{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","type":"deb","namespace":"debian","name":"samba","version":"2:4.24.3+dfsg-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100591?format=json","vulnerability_id":"VCID-15n7-fxw3-pbdy","summary":"Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0201.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0201.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0201","reference_id":"","reference_type":"","scores":[{"value":"0.88428","scoring_system":"epss","scoring_elements":"0.99517","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0201"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617002","reference_id":"1617002","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617002"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd_x86/remote/16880.rb","reference_id":"CVE-2003-0201;OSVDB-4469","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd_x86/remote/16880.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/remote/16861.rb","reference_id":"CVE-2003-0201;OSVDB-4469","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/remote/16861.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx_ppc/remote/16876.rb","reference_id":"CVE-2003-0201;OSVDB-4469","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx_ppc/remote/16876.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/remote/9924.rb","reference_id":"CVE-2003-0201;OSVDB-4469","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/remote/9924.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/solaris_sparc/remote/16330.rb","reference_id":"CVE-2003-0201;OSVDB-4469","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/solaris_sparc/remote/16330.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/22468.c","reference_id":"CVE-2003-0201;OSVDB-4469","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/22468.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/22469.c","reference_id":"CVE-2003-0201;OSVDB-4469","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/22469.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/22470.c","reference_id":"CVE-2003-0201;OSVDB-4469","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/22470.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/22471.txt","reference_id":"CVE-2003-0201;OSVDB-4469","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/22471.txt"},{"reference_url":"https://www.securityfocus.com/bid/7294/info","reference_id":"CVE-2003-0201;OSVDB-4469","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/7294/info"},{"reference_url":"http://www.digitaldefense.net/labs/advisories/DDI-1013.txt","reference_id":"CVE-2003-0201;OSVDB-4469","reference_type":"exploit","scores":[],"url":"http://www.digitaldefense.net/labs/advisories/DDI-1013.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/55.c","reference_id":"OSVDB-4469;CVE-2003-0201","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/55.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/7.pl","reference_id":"OSVDB-4469;CVE-2003-0201","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/7.pl"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10.c","reference_id":"OSVDB-4469;CVE-2003-0201","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10.c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:137","reference_id":"RHSA-2003:137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:138","reference_id":"RHSA-2003:138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:226","reference_id":"RHSA-2003:226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:226"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128373?format=json","purl":"pkg:deb/debian/samba@3.0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2003-0201"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-15n7-fxw3-pbdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100683?format=json","vulnerability_id":"VCID-1bsd-u791-43dm","summary":"It was discovered that the fix for CVE-2017-12150 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15085.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15085.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15085","reference_id":"","reference_type":"","scores":[{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.5154","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15085"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1505787","reference_id":"1505787","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1505787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3110","reference_id":"RHSA-2017:3110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3110"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128376?format=json","purl":"pkg:deb/debian/samba@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2017-15085"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1bsd-u791-43dm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100694?format=json","vulnerability_id":"VCID-1drk-e3vx-wbe8","summary":"A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1139.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1139.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1139","reference_id":"","reference_type":"","scores":[{"value":"0.0162","scoring_system":"epss","scoring_elements":"0.82164","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1589651","reference_id":"1589651","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1589651"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2612","reference_id":"RHSA-2018:2612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2613","reference_id":"RHSA-2018:2613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3056","reference_id":"RHSA-2018:3056","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3056"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128457?format=json","purl":"pkg:deb/debian/samba@2:4.8.4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.8.4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-1139"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1drk-e3vx-wbe8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100612?format=json","vulnerability_id":"VCID-1k7z-b2yr-xug1","summary":"Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2446.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2446.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2446","reference_id":"","reference_type":"","scores":[{"value":"0.89173","scoring_system":"epss","scoring_elements":"0.99552","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2446"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=239429","reference_id":"239429","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=239429"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/16859.rb","reference_id":"CVE-2007-2446;OSVDB-34699","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/16859.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/9950.rb","reference_id":"CVE-2007-2446;OSVDB-34699","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/9950.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/remote/16875.rb","reference_id":"CVE-2007-2446;OSVDB-34699","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/remote/16875.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/solaris/remote/16329.rb","reference_id":"CVE-2007-2446;OSVDB-34699","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/solaris/remote/16329.rb"},{"reference_url":"https://security.gentoo.org/glsa/200705-15","reference_id":"GLSA-200705-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200705-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0354","reference_id":"RHSA-2007:0354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0354"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128396?format=json","purl":"pkg:deb/debian/samba@3.0.25-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.25-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2007-2446"],"risk_score":1.6,"exploitability":"2.0","weighted_severity":"0.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1k7z-b2yr-xug1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100588?format=json","vulnerability_id":"VCID-1yxs-gcxx-yqc3","summary":"Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0085.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0085.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0085","reference_id":"","reference_type":"","scores":[{"value":"0.86073","scoring_system":"epss","scoring_elements":"0.99409","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0085"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616963","reference_id":"1616963","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616963"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/16321.rb","reference_id":"CVE-2003-0085;OSVDB-6323","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/16321.