw-3p5j-vya6", "summary": "krb5: overflow when calculating ulog block size", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24528.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24528.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24528", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42933", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42916", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42948", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42983", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42931", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42991", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42978", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.4296", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42898", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24528" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094730", "reference_id": "1094730", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094730" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342796", "reference_id": "2342796", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342796" }, { "reference_url": "https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0", "reference_id": "78ceba024b64d49612375be4a12d1c066b0bfbd0", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-16T17:39:31Z/" } ], "url": "https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0" }, { "reference_url": "https://github.com/krb5/krb5/compare/krb5-1.21.3-final...krb5-1.22-final", "reference_id": "krb5-1.21.3-final...krb5-1.22-final", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-16T17:39:31Z/" } ], "url": "https://github.com/krb5/krb5/compare/krb5-1.21.3-final...krb5-1.22-final" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1352", "reference_id": "RHSA-2025:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2722", "reference_id": "RHSA-2025:2722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2789", "reference_id": "RHSA-2025:2789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7067", "reference_id": "RHSA-2025:7067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8385", "reference_id": "RHSA-2025:8385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8385" }, { "reference_url": "https://usn.ubuntu.com/7314-1/", "reference_id": "USN-7314-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7314-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1053265?format=api", "purl": "pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.20.1-2%252Bdeb12u4" } ], "aliases": [ "CVE-2025-24528" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-khdw-3p5j-vya6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57883?format=api", "vulnerability_id": "VCID-ktam-mx9t-jqa2", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9422.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9422.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9422", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73987", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73896", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73906", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.7393", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73901", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73935", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73948", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73971", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73953", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73945", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73986", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73995", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179861", "reference_id": "1179861", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0794", "reference_id": "RHSA-2015:0794", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0794" }, { "reference_url": "https://usn.ubuntu.com/2498-1/", "reference_id": "USN-2498-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2498-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-9422" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ktam-mx9t-jqa2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51590?format=api", "vulnerability_id": "VCID-q2tg-s1kk-4bhc", "summary": "Multiple vulnerabilities have been discovered in MIT Kerberos 5,\n the worst of which may allow remote attackers to cause Denial of Service.", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2696.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2696.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2696", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92259", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92258", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92212", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92219", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92225", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92228", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92239", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92243", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92248", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92246", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2696" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/e04f0283516e80d2f93366e0d479d13c9b5c8c2a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/e04f0283516e80d2f93366e0d479d13c9b5c8c2a" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3395", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3395" }, { "reference_url": "http://www.securityfocus.com/bid/90675", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90675" }, { "reference_url": "http://www.securitytracker.com/id/1034084", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034084" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2810-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2810-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275869", "reference_id": "1275869", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275869" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803084", "reference_id": "803084", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803084" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2696", "reference_id": "CVE-2015-2696", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2696" }, { "reference_url": "https://security.gentoo.org/glsa/201611-14", "reference_id": "GLSA-201611-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-14" }, { "reference_url": "https://usn.ubuntu.com/2810-1/", "reference_id": "USN-2810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035813?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-2696" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q2tg-s1kk-4bhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84016?format=api", "vulnerability_id": "VCID-qcva-cb6c-wyds", "summary": "krb5: Automatic sec context deletion could lead to double-free", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8598", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8598" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11462.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11462.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11462", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77528", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77621", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.7758", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77607", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77591", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.7759", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77628", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77626", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77533", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77559", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77541", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01055", "scoring_system": "epss", "scoring_elements": "0.77571", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11462" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11462", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11462" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/56f7b1bc95a2a3eeb420e069e7655fb181ade5cf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/56f7b1bc95a2a3eeb420e069e7655fb181ade5cf" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2FPRUP4YVOEBGEROUYWZFEQ64HTMGNED/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2FPRUP4YVOEBGEROUYWZFEQ64HTMGNED/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488873", "reference_id": "1488873", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488873" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873563", "reference_id": "873563", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873563" }, { "reference_url": "https://security.archlinux.org/ASA-201710-8", "reference_id": "ASA-201710-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-8" }, { "reference_url": "https://security.archlinux.org/ASA-201710-9", "reference_id": "ASA-201710-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-9" }, { "reference_url": "https://security.archlinux.org/AVG-414", "reference_id": "AVG-414", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-414" }, { "reference_url": "https://security.archlinux.org/AVG-415", "reference_id": "AVG-415", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-415" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.15.1:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.15.1:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.15.1:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11462", "reference_id": "CVE-2017-11462", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11462" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" } ], "aliases": [ "CVE-2017-11462" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qcva-cb6c-wyds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41391?format=api", "vulnerability_id": "VCID-qzt5-fxf1-huff", "summary": "Multiple vulnerabilities have been discovered in MIT Kerberos 5,\n allowing execution of arbitrary code or Denial of Service.", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105879.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105879.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105978.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105978.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106698.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106698.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-07/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-07/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-07/msg00007.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0942.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0942.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-2443.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-2443.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-2443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94589", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.9453", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94538", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94545", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94548", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94558", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94562", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94565", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94568", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94581", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94585", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-2443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443" }, { "reference_url": "https://github.com/krb5/krb5/commit/cf1a0c411b2668c57c41e9c4efd15ba17b6b322c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/cf1a0c411b2668c57c41e9c4efd15ba17b6b322c" }, { "reference_url": "http://www.debian.org/security/2013/dsa-2701", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2013/dsa-2701" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:166", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:166" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2810-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2810-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708267", "reference_id": "708267", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708267" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=962531", "reference_id": "962531", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=962531" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2002-2443", "reference_id": "CVE-2002-2443", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-2443" }, { "reference_url": "https://security.gentoo.org/glsa/201312-12", "reference_id": "GLSA-201312-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0942", "reference_id": "RHSA-2013:0942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0942" }, { "reference_url": "https://usn.ubuntu.com/2810-1/", "reference_id": "USN-2810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2002-2443" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qzt5-fxf1-huff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83860?format=api", "vulnerability_id": "VCID-r1wa-3gtw-1qey", "summary": "krb5: Buffer overflow in get_matching_data()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15088.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15088.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15088", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03704", "scoring_system": "epss", "scoring_elements": "0.87972", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03704", "scoring_system": "epss", "scoring_elements": "0.8793", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03704", "scoring_system": "epss", "scoring_elements": "0.8795", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03704", "scoring_system": "epss", "scoring_elements": "0.87957", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03704", "scoring_system": "epss", "scoring_elements": "0.87968", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03704", "scoring_system": "epss", "scoring_elements": "0.8796", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03704", "scoring_system": "epss", "scoring_elements": "0.87959", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03704", "scoring_system": "epss", "scoring_elements": "0.87973", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0399", "scoring_system": "epss", "scoring_elements": "0.88356", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0399", "scoring_system": "epss", "scoring_elements": "0.88364", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0399", "scoring_system": "epss", "scoring_elements": "0.88379", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15088" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15088", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15088" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:C/I:C/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4" }, { "reference_url": "https://github.com/krb5/krb5/pull/707", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/pull/707" }, { "reference_url": "http://www.securityfocus.com/bid/101594", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101594" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504045", "reference_id": "1504045", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504045" }, { "reference_url": "https://security.archlinux.org/AVG-505", "reference_id": "AVG-505", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-505" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15088", "reference_id": "CVE-2017-15088", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15088" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" } ], "aliases": [ "CVE-2017-15088" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r1wa-3gtw-1qey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49818?format=api", "vulnerability_id": "VCID-rmt9-dmmb-kkec", "summary": "A vulnerability has been found in MIT Kerberos 5, possibly\n resulting in arbitrary code execution or a Denial of Service condition.", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0345.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0345.html" }, { "reference_url": "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc" }, { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4341.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4341.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4341", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94458", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94454", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94396", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94403", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94415", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94417", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94427", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.9443", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94433", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94435", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.9445", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345" }, { "reference_url": "http://secunia.com/advisories/59102", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59102" }, { "reference_url": "http://secunia.com/advisories/60082", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60082" }, { "reference_url": "http://secunia.com/advisories/60448", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60448" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201412-53.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201412-53.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94904" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3000", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3000" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165" }, { "reference_url": "http://www.securityfocus.com/bid/68909", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/68909" }, { "reference_url": "http://www.securitytracker.com/id/1030706", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1030706" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1116180", "reference_id": "1116180", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1116180" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753624", "reference_id": "753624", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753624" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4341", "reference_id": "CVE-2014-4341", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4341" }, { "reference_url": "https://security.gentoo.org/glsa/201412-53", "reference_id": "GLSA-201412-53", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-53" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1245", "reference_id": "RHSA-2014:1245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1389", "reference_id": "RHSA-2014:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://usn.ubuntu.com/2310-1/", "reference_id": "USN-2310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-4341" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rmt9-dmmb-kkec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51589?format=api", "vulnerability_id": "VCID-rpxk-f19y-87dq", "summary": "Multiple vulnerabilities have been discovered in MIT Kerberos 5,\n the worst of which may allow remote attackers to cause Denial of Service.", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2695.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2695.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2695", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90135", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90138", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90078", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90081", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90093", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90097", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90113", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90119", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90128", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90126", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90121", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2695" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/b51b33f2bc5d1497ddf5bd107f791c101695000d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/b51b33f2bc5d1497ddf5bd107f791c101695000d" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3395", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3395" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "reference_url": "http://www.securityfocus.com/bid/90687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90687" }, { "reference_url": "http://www.securitytracker.com/id/1034084", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034084" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2810-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2810-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275871", "reference_id": "1275871", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275871" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803083", "reference_id": "803083", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803083" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2695", "reference_id": "CVE-2015-2695", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2695" }, { "reference_url": "https://security.gentoo.org/glsa/201611-14", "reference_id": "GLSA-201611-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-14" }, { "reference_url": "https://usn.ubuntu.com/2810-1/", "reference_id": "USN-2810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035813?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-2695" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rpxk-f19y-87dq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62179?format=api", "vulnerability_id": "VCID-sgnn-emh7-kqgh", "summary": "security update", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8343", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8343" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00059.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00059.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0493.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0493.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0532.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0532.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8631.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8631.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8631", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84481", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84478", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84479", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84384", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84399", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84419", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84422", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84443", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84448", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84467", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84461", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84456", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/83ed75feba32e46f736fcce0d96a0445f29b96c2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/83ed75feba32e46f736fcce0d96a0445f29b96c2" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3466", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3466" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securitytracker.com/id/1034916", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034916" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302642", "reference_id": "1302642", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302642" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813126", "reference_id": "813126", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813126" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8631", "reference_id": "CVE-2015-8631", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0493", "reference_id": "RHSA-2016:0493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0532", "reference_id": "RHSA-2016:0532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0532" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035813?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-8631" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sgnn-emh7-kqgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41395?format=api", "vulnerability_id": "VCID-tsuu-f1qk-jygu", "summary": "Multiple vulnerabilities have been discovered in MIT Kerberos 5,\n allowing execution of arbitrary code or Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1417.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1417.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1417", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.67633", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.67669", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.6769", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.6767", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.67722", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.67736", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.6776", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.67745", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.67712", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.67747", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.67741", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1417" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1417", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1417" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1030743", "reference_id": "1030743", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1030743" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730085", "reference_id": "730085", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730085" }, { "reference_url": "https://security.gentoo.org/glsa/201312-12", "reference_id": "GLSA-201312-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-12" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2013-1417" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tsuu-f1qk-jygu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57882?format=api", "vulnerability_id": "VCID-u9bx-kfz1-nbcq", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9421.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9421.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9421", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90094", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90038", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90041", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90052", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90057", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90072", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90078", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90087", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90085", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90079", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90096", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90097", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9421" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179857", "reference_id": "1179857", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179857" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0794", "reference_id": "RHSA-2015:0794", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0794" }, { "reference_url": "https://usn.ubuntu.com/2498-1/", "reference_id": "USN-2498-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2498-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-9421" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u9bx-kfz1-nbcq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49820?format=api", "vulnerability_id": "VCID-vr9b-gwxs-fqgg", "summary": "A vulnerability has been found in MIT Kerberos 5, possibly\n resulting in arbitrary code execution or a Denial of Service condition.", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0345.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0345.html" }, { "reference_url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "reference_id": "", "reference_type": "", "scores": [], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" }, { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7980", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7980" }, { "reference_url": "http://linux.oracle.com/errata/ELSA-2014-1255.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://linux.oracle.com/errata/ELSA-2014-1255.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136640.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136640.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/137056.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/137056.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00009.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00009.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00030.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00030.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1255.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1255.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4345.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4345.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4345", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.9356", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.93553", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.93495", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.93504", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.93512", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.9352", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.93523", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.93528", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.93547", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4345" }, { "reference_url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_4345_numeric_errors", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_4345_numeric_errors" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345" }, { "reference_url": "http://secunia.com/advisories/59102", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59102" }, { "reference_url": "http://secunia.com/advisories/59415", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59415" }, { "reference_url": "http://secunia.com/advisories/59993", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59993" }, { "reference_url": "http://secunia.com/advisories/60535", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60535" }, { "reference_url": "http://secunia.com/advisories/60776", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60776" }, { "reference_url": "http://secunia.com/advisories/61314", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61314" }, { "reference_url": "http://secunia.com/advisories/61353", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61353" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201412-53.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201412-53.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95212", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95212" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/dc7ed55c689d57de7f7408b34631bf06fec9dab1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/dc7ed55c689d57de7f7408b34631bf06fec9dab1" }, { "reference_url": "https://github.com/krb5/krb5/pull/181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/pull/181" }, { "reference_url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2014-001.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2014-001.txt" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3000", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3000" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "reference_url": "http://www.osvdb.org/109908", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/109908" }, { "reference_url": "http://www.securityfocus.com/bid/69168", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/69168" }, { "reference_url": "http://www.securitytracker.com/id/1030705", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1030705" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1128157", "reference_id": "1128157", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1128157" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757416", "reference_id": "757416", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757416" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4345", "reference_id": "CVE-2014-4345", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4345" }, { "reference_url": "https://security.gentoo.org/glsa/201412-53", "reference_id": "GLSA-201412-53", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-53" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1255", "reference_id": "RHSA-2014:1255", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1255" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1389", "reference_id": "RHSA-2014:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://usn.ubuntu.com/2310-1/", "reference_id": "USN-2310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-4345" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vr9b-gwxs-fqgg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75053?format=api", "vulnerability_id": "VCID-w6yc-w573-vbhy", "summary": "krb5: GSS message token handling", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37370.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37370.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-37370", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67803", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67783", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67797", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67821", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67807", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67773", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67809", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67731", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67751", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67732", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-37370" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294677", "reference_id": "2294677", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294677" }, { "reference_url": "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef", "reference_id": "55fbf435edbe2e92dd8101669b1ce7144bc96fef", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-01T15:25:49Z/" } ], "url": "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef" }, { "reference_url": "https://web.mit.edu/kerberos/www/advisories/", "reference_id": "advisories", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-01T15:25:49Z/" } ], "url": "https://web.mit.edu/kerberos/www/advisories/" }, { "reference_url": "https://security.archlinux.org/AVG-2856", "reference_id": "AVG-2856", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10135", "reference_id": "RHSA-2024:10135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11109", "reference_id": "RHSA-2024:11109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4734", "reference_id": "RHSA-2024:4734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4743", "reference_id": "RHSA-2024:4743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5076", "reference_id": "RHSA-2024:5076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5312", "reference_id": "RHSA-2024:5312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5316", "reference_id": "RHSA-2024:5316", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5316" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5625", "reference_id": "RHSA-2024:5625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5630", "reference_id": "RHSA-2024:5630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5643", "reference_id": "RHSA-2024:5643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5643" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5884", "reference_id": "RHSA-2024:5884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6166", "reference_id": "RHSA-2024:6166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7213", "reference_id": "RHSA-2024:7213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7374", "reference_id": "RHSA-2024:7374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7374" }, { "reference_url": "https://usn.ubuntu.com/6947-1/", "reference_id": "USN-6947-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6947-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052296?format=api", "purl": "pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-khdw-3p5j-vya6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5" } ], "aliases": [ "CVE-2024-37370" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w6yc-w573-vbhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57847?format=api", "vulnerability_id": "VCID-yuur-7md8-skcv", "summary": "security update", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0345.