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/9936.rb","reference_id":"CVE-2003-0085;OSVDB-6323","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/9936.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/22356.c","reference_id":"CVE-2003-0085;OSVDB-6323","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/22356.c"},{"reference_url":"https://www.securityfocus.com/bid/7106/info","reference_id":"CVE-2003-0085;OSVDB-6323","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/7106/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:095","reference_id":"RHSA-2003:095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:096","reference_id":"RHSA-2003:096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:226","reference_id":"RHSA-2003:226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:226"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128371?format=json","purl":"pkg:deb/debian/samba@2.2.8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2.2.8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2003-0085"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1yxs-gcxx-yqc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3643?format=json","vulnerability_id":"VCID-1yzz-fu2r-rqgy","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44142.json","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44142.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44142","reference_id":"","reference_type":"","scores":[{"value":"0.35695","scoring_system":"epss","scoring_elements":"0.97161","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44142"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004693","reference_id":"1004693","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2046146","reference_id":"2046146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2046146"},{"reference_url":"https://security.archlinux.org/AVG-2648","reference_id":"AVG-2648","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2648"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0328","reference_id":"RHSA-2022:0328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0329","reference_id":"RHSA-2022:0329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0330","reference_id":"RHSA-2022:0330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0331","reference_id":"RHSA-2022:0331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0332","reference_id":"RHSA-2022:0332","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0332"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0457","reference_id":"RHSA-2022:0457","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0457"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0458","reference_id":"RHSA-2022:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0663","reference_id":"RHSA-2022:0663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0664","reference_id":"RHSA-2022:0664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0664"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128493?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128489?format=json","purl":"pkg:deb/debian/samba@2:4.16.0%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.16.0%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2021-44142"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1yzz-fu2r-rqgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6202?format=json","vulnerability_id":"VCID-26vq-jj49-byez","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16841.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16841.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16841","reference_id":"","reference_type":"","scores":[{"value":"0.09452","scoring_system":"epss","scoring_elements":"0.92965","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1642545","reference_id":"1642545","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1642545"},{"reference_url":"https://security.archlinux.org/ASA-201811-22","reference_id":"ASA-201811-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-22"},{"reference_url":"https://security.archlinux.org/AVG-823","reference_id":"AVG-823","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-823"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128459?format=json","purl":"pkg:deb/debian/samba@2:4.9.2%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.2%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-16841"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-26vq-jj49-byez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100708?format=json","vulnerability_id":"VCID-2f2r-y1tw-pyeq","summary":"All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with \"log level = 3\" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process(such as the RPC server) to terminate. (In the file server case, the most likely target, smbd, operates as process-per-client and so a crash there is harmless).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14907.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14907.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14907","reference_id":"","reference_type":"","scores":[{"value":"0.10242","scoring_system":"epss","scoring_elements":"0.93286","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1791207","reference_id":"1791207","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1791207"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0943","reference_id":"RHSA-2020:0943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1878","reference_id":"RHSA-2020:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3981","reference_id":"RHSA-2020:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3981"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128467?format=json","purl":"pkg:deb/debian/samba@2:4.11.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.11.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-14907"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2f2r-y1tw-pyeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100640?format=json","vulnerability_id":"VCID-2sjk-5zvq-kbap","summary":"The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1182.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1182.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1182","reference_id":"","reference_type":"","scores":[{"value":"0.7855","scoring_system":"epss","scoring_elements":"0.99061","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1182"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668309","reference_id":"668309","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668309"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=804093","reference_id":"804093","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=804093"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/21850.rb","reference_id":"CVE-2012-1182;OSVDB-81303","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/21850.rb"},{"reference_url":"http://www.zerodayinitiative.com/advisories/ZDI-12-069/","reference_id":"CVE-2012-1182;OSVDB-81303","reference_type":"exploit","scores":[],"url":"http://www.zerodayinitiative.com/advisories/ZDI-12-069/"},{"reference_url":"https://security.gentoo.org/glsa/201206-22","reference_id":"GLSA-201206-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0465","reference_id":"RHSA-2012:0465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0466","reference_id":"RHSA-2012:0466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0478","reference_id":"RHSA-2012:0478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0506","reference_id":"RHSA-2013:0506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0515","reference_id":"RHSA-2013:0515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0515"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128417?format=json","purl":"pkg:deb/debian/samba@2:3.6.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2012-1182"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2sjk-5zvq-kbap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6201?format=json","vulnerability_id":"VCID-35qh-y7xf-nkdn","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16851.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16851.