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0345.html" }, { "reference_url": "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc" }, { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7970", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7970" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4344.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4344.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4344", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.90011", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.89956", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.89959", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.89971", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.89978", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.89993", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.89999", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.90006", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.90005", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.89998", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.90013", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.90014", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345" }, { "reference_url": "http://secunia.com/advisories/59102", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59102" }, { "reference_url": "http://secunia.com/advisories/60082", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60082" }, { "reference_url": "http://secunia.com/advisories/60448", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60448" }, { "reference_url": "http://secunia.com/advisories/61051", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61051" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95210", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95210" }, { "reference_url": "https://github.com/krb5/krb5/commit/524688ce87a15fc75f87efc8c039ba4c7d5c197b", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/524688ce87a15fc75f87efc8c039ba4c7d5c197b" }, { "reference_url": "https://github.com/krb5/krb5/commit/a7886f0ed1277c69142b14a2c6629175a6331edc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/a7886f0ed1277c69142b14a2c6629175a6331edc" }, { "reference_url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15561.html" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3000", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3000" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165" }, { "reference_url": "http://www.osvdb.org/109389", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/109389" }, { "reference_url": "http://www.securityfocus.com/bid/69160", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/69160" }, { "reference_url": "http://www.securitytracker.com/id/1030706", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1030706" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121877", "reference_id": "1121877", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121877" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755521", "reference_id": "755521", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755521" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4344", "reference_id": "CVE-2014-4344", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1245", "reference_id": "RHSA-2014:1245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1389", "reference_id": "RHSA-2014:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://usn.ubuntu.com/2310-1/", "reference_id": "USN-2310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-4344" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yuur-7md8-skcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85294?format=api", "vulnerability_id": "VCID-z6ca-snvn-jyh9", "summary": "krb5: null pointer dereference in kadmin", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-04/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-04/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-04/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-04/msg00055.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2591.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2591.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3119.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3119.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3119", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92701", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92697", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.9265", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92657", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92664", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92674", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92679", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92684", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92683", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0915", "scoring_system": "epss", "scoring_elements": "0.92698", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3119" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3119", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3119" }, { "reference_url": "https://github.com/krb5/krb5/commit/08c642c09c38a9c6454ab43a9b53b2a89b9eef99", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/08c642c09c38a9c6454ab43a9b53b2a89b9eef99" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00040.html" }, { "reference_url": "http://www.securityfocus.com/bid/85392", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/85392" }, { "reference_url": "http://www.securitytracker.com/id/1035399", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035399" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1319616", "reference_id": "1319616", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1319616" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819468", "reference_id": "819468", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819468" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3119", "reference_id": "CVE-2016-3119", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2591", "reference_id": "RHSA-2016:2591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2591" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2016-3119" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z6ca-snvn-jyh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47299?format=api", "vulnerability_id": "VCID-zw66-w86u-cuge", "summary": "Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37750.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37750.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37750", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72328", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72413", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72415", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72425", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72333", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72351", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72367", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.7238", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72402", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72386", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72374", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1996834", "reference_id": "1996834", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1996834" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992607", "reference_id": "992607", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992607" }, { "reference_url": "https://security.archlinux.org/AVG-2312", "reference_id": "AVG-2312", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2312" }, { "reference_url": "https://security.gentoo.org/glsa/202405-11", "reference_id": "GLSA-202405-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3576", "reference_id": "RHSA-2021:3576", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3576" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4788", "reference_id": "RHSA-2021:4788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4788" }, { "reference_url": "https://usn.ubuntu.com/5959-1/", "reference_id": "USN-5959-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5959-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052296?format=api", "purl": "pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-khdw-3p5j-vya6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5" } ], "aliases": [ "CVE-2021-37750" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zw66-w86u-cuge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83733?format=api", "vulnerability_id": "VCID-zx87-dep4-8bg2", "summary": "krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5710.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5710.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5710", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68308", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68328", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68347", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68324", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68375", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68392", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68419", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68406", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68373", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68411", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68425", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68403", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5710" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535575", "reference_id": "1535575", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535575" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889685", "reference_id": "889685", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889685" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038270?format=api", "purl": "pkg:deb/debian/krb5@1.17-3%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4" } ], "aliases": [ "CVE-2018-5710" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zx87-dep4-8bg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85384?format=api", "vulnerability_id": "VCID-zxvf-pz4q-myey", "summary": "krb5: krb5 doesn't check for null policy when KADM5_POLICY is set in the mask", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8342", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8342" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00059.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00059.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0532.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0532.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8630.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8630.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8630", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86596", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86578", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86591", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86516", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86527", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86545", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86564", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86574", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86588", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03005", "scoring_system": "epss", "scoring_elements": "0.86585", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8630" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8630", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8630" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/b863de7fbf080b15e347a736fdda0a82d42f4f6b", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/b863de7fbf080b15e347a736fdda0a82d42f4f6b" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3466", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3466" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securitytracker.com/id/1034915", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034915" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302632", "reference_id": "1302632", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302632" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813127", "reference_id": "813127", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813127" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8630", "reference_id": "CVE-2015-8630", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0532", "reference_id": "RHSA-2016:0532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0532" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-8630" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zxvf-pz4q-myey" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41392?format=api", "vulnerability_id": "VCID-4xpe-hb37-5qdm", "summary": "Multiple vulnerabilities have been discovered in MIT Kerberos 5,\n allowing execution of arbitrary code or Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1014.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1014.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1014", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04152", "scoring_system": "epss", "scoring_elements": "0.8868", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04152", "scoring_system": "epss", "scoring_elements": "0.88617", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04152", "scoring_system": "epss", "scoring_elements": "0.88626", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04152", "scoring_system": "epss", "scoring_elements": "0.88642", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04152", "scoring_system": "epss", "scoring_elements": "0.88644", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04152", "scoring_system": "epss", "scoring_elements": "0.88662", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04152", "scoring_system": "epss", "scoring_elements": "0.88666", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04152", "scoring_system": "epss", "scoring_elements": "0.88679", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04152", "scoring_system": "epss", "scoring_elements": "0.88672", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04152", "scoring_system": "epss", "scoring_elements": "0.88685", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04152", "scoring_system": "epss", "scoring_elements": "0.88682", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1014" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683429", "reference_id": "683429", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683429" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=838014", "reference_id": "838014", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=838014" }, { "reference_url": "https://security.gentoo.org/glsa/201312-12", "reference_id": "GLSA-201312-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-12" }, { "reference_url": "https://usn.ubuntu.com/1520-1/", "reference_id": "USN-1520-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1520-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" } ], "aliases": [ "CVE-2012-1014" ], "risk_score": 1.0, "exploitability": "0.5", "weighted_severity": "2.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4xpe-hb37-5qdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86784?format=api", "vulnerability_id": "VCID-5s5f-d1ue-gfda", "summary": "krb5: PKINIT null pointer deref leads to DoS", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7527", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7527" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1016.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1016.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1016", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70652", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70556", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.7057", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70587", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70565", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70611", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70626", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70649", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70634", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.7062", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70665", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00643", "scoring_system": "epss", "scoring_elements": "0.70673", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1016" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1016", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1016" }, { "reference_url": "http://secunia.com/advisories/55040", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/55040" }, { "reference_url": "https://github.com/krb5/krb5/commit/db64ca25d661a47b996b4e2645998b5d7f0eb52c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/db64ca25d661a47b996b4e2645998b5d7f0eb52c" }, { "reference_url": "http://web.mit.edu/kerberos/www/krb5-1.10/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://web.mit.edu/kerberos/www/krb5-1.10/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702633", "reference_id": "702633", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702633" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=917840", "reference_id": "917840", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=917840" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1016", "reference_id": "CVE-2012-1016", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0656", "reference_id": "RHSA-2013:0656", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0656" }, { "reference_url": "https://usn.ubuntu.com/2310-1/", "reference_id": "USN-2310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" } ], "aliases": [ "CVE-2012-1016" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5s5f-d1ue-gfda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62441?format=api", "vulnerability_id": "VCID-5txn-a4x1-nbbe", "summary": "Multiple vulnerabilities have been found in MIT Kerberos 5, the\n most severe of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html" }, { "reference_url": "http://mailman.mit.edu/pipermail/kerberos/2010-December/016800.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mailman.mit.edu/pipermail/kerberos/2010-December/016800.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0281.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0281.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0281", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10754", "scoring_system": "epss", "scoring_elements": "0.93366", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.10754", "scoring_system": "epss", "scoring_elements": "0.93307", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.10754", "scoring_system": "epss", "scoring_elements": "0.93316", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.10754", "scoring_system": "epss", "scoring_elements": "0.93321", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.10754", "scoring_system": "epss", "scoring_elements": "0.9332", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.10754", "scoring_system": "epss", "scoring_elements": "0.93328", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.10754", "scoring_system": "epss", "scoring_elements": "0.93333", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.10754", "scoring_system": "epss", "scoring_elements": "0.93337", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.10754", "scoring_system": "epss", "scoring_elements": "0.93336", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.10754", "scoring_system": "epss", "scoring_elements": "0.93354", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.10754", "scoring_system": "epss", "scoring_elements": "0.93359", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0281" }, { "reference_url": "http://secunia.com/advisories/43260", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43260" }, { "reference_url": "http://secunia.com/advisories/43273", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43273" }, { "reference_url": "http://secunia.com/advisories/43275", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43275" }, { "reference_url": "http://secunia.com/advisories/46397", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/46397" }, { "reference_url": "http://securityreason.com/securityalert/8073", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/8073" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65324", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65324" }, { "reference_url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:024", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:024" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:025", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:025" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0199.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0199.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0200.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0200.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/516299/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/516299/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/46265", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/46265" }, { "reference_url": "http://www.securitytracker.com/id?1025037", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1025037" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0330", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0330" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0333", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0333" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0347" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0464", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0464" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=668719", "reference_id": "668719", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=668719" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0281", "reference_id": "CVE-2011-0281", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0281" }, { "reference_url": "https://security.gentoo.org/glsa/201201-13", "reference_id": "GLSA-201201-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0199", "reference_id": "RHSA-2011:0199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0200", "reference_id": "RHSA-2011:0200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0200" }, { "reference_url": "https://usn.ubuntu.com/1062-1/", "reference_id": "USN-1062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1062-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" } ], "aliases": [ "CVE-2011-0281" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5txn-a4x1-nbbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87067?format=api", "vulnerability_id": "VCID-5z7g-r4bh-2qb1", "summary": "krb5: kadmind denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1013.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1013.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1013", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77392", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77399", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77425", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77405", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77435", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77445", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77471", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77451", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77447", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77487", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77485", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77478", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1013" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687647", "reference_id": "687647", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687647" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=827517", "reference_id": "827517", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=827517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1131", "reference_id": "RHSA-2012:1131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1131" }, { "reference_url": "https://usn.ubuntu.com/1520-1/", "reference_id": "USN-1520-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1520-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" } ], "aliases": [ "CVE-2012-1013" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5z7g-r4bh-2qb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62446?format=api", "vulnerability_id": "VCID-6fgr-qbwj-bqf5", "summary": "Multiple vulnerabilities have been found in MIT Kerberos 5, the\n most severe of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1527.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1527.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1527", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02618", "scoring_system": "epss", "scoring_elements": "0.85581", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02618", "scoring_system": "epss", "scoring_elements": "0.85593", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02618", "scoring_system": "epss", "scoring_elements": "0.85611", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02618", "scoring_system": "epss", "scoring_elements": "0.85617", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02618", "scoring_system": "epss", "scoring_elements": "0.85637", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02618", "scoring_system": "epss", "scoring_elements": "0.85648", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02618", "scoring_system": "epss", "scoring_elements": "0.85663", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02618", "scoring_system": "epss", "scoring_elements": "0.85659", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02618", "scoring_system": "epss", "scoring_elements": "0.85655", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02618", "scoring_system": "epss", "scoring_elements": "0.85678", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02618", "scoring_system": "epss", "scoring_elements": "0.85683", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02618", "scoring_system": "epss", "scoring_elements": "0.85679", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1527" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367", "reference_id": "646367", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=737711", "reference_id": "737711", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737711" }, { "reference_url": "https://security.gentoo.org/glsa/201201-13", "reference_id": "GLSA-201201-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1379", "reference_id": "RHSA-2011:1379", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1379" }, { "reference_url": "https://usn.ubuntu.com/1233-1/", "reference_id": "USN-1233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" } ], "aliases": [ "CVE-2011-1527" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6fgr-qbwj-bqf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87135?format=api", "vulnerability_id": "VCID-6het-dg8q-7fcj", "summary": "krb5: flaw in access control handling for strings in kadmin", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1012.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1012.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1012", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46839", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46878", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46895", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46842", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46896", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46918", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46891", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46898", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46954", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.4695", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46899", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1012" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670918", "reference_id": "670918", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670918" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=796438", "reference_id": "796438", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=796438" }, { "reference_url": "https://usn.ubuntu.com/1520-1/", "reference_id": "USN-1520-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1520-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" } ], "aliases": [ "CVE-2012-1012" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6het-dg8q-7fcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57881?format=api", "vulnerability_id": "VCID-81qw-myh7-pbdj", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5352.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5352.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5352", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90152", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90096", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90098", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.9011", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90114", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.9013", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90136", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90145", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90144", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90139", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05407", "scoring_system": "epss", "scoring_elements": "0.90156", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-5352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179856", "reference_id": "1179856", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0794", "reference_id": "RHSA-2015:0794", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0794" }, { "reference_url": "https://usn.ubuntu.com/2498-1/", "reference_id": "USN-2498-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2498-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-5352" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-81qw-myh7-pbdj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62442?format=api", "vulnerability_id": "VCID-8vzp-yn2u-1ugd", "summary": "Multiple vulnerabilities have been found in MIT Kerberos 5, the\n most severe of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0282.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0282.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0282", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09562", "scoring_system": "epss", "scoring_elements": "0.92876", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.09562", "scoring_system": "epss", "scoring_elements": "0.92834", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09562", "scoring_system": "epss", "scoring_elements": "0.92842", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09562", "scoring_system": "epss", "scoring_elements": "0.92845", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.09562", "scoring_system": "epss", "scoring_elements": "0.92843", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09562", "scoring_system": "epss", "scoring_elements": "0.92852", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09562", "scoring_system": "epss", "scoring_elements": "0.92856", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09562", "scoring_system": "epss", "scoring_elements": "0.92861", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09562", "scoring_system": "epss", "scoring_elements": "0.9287", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.09562", "scoring_system": "epss", "scoring_elements": "0.92872", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0282" }, { "reference_url": "http://secunia.com/advisories/43260", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43260" }, { "reference_url": "http://secunia.com/advisories/43273", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43273" }, { "reference_url": "http://secunia.com/advisories/43275", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43275" }, { "reference_url": "http://secunia.com/advisories/46397", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/46397" }, { "reference_url": "http://securityreason.com/securityalert/8073", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/8073" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65323", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65323" }, { "reference_url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:024", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:024" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:025", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:025" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0199.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0199.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0200.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0200.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/516299/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/516299/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/46271", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/46271" }, { "reference_url": "http://www.securitytracker.com/id?1025037", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1025037" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0330", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0330" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0333", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0333" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0347" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0464", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0464" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=668726", "reference_id": "668726", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=668726" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0282", "reference_id": "CVE-2011-0282", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0282" }, { "reference_url": "https://security.gentoo.org/glsa/201201-13", "reference_id": "GLSA-201201-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0199", "reference_id": "RHSA-2011:0199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0200", "reference_id": "RHSA-2011:0200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0200" }, { "reference_url": "https://usn.ubuntu.com/1062-1/", "reference_id": "USN-1062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1062-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" } ], "aliases": [ "CVE-2011-0282" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8vzp-yn2u-1ugd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49819?format=api", "vulnerability_id": "VCID-9d6t-z5dr-yqgy", "summary": "A vulnerability has been found in MIT Kerberos 5, possibly\n resulting in arbitrary code execution or a Denial of Service condition.", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0345.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0345.html" }, { "reference_url": "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc" }, { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7969", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7969" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4343.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4343.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4343", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91744", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91687", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91695", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91701", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91709", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91721", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91728", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91731", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91733", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91729", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91749", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07384", "scoring_system": "epss", "scoring_elements": "0.91742", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345" }, { "reference_url": "http://secunia.com/advisories/59102", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59102" }, { "reference_url": "http://secunia.com/advisories/60082", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60082" }, { "reference_url": "http://secunia.com/advisories/60448", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60448" }, { "reference_url": "http://secunia.com/advisories/61052", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61052" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201412-53.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201412-53.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95211", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95211" }, { "reference_url": "https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f" }, { "reference_url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15553.