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16851","reference_id":"","reference_type":"","scores":[{"value":"0.08925","scoring_system":"epss","scoring_elements":"0.92732","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646377","reference_id":"1646377","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646377"},{"reference_url":"https://security.archlinux.org/ASA-201811-22","reference_id":"ASA-201811-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-22"},{"reference_url":"https://security.archlinux.org/AVG-823","reference_id":"AVG-823","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-823"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128459?format=json","purl":"pkg:deb/debian/samba@2:4.9.2%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.2%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-16851"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-35qh-y7xf-nkdn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4311?format=json","vulnerability_id":"VCID-3ddh-cm8f-nuf2","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1050.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1050.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1050","reference_id":"","reference_type":"","scores":[{"value":"0.19654","scoring_system":"epss","scoring_elements":"0.95539","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1050"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1538771","reference_id":"1538771","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1538771"},{"reference_url":"https://security.archlinux.org/ASA-201803-10","reference_id":"ASA-201803-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-10"},{"reference_url":"https://security.archlinux.org/AVG-651","reference_id":"AVG-651","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-651"},{"reference_url":"https://security.gentoo.org/glsa/201805-07","reference_id":"GLSA-201805-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201805-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1860","reference_id":"RHSA-2018:1860","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1860"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1883","reference_id":"RHSA-2018:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2612","reference_id":"RHSA-2018:2612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2613","reference_id":"RHSA-2018:2613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3056","reference_id":"RHSA-2018:3056","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3056"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128455?format=json","purl":"pkg:deb/debian/samba@2:4.7.4%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.7.4%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-1050"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ddh-cm8f-nuf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100604?format=json","vulnerability_id":"VCID-3dxq-ge62-hfdm","summary":"Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-2546.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-2546.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-2546","reference_id":"","reference_type":"","scores":[{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.72269","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-2546"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128385?format=json","purl":"pkg:deb/debian/samba@3.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2004-2546"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3dxq-ge62-hfdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100617?format=json","vulnerability_id":"VCID-3vh9-a365-pqhy","summary":"Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the \"domain logons\" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON logon request.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6015.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6015.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6015","reference_id":"","reference_type":"","scores":[{"value":"0.48861","scoring_system":"epss","scoring_elements":"0.97817","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6015"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=396401","reference_id":"396401","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=396401"},{"reference_url":"http://secunia.com/secunia_research/2007-99/advisory/","reference_id":"OSVDB-39191;CVE-2007-6015","reference_type":"exploit","scores":[],"url":"http://secunia.com/secunia_research/2007-99/advisory/"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/4732.c","reference_id":"OSVDB-39191;CVE-2007-6015","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/4732.c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1114","reference_id":"RHSA-2007:1114","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1114"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1117","reference_id":"RHSA-2007:1117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1117"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128399?format=json","purl":"pkg:deb/debian/samba@3.0.28-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.28-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2007-6015"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3vh9-a365-pqhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100678?format=json","vulnerability_id":"VCID-44hn-cr8c-akft","summary":"It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce \"SMB signing\" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12150.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12150.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12150","reference_id":"","reference_type":"","scores":[{"value":"0.221","scoring_system":"epss","scoring_elements":"0.95897","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12150"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1488400","reference_id":"1488400","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1488400"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2789","reference_id":"RHSA-2017:2789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2790","reference_id":"RHSA-2017:2790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2791","reference_id":"RHSA-2017:2791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2858","reference_id":"RHSA-2017:2858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2858"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128445?format=json","purl":"pkg:deb/debian/samba@2:4.6.7%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.6.7%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2017-12150"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-44hn-cr8c-akft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100629?format=json","vulnerability_id":"VCID-48wp-kk4y-ekfc","summary":"client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0787.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0787.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0787","reference_id":"","reference_type":"","scores":[{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.6221","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0787"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=567554","reference_id":"567554","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=567554"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=577277","reference_id":"577277","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=577277"},{"reference_url":"https://security.gentoo.org/glsa/201206-29","reference_id":"GLSA-201206-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1219","reference_id":"RHSA-2011:1219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1219"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128406?format=json","purl":"pkg:deb/debian/samba@2:3.4.5~dfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.4.5~dfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2010-0787"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-48wp-kk4y-ekfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92321?format=json","vulnerability_id":"VCID-4by1-xwe3-cubx","summary":"samba: AD DC Busy RPC multiple listener DoS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42670.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42670.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241885","reference_id":"2241885","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241885"},{"reference_url":"https://security.gentoo.org/glsa/202402-28","reference_id":"GLSA-202402-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-28"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128376?format=json","purl":"pkg:deb/debian/samba@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128506?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128507?format=json","purl":"pkg:deb/debian/samba@2:