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15553.html" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3000", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3000" }, { "reference_url": "http://www.osvdb.org/109390", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/109390" }, { "reference_url": "http://www.securityfocus.com/bid/69159", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/69159" }, { "reference_url": "http://www.securitytracker.com/id/1030706", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1030706" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121876", "reference_id": "1121876", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121876" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755520", "reference_id": "755520", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755520" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4343", "reference_id": "CVE-2014-4343", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4343" }, { "reference_url": "https://security.gentoo.org/glsa/201412-53", "reference_id": "GLSA-201412-53", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-53" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1389", "reference_id": "RHSA-2014:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://usn.ubuntu.com/2310-1/", "reference_id": "USN-2310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-4343" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9d6t-z5dr-yqgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41394?format=api", "vulnerability_id": "VCID-ahrt-vcg3-tbc2", "summary": "Multiple vulnerabilities have been discovered in MIT Kerberos 5,\n allowing execution of arbitrary code or Denial of Service.", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7600", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7600" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102058.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102058.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102074.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102074.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-05/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-05/msg00011.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00041.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00041.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00102.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00102.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0748.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0748.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1416.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1416.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1416", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02274", "scoring_system": "epss", "scoring_elements": "0.84681", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02274", "scoring_system": "epss", "scoring_elements": "0.8468", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02274", "scoring_system": "epss", "scoring_elements": "0.84585", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02274", "scoring_system": "epss", "scoring_elements": "0.84599", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02274", "scoring_system": "epss", "scoring_elements": "0.84619", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02274", "scoring_system": "epss", "scoring_elements": "0.84621", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02274", "scoring_system": "epss", "scoring_elements": "0.84643", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02274", "scoring_system": "epss", "scoring_elements": "0.84649", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02274", "scoring_system": "epss", "scoring_elements": "0.84667", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02274", "scoring_system": "epss", "scoring_elements": "0.84662", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02274", "scoring_system": "epss", "scoring_elements": "0.84657", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02274", "scoring_system": "epss", "scoring_elements": "0.84679", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1416" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1416", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1416" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/8ee70ec63931d1e38567905387ab9b1d45734d81", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/8ee70ec63931d1e38567905387ab9b1d45734d81" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:157", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:157" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:158", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:158" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704775", "reference_id": "704775", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704775" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=949984", "reference_id": "949984", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=949984" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1416", "reference_id": "CVE-2013-1416", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1416" }, { "reference_url": "https://security.gentoo.org/glsa/201312-12", "reference_id": "GLSA-201312-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0748", "reference_id": "RHSA-2013:0748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0748" }, { "reference_url": "https://usn.ubuntu.com/2310-1/", "reference_id": "USN-2310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" } ], "aliases": [ "CVE-2013-1416" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ahrt-vcg3-tbc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62450?format=api", "vulnerability_id": "VCID-bdbh-trh7-8fd6", "summary": "Multiple vulnerabilities have been found in MIT Kerberos 5, the\n most severe of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4151.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4151.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4151", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78903", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78909", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78938", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78921", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78946", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78952", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78975", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.7896", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.7895", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78979", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78976", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4151", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4151" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367", "reference_id": "646367", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=737711", "reference_id": "737711", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737711" }, { "reference_url": "https://security.gentoo.org/glsa/201201-13", "reference_id": "GLSA-201201-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-13" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" } ], "aliases": [ "CVE-2011-4151" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bdbh-trh7-8fd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51591?format=api", "vulnerability_id": "VCID-bnpa-8svd-jyct", "summary": "Multiple vulnerabilities have been discovered in MIT Kerberos 5,\n the worst of which may allow remote attackers to cause Denial of Service.", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8252", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8252" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2697.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2697.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2697", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.91048", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.9105", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.90974", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.9098", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.90989", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.90999", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.91011", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.91017", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06393", "scoring_system": "epss", "scoring_elements": "0.91025", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2697" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/f0c094a1b745d91ef2f9a4eae2149aac026a5789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/f0c094a1b745d91ef2f9a4eae2149aac026a5789" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3395", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3395" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "reference_url": "http://www.securityfocus.com/bid/77581", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/77581" }, { "reference_url": "http://www.securitytracker.com/id/1034084", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034084" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2810-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2810-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275863", "reference_id": "1275863", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275863" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803088", "reference_id": "803088", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803088" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2697", "reference_id": "CVE-2015-2697", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2697" }, { "reference_url": "https://security.gentoo.org/glsa/201611-14", "reference_id": "GLSA-201611-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-14" }, { "reference_url": "https://usn.ubuntu.com/2810-1/", "reference_id": "USN-2810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035813?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-2697" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bnpa-8svd-jyct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57846?format=api", "vulnerability_id": "VCID-d1a1-yfu1-kuaz", "summary": "security update", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0345.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0345.html" }, { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4342.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4342.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4342", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.92182", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.9218", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.92138", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.92145", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.92151", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.92155", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.92166", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.92169", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.92174", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08139", "scoring_system": "epss", "scoring_elements": "0.9217", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345" }, { "reference_url": "http://secunia.com/advisories/59102", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59102" }, { "reference_url": "http://secunia.com/advisories/60082", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60082" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94903" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3000", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3000" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "reference_url": "http://www.securityfocus.com/bid/68908", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/68908" }, { "reference_url": "http://www.securitytracker.com/id/1030706", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1030706" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120581", "reference_id": "1120581", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120581" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753625", "reference_id": "753625", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753625" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.10.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos:5-1.10.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.10.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.10.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos:5-1.10.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.10.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.10.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos:5-1.10.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.10.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.8:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos:5-1.8:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos:5-1.8:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4342", "reference_id": "CVE-2014-4342", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1389", "reference_id": "RHSA-2014:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://usn.ubuntu.com/2310-1/", "reference_id": "USN-2310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-4342" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d1a1-yfu1-kuaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86783?format=api", "vulnerability_id": "VCID-dj1x-1chn-bbhz", "summary": "krb5: PKINIT null pointer deref leads to DoS (pkinit_check_kdc_pkid())", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7570", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7570" }, { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7577", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7577" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00090.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00090.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1415.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1415.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1415", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01588", "scoring_system": "epss", "scoring_elements": "0.81662", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01588", "scoring_system": "epss", "scoring_elements": "0.81557", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01588", "scoring_system": "epss", "scoring_elements": "0.81569", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01588", "scoring_system": "epss", "scoring_elements": "0.8159", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01588", "scoring_system": "epss", "scoring_elements": "0.81588", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01588", "scoring_system": "epss", "scoring_elements": "0.81616", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01588", "scoring_system": "epss", "scoring_elements": "0.81621", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01588", "scoring_system": "epss", "scoring_elements": "0.81641", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01588", "scoring_system": "epss", "scoring_elements": "0.81628", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01588", "scoring_system": "epss", "scoring_elements": "0.81659", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1415" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1415" }, { "reference_url": "http://secunia.com/advisories/55040", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/55040" }, { "reference_url": "https://github.com/krb5/krb5/commit/f249555301940c6df3a2cdda13b56b5674eebc2e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/f249555301940c6df3a2cdda13b56b5674eebc2e" }, { "reference_url": "http://web.mit.edu/kerberos/www/krb5-1.10/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://web.mit.edu/kerberos/www/krb5-1.10/" }, { "reference_url": "http://web.mit.edu/kerberos/www/krb5-1.11/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://web.mit.edu/kerberos/www/krb5-1.11/" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:157", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:157" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=914749", "reference_id": "914749", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=914749" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1415", "reference_id": "CVE-2013-1415", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0656", "reference_id": "RHSA-2013:0656", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0656" }, { "reference_url": "https://usn.ubuntu.com/2310-1/", "reference_id": "USN-2310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" } ], "aliases": [ "CVE-2013-1415" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dj1x-1chn-bbhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62444?format=api", "vulnerability_id": "VCID-dv1m-kz1r-8udu", "summary": "Multiple vulnerabilities have been found in MIT Kerberos 5, the\n most severe of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056413.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056413.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056573.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056573.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056579.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056579.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html" }, { "reference_url": "http://osvdb.org/71183", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/71183" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0284.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0284.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0284", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.2264", "scoring_system": "epss", "scoring_elements": "0.95874", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.2264", "scoring_system": "epss", "scoring_elements": "0.95819", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.2264", "scoring_system": "epss", "scoring_elements": "0.95827", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.2264", "scoring_system": "epss", "scoring_elements": "0.95836", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.2264", "scoring_system": "epss", "scoring_elements": "0.95838", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.2264", "scoring_system": "epss", "scoring_elements": "0.95847", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.2264", "scoring_system": "epss", "scoring_elements": "0.9585", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.2264", "scoring_system": "epss", "scoring_elements": "0.95853", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.2264", "scoring_system": "epss", "scoring_elements": "0.95854", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.2264", "scoring_system": "epss", "scoring_elements": "0.95866", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.2264", "scoring_system": "epss", "scoring_elements": "0.95871", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0284" }, { "reference_url": "http://secunia.com/advisories/43700", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43700" }, { "reference_url": "http://secunia.com/advisories/43760", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43760" }, { "reference_url": "http://secunia.com/advisories/43783", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43783" }, { "reference_url": "http://secunia.com/advisories/43881", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43881" }, { "reference_url": "http://securitytracker.com/id?1025216", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securitytracker.com/id?1025216" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66101" }, { "reference_url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-003.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-003.txt" }, { "reference_url": "http://www.kb.cert.org/vuls/id/943220", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/943220" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:048", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:048" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0356.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0356.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/517029/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/517029/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/46881", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/46881" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1088-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1088-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0672", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0672" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0673", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0673" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0680", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0680" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0722", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0722" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0763", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0763" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618517", "reference_id": "618517", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618517" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=674325", "reference_id": "674325", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=674325" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0284", "reference_id": "CVE-2011-0284", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0284" }, { "reference_url": "https://security.gentoo.org/glsa/201201-13", "reference_id": "GLSA-201201-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0356", "reference_id": "RHSA-2011:0356", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0356" }, { "reference_url": "https://usn.ubuntu.com/1088-1/", "reference_id": "USN-1088-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1088-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" } ], "aliases": [ "CVE-2011-0284" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dv1m-kz1r-8udu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62445?format=api", "vulnerability_id": "VCID-e81a-vujj-yfcs", "summary": "Multiple vulnerabilities have been found in MIT Kerberos 5, the\n most severe of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=621726", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=621726" }, { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=6899", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=6899" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058181.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058181.html" }, { "reference_url": "http://osvdb.org/71789", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/71789" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0285.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0285.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0285", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.54024", "scoring_system": "epss", "scoring_elements": "0.98017", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.54024", "scoring_system": "epss", "scoring_elements": "0.97994", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.54024", "scoring_system": "epss", "scoring_elements": "0.97998", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.54024", "scoring_system": "epss", "scoring_elements": "0.98", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.54024", "scoring_system": "epss", "scoring_elements": "0.98002", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.54024", "scoring_system": "epss", "scoring_elements": "0.98007", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.54024", "scoring_system": "epss", "scoring_elements": "0.98008", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.54024", "scoring_system": "epss", "scoring_elements": "0.98012", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.54024", "scoring_system": "epss", "scoring_elements": "0.98013", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.54024", "scoring_system": "epss", "scoring_elements": "0.98014", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.54024", "scoring_system": "epss", "scoring_elements": "0.9802", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0285" }, { "reference_url": "http://secunia.com/advisories/44125", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44125" }, { "reference_url": "http://secunia.com/advisories/44181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44181" }, { "reference_url": "http://secunia.com/advisories/44196", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44196" }, { "reference_url": "http://securityreason.com/securityalert/8200", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/8200" }, { "reference_url": "https://hermes.opensuse.org/messages/8086843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hermes.opensuse.org/messages/8086843" }, { "reference_url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-004.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-004.txt" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:077", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:077" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0447.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0447.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/517484/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/517484/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/47310", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/47310" }, { "reference_url": "http://www.securitytracker.com/id?1025320", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1025320" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0936", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0936" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0986", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0986" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0997", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0997" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622681", "reference_id": "622681", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622681" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=696334", "reference_id": "696334", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=696334" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0285", "reference_id": "CVE-2011-0285", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0285" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35606.txt", "reference_id": "CVE-2011-0285;OSVDB-71789", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35606.txt" }, { "reference_url": "https://www.securityfocus.com/bid/47310/info", "reference_id": "CVE-2011-0285;OSVDB-71789", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/47310/info" }, { "reference_url": "https://security.gentoo.org/glsa/201201-13", "reference_id": "GLSA-201201-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0447", "reference_id": "RHSA-2011:0447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0447" }, { "reference_url": "https://usn.ubuntu.com/1116-1/", "reference_id": "USN-1116-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1116-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" } ], "aliases": [ "CVE-2011-0285" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e81a-vujj-yfcs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62177?format=api", "vulnerability_id": "VCID-fg2w-sjkb-ebgb", "summary": "security update", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8341", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8341" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00059.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00059.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0493.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0493.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0532.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0532.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8629.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8629.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8629", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81797", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81793", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81794", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81692", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81702", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81725", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81723", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.8175", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81754", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81773", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81761", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0161", "scoring_system": "epss", "scoring_elements": "0.81756", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/df17a1224a3406f57477bcd372c61e04c0e5a5bb", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/df17a1224a3406f57477bcd372c61e04c0e5a5bb" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3466", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3466" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securityfocus.com/bid/82801", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/82801" }, { "reference_url": "http://www.securitytracker.com/id/1034914", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034914" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302617", "reference_id": "1302617", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302617" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813296", "reference_id": "813296", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813296" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8629", "reference_id": "CVE-2015-8629", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0493", "reference_id": "RHSA-2016:0493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0532", "reference_id": "RHSA-2016:0532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0532" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035813?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-8629" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fg2w-sjkb-ebgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57885?format=api", "vulnerability_id": "VCID-jask-8b2h-p3h8", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9423.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9423.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9423", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81386", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81283", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81292", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81314", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81313", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81342", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81347", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81368", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81353", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81345", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81383", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01537", "scoring_system": "epss", "scoring_elements": "0.81385", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9423" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179863", "reference_id": "1179863", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://usn.ubuntu.com/2498-1/", "reference_id": "USN-2498-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2498-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-9423" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jask-8b2h-p3h8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57883?format=api", "vulnerability_id": "VCID-ktam-mx9t-jqa2", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9422.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9422.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9422", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73987", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73896", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73906", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.7393", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73901", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73935", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73948", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73971", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73953", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73945", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73986", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00794", "scoring_system": "epss", "scoring_elements": "0.73995", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179861", "reference_id": "1179861", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0794", "reference_id": "RHSA-2015:0794", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0794" }, { "reference_url": "https://usn.ubuntu.com/2498-1/", "reference_id": "USN-2498-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2498-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-9422" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ktam-mx9t-jqa2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62440?format=api", "vulnerability_id": "VCID-mqs4-crva-ayaz", "summary": "Multiple vulnerabilities have been found in MIT Kerberos 5, the\n most severe of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4022.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4022.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08988", "scoring_system": "epss", "scoring_elements": "0.92628", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.08988", "scoring_system": "epss", "scoring_elements": "0.92578", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08988", "scoring_system": "epss", "scoring_elements": "0.92583", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08988", "scoring_system": "epss", "scoring_elements": "0.9259", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08988", "scoring_system": "epss", "scoring_elements": "0.92591", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08988", "scoring_system": "epss", "scoring_elements": "0.92602", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08988", "scoring_system": "epss", "scoring_elements": "0.92607", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08988", "scoring_system": "epss", "scoring_elements": "0.92613", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08988", "scoring_system": "epss", "scoring_elements": "0.92614", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08988", "scoring_system": "epss", "scoring_elements": "0.92626", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.08988", "scoring_system": "epss", "scoring_elements": "0.92625", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4022" }, { "reference_url": "http://secunia.com/advisories/43260", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43260" }, { "reference_url": "http://secunia.com/advisories/43275", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43275" }, { "reference_url": "http://securityreason.com/securityalert/8070", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/8070" }, { "reference_url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-001.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-001.txt" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:025", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:025" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0200.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0200.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/516286/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/516286/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/46269", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/46269" }, { "reference_url": "http://www.securitytracker.com/id?1025035", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1025035" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0329", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0329" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0333", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0333" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0347", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0347" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0464", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0464" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=664009", "reference_id": "664009", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=664009" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4022", "reference_id": "CVE-2010-4022", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4022" }, { "reference_url": "https://security.gentoo.org/glsa/201201-13", "reference_id": "GLSA-201201-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0200", "reference_id": "RHSA-2011:0200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0200" }, { "reference_url": "https://usn.ubuntu.com/1062-1/", "reference_id": "USN-1062-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1062-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" } ], "aliases": [ "CVE-2010-4022" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mqs4-crva-ayaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41393?format=api", "vulnerability_id": "VCID-n4xu-cnqt-gbgf", "summary": "Multiple vulnerabilities have been discovered in MIT Kerberos 5,\n allowing execution of arbitrary code or Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1015.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1015.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1015", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79216", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79143", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.7915", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79175", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.7916", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79185", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79193", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79217", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79202", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79194", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01234", "scoring_system": "epss", "scoring_elements": "0.79219", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1015" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683429", "reference_id": "683429", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683429" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=838012", "reference_id": "838012", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=838012" }, { "reference_url": "https://security.gentoo.org/glsa/201312-12", "reference_id": "GLSA-201312-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1131", "reference_id": "RHSA-2012:1131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1131" }, { "reference_url": "https://usn.ubuntu.com/1520-1/", "reference_id": "USN-1520-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1520-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" } ], "aliases": [ "CVE-2012-1015" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n4xu-cnqt-gbgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51590?format=api", "vulnerability_id": "VCID-q2tg-s1kk-4bhc", "summary": "Multiple vulnerabilities have been discovered in MIT Kerberos 5,\n the worst of which may allow remote attackers to cause Denial of Service.", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2696.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2696.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2696", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92259", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92258", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92212", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92219", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92225", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92228", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92239", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92243", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92248", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08283", "scoring_system": "epss", "scoring_elements": "0.92246", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2696" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/e04f0283516e80d2f93366e0d479d13c9b5c8c2a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/e04f0283516e80d2f93366e0d479d13c9b5c8c2a" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3395", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3395" }, { "reference_url": "http://www.securityfocus.com/bid/90675", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90675" }, { "reference_url": "http://www.securitytracker.com/id/1034084", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034084" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2810-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2810-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275869", "reference_id": "1275869", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275869" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803084", "reference_id": "803084", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803084" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2696", "reference_id": "CVE-2015-2696", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2696" }, { "reference_url": "https://security.gentoo.org/glsa/201611-14", "reference_id": "GLSA-201611-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-14" }, { "reference_url": "https://usn.ubuntu.com/2810-1/", "reference_id": "USN-2810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035813?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-2696" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q2tg-s1kk-4bhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41391?format=api", "vulnerability_id": "VCID-qzt5-fxf1-huff", "summary": "Multiple vulnerabilities have been discovered in MIT Kerberos 5,\n allowing execution of arbitrary code or Denial of Service.", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105879.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105879.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105978.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105978.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106698.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106698.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-07/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-07/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-07/msg00007.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0942.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0942.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-2443.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-2443.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-2443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94589", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.9453", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94538", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94545", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94548", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94558", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94562", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94565", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94568", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94581", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.15013", "scoring_system": "epss", "scoring_elements": "0.94585", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-2443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443" }, { "reference_url": "https://github.com/krb5/krb5/commit/cf1a0c411b2668c57c41e9c4efd15ba17b6b322c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/cf1a0c411b2668c57c41e9c4efd15ba17b6b322c" }, { "reference_url": "http://www.debian.org/security/2013/dsa-2701", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2013/dsa-2701" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:166", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:166" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2810-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2810-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708267", "reference_id": "708267", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708267" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=962531", "reference_id": "962531", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=962531" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2002-2443", "reference_id": "CVE-2002-2443", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-2443" }, { "reference_url": "https://security.gentoo.org/glsa/201312-12", "reference_id": "GLSA-201312-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201312-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0942", "reference_id": "RHSA-2013:0942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0942" }, { "reference_url": "https://usn.ubuntu.com/2810-1/", "reference_id": "USN-2810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2002-2443" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qzt5-fxf1-huff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49818?format=api", "vulnerability_id": "VCID-rmt9-dmmb-kkec", "summary": "A vulnerability has been found in MIT Kerberos 5, possibly\n resulting in arbitrary code execution or a Denial of Service condition.", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0345.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0345.html" }, { "reference_url": "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc" }, { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7949" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4341.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4341.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4341", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94458", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94454", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94396", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94403", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94415", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94417", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94427", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.9443", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94433", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.94435", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.14451", "scoring_system": "epss", "scoring_elements": "0.9445", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345" }, { "reference_url": "http://secunia.com/advisories/59102", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59102" }, { "reference_url": "http://secunia.com/advisories/60082", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60082" }, { "reference_url": "http://secunia.com/advisories/60448", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60448" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201412-53.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201412-53.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94904" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/e6ae703ae597d798e310368d52b8f38ee11c6a73" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3000", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3000" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165" }, { "reference_url": "http://www.securityfocus.com/bid/68909", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/68909" }, { "reference_url": "http://www.securitytracker.com/id/1030706", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1030706" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1116180", "reference_id": "1116180", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1116180" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753624", "reference_id": "753624", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753624" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4341", "reference_id": "CVE-2014-4341", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4341" }, { "reference_url": "https://security.gentoo.org/glsa/201412-53", "reference_id": "GLSA-201412-53", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-53" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1245", "reference_id": "RHSA-2014:1245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1389", "reference_id": "RHSA-2014:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://usn.ubuntu.com/2310-1/", "reference_id": "USN-2310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-4341" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rmt9-dmmb-kkec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51589?format=api", "vulnerability_id": "VCID-rpxk-f19y-87dq", "summary": "Multiple vulnerabilities have been discovered in MIT Kerberos 5,\n the worst of which may allow remote attackers to cause Denial of Service.", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8244" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2695.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2695.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2695", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90135", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90138", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90078", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90081", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90093", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90097", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90113", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90119", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90128", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90126", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90121", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2695" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/b51b33f2bc5d1497ddf5bd107f791c101695000d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/b51b33f2bc5d1497ddf5bd107f791c101695000d" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3395", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3395" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "reference_url": "http://www.securityfocus.com/bid/90687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90687" }, { "reference_url": "http://www.securitytracker.com/id/1034084", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034084" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2810-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2810-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275871", "reference_id": "1275871", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1275871" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803083", "reference_id": "803083", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803083" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2695", "reference_id": "CVE-2015-2695", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2695" }, { "reference_url": "https://security.gentoo.org/glsa/201611-14", "reference_id": "GLSA-201611-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-14" }, { "reference_url": "https://usn.ubuntu.com/2810-1/", "reference_id": "USN-2810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2810-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035813?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-2695" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rpxk-f19y-87dq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62179?format=api", "vulnerability_id": "VCID-sgnn-emh7-kqgh", "summary": "security update", "references": [ { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8343", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8343" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00059.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00059.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0493.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0493.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0532.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0532.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8631.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8631.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8631", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84481", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84478", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84479", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84384", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84399", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84419", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84422", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84443", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84448", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84467", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84461", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0221", "scoring_system": "epss", "scoring_elements": "0.84456", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/83ed75feba32e46f736fcce0d96a0445f29b96c2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/83ed75feba32e46f736fcce0d96a0445f29b96c2" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3466", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3466" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securitytracker.com/id/1034916", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034916" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302642", "reference_id": "1302642", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302642" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813126", "reference_id": "813126", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813126" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8631", "reference_id": "CVE-2015-8631", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0493", "reference_id": "RHSA-2016:0493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0532", "reference_id": "RHSA-2016:0532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0532" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035813?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038269?format=api", "purl": "pkg:deb/debian/krb5@1.15-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1" } ], "aliases": [ "CVE-2015-8631" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sgnn-emh7-kqgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62447?format=api", "vulnerability_id": "VCID-sjw9-kv44-8bgv", "summary": "Multiple vulnerabilities have been found in MIT Kerberos 5, the\n most severe of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1528.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1528.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1528", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05459", "scoring_system": "epss", "scoring_elements": "0.90147", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05459", "scoring_system": "epss", "scoring_elements": "0.9015", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05459", "scoring_system": "epss", "scoring_elements": "0.90162", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05459", "scoring_system": "epss", "scoring_elements": "0.90167", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05459", "scoring_system": "epss", "scoring_elements": "0.90183", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05459", "scoring_system": "epss", "scoring_elements": "0.90188", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05459", "scoring_system": "epss", "scoring_elements": "0.90197", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05459", "scoring_system": "epss", "scoring_elements": "0.90196", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05459", "scoring_system": "epss", "scoring_elements": "0.90191", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05459", "scoring_system": "epss", "scoring_elements": "0.90209", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05459", "scoring_system": "epss", "scoring_elements": "0.90206", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1528" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367", "reference_id": "646367", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=737711", "reference_id": "737711", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737711" }, { "reference_url": "https://security.gentoo.org/glsa/201201-13", "reference_id": "GLSA-201201-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1379", "reference_id": "RHSA-2011:1379", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1379" }, { "reference_url": "https://usn.ubuntu.com/1233-1/", "reference_id": "USN-1233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" } ], "aliases": [ "CVE-2011-1528" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sjw9-kv44-8bgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57882?format=api", "vulnerability_id": "VCID-u9bx-kfz1-nbcq", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9421.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9421.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9421", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90094", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90038", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90041", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90052", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90057", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90072", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90078", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90087", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90085", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90079", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90096", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.05356", "scoring_system": "epss", "scoring_elements": "0.90097", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9421" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179857", "reference_id": "1179857", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179857" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0794", "reference_id": "RHSA-2015:0794", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0794" }, { "reference_url": "https://usn.ubuntu.com/2498-1/", "reference_id": "USN-2498-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2498-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-9421" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u9bx-kfz1-nbcq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49820?format=api", "vulnerability_id": "VCID-vr9b-gwxs-fqgg", "summary": "A vulnerability has been found in MIT Kerberos 5, possibly\n resulting in arbitrary code execution or a Denial of Service condition.", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0345.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0345.html" }, { "reference_url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "reference_id": "", "reference_type": "", "scores": [], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" }, { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7980", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7980" }, { "reference_url": "http://linux.oracle.com/errata/ELSA-2014-1255.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://linux.oracle.com/errata/ELSA-2014-1255.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136640.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136640.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/137056.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/137056.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00009.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00009.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00030.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00030.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1255.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1255.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4345.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4345.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4345", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.9356", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.93553", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.93495", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.93504", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.93512", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.9352", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.93523", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.93528", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11304", "scoring_system": "epss", "scoring_elements": "0.93547", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4345" }, { "reference_url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_4345_numeric_errors", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_4345_numeric_errors" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345" }, { "reference_url": "http://secunia.com/advisories/59102", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59102" }, { "reference_url": "http://secunia.com/advisories/59415", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59415" }, { "reference_url": "http://secunia.com/advisories/59993", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59993" }, { "reference_url": "http://secunia.com/advisories/60535", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60535" }, { "reference_url": "http://secunia.com/advisories/60776", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60776" }, { "reference_url": "http://secunia.com/advisories/61314", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61314" }, { "reference_url": "http://secunia.com/advisories/61353", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61353" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201412-53.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201412-53.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95212", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95212" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/krb5/krb5/commit/dc7ed55c689d57de7f7408b34631bf06fec9dab1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/dc7ed55c689d57de7f7408b34631bf06fec9dab1" }, { "reference_url": "https://github.com/krb5/krb5/pull/181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/pull/181" }, { "reference_url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2014-001.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2014-001.txt" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3000", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3000" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "reference_url": "http://www.osvdb.org/109908", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/109908" }, { "reference_url": "http://www.securityfocus.com/bid/69168", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/69168" }, { "reference_url": "http://www.securitytracker.com/id/1030705", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1030705" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1128157", "reference_id": "1128157", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1128157" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757416", "reference_id": "757416", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757416" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4345", "reference_id": "CVE-2014-4345", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4345" }, { "reference_url": "https://security.gentoo.org/glsa/201412-53", "reference_id": "GLSA-201412-53", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-53" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1255", "reference_id": "RHSA-2014:1255", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1255" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1389", "reference_id": "RHSA-2014:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://usn.ubuntu.com/2310-1/", "reference_id": "USN-2310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-4345" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vr9b-gwxs-fqgg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62449?format=api", "vulnerability_id": "VCID-wng4-f8sk-kqg9", "summary": "Multiple vulnerabilities have been found in MIT Kerberos 5, the\n most severe of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1530.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1530.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1530", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.7609", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76093", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76125", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76104", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76137", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.7615", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76176", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76152", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76149", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.7619", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76194", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76177", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1530" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1530", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1530" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=753748", "reference_id": "753748", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=753748" }, { "reference_url": "https://security.gentoo.org/glsa/201201-13", "reference_id": "GLSA-201201-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1790", "reference_id": "RHSA-2011:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1790" }, { "reference_url": "https://usn.ubuntu.com/1290-1/", "reference_id": "USN-1290-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1290-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" } ], "aliases": [ "CVE-2011-1530" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wng4-f8sk-kqg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57847?format=api", "vulnerability_id": "VCID-yuur-7md8-skcv", "summary": "security update", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0345.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0345.html" }, { "reference_url": "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "http://aix.software.ibm.com/aix/efixes/security/nas_advisory1.asc" }, { "reference_url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7970", "reference_id": "", "reference_type": "", "scores": [], "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=7970" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136360.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0439.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4344.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4344.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4344", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.90011", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.89956", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.89959", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.89971", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.89978", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.89993", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.89999", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.90006", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.90005", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.89998", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.90013", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0527", "scoring_system": "epss", "scoring_elements": "0.90014", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345" }, { "reference_url": "http://secunia.com/advisories/59102", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59102" }, { "reference_url": "http://secunia.com/advisories/60082", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60082" }, { "reference_url": "http://secunia.com/advisories/60448", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60448" }, { "reference_url": "http://secunia.com/advisories/61051", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61051" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95210", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95210" }, { "reference_url": "https://github.com/krb5/krb5/commit/524688ce87a15fc75f87efc8c039ba4c7d5c197b", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/524688ce87a15fc75f87efc8c039ba4c7d5c197b" }, { "reference_url": "https://github.com/krb5/krb5/commit/a7886f0ed1277c69142b14a2c6629175a6331edc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/krb5/krb5/commit/a7886f0ed1277c69142b14a2c6629175a6331edc" }, { "reference_url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15561.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15561.html" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3000", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3000" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:165" }, { "reference_url": "http://www.osvdb.org/109389", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/109389" }, { "reference_url": "http://www.securityfocus.com/bid/69160", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/69160" }, { "reference_url": "http://www.securitytracker.com/id/1030706", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1030706" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121877", "reference_id": "1121877", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121877" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755521", "reference_id": "755521", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755521" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4344", "reference_id": "CVE-2014-4344", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1245", "reference_id": "RHSA-2014:1245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1389", "reference_id": "RHSA-2014:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0439", "reference_id": "RHSA-2015:0439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0439" }, { "reference_url": "https://usn.ubuntu.com/2310-1/", "reference_id": "USN-2310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035812?format=api", "purl": "pkg:deb/debian/krb5@1.12.1%2Bdfsg-19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19" } ], "aliases": [ "CVE-2014-4344" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yuur-7md8-skcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62448?format=api", "vulnerability_id": "VCID-yw2r-vw2q-vffp", "summary": "Multiple vulnerabilities have been found in MIT Kerberos 5, the\n most severe of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1529.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1529.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1529", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02376", "scoring_system": "epss", "scoring_elements": "0.84897", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02376", "scoring_system": "epss", "scoring_elements": "0.84913", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02376", "scoring_system": "epss", "scoring_elements": "0.84931", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02376", "scoring_system": "epss", "scoring_elements": "0.84935", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02376", "scoring_system": "epss", "scoring_elements": "0.84958", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02376", "scoring_system": "epss", "scoring_elements": "0.84965", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02376", "scoring_system": "epss", "scoring_elements": "0.84981", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02376", "scoring_system": "epss", "scoring_elements": "0.84979", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02376", "scoring_system": "epss", "scoring_elements": "0.84975", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02376", "scoring_system": "epss", "scoring_elements": "0.84996", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02376", "scoring_system": "epss", "scoring_elements": "0.84998", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02376", "scoring_system": "epss", "scoring_elements": "0.84995", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1529" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367", "reference_id": "646367", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=737711", "reference_id": "737711", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737711" }, { "reference_url": "https://security.gentoo.org/glsa/201201-13", "reference_id": "GLSA-201201-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201201-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1379", "reference_id": "RHSA-2011:1379", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1379" }, { "reference_url": "https://usn.ubuntu.com/1233-1/", "reference_id": "USN-1233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571235?format=api", "purl": "pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2r88-c5e9-vffv" }, { "vulnerability": "VCID-3362-hawt-17ek" }, { "vulnerability": "VCID-3du2-evy8-jfa1" }, { "vulnerability": "VCID-4e9j-8vtc-tbda" }, { "vulnerability": "VCID-51sv-1nva-eqey" }, { "vulnerability": "VCID-5np7-5bb3-wbfx" }, { "vulnerability": "VCID-81qw-myh7-pbdj" }, { "vulnerability": "VCID-8rxc-tf1r-wqgm" }, { "vulnerability": "VCID-8yk4-du7p-eue4" }, { "vulnerability": "VCID-97k8-xbsv-87da" }, { "vulnerability": "VCID-985p-gnv3-mfd8" }, { "vulnerability": "VCID-9d6t-z5dr-yqgy" }, { "vulnerability": "VCID-9hyk-mdvc-1baq" }, { "vulnerability": "VCID-a9bp-26kx-p7cb" }, { "vulnerability": "VCID-bnpa-8svd-jyct" }, { "vulnerability": "VCID-bwpn-qxzd-43g8" }, { "vulnerability": "VCID-caxe-5ejt-ffgy" }, { "vulnerability": "VCID-d1a1-yfu1-kuaz" }, { "vulnerability": "VCID-dzr3-ncxx-jkck" }, { "vulnerability": "VCID-fd9s-vn5s-gud6" }, { "vulnerability": "VCID-fg2w-sjkb-ebgb" }, { "vulnerability": "VCID-h9q8-x3n3-6qdn" }, { "vulnerability": "VCID-j6tv-fz95-3kb8" }, { "vulnerability": "VCID-jask-8b2h-p3h8" }, { "vulnerability": "VCID-ka4c-q3hq-6fe3" }, { "vulnerability": "VCID-khdw-3p5j-vya6" }, { "vulnerability": "VCID-ktam-mx9t-jqa2" }, { "vulnerability": "VCID-q2tg-s1kk-4bhc" }, { "vulnerability": "VCID-qcva-cb6c-wyds" }, { "vulnerability": "VCID-qzt5-fxf1-huff" }, { "vulnerability": "VCID-r1wa-3gtw-1qey" }, { "vulnerability": "VCID-rmt9-dmmb-kkec" }, { "vulnerability": "VCID-rpxk-f19y-87dq" }, { "vulnerability": "VCID-sgnn-emh7-kqgh" }, { "vulnerability": "VCID-tsuu-f1qk-jygu" }, { "vulnerability": "VCID-u9bx-kfz1-nbcq" }, { "vulnerability": "VCID-vr9b-gwxs-fqgg" }, { "vulnerability": "VCID-w6yc-w573-vbhy" }, { "vulnerability": "VCID-yuur-7md8-skcv" }, { "vulnerability": "VCID-z6ca-snvn-jyh9" }, { "vulnerability": "VCID-zw66-w86u-cuge" }, { "vulnerability": "VCID-zx87-dep4-8bg2" }, { "vulnerability": "VCID-zxvf-pz4q-myey" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" } ], "aliases": [ "CVE-2011-1529" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yw2r-vw2q-vffp" } ], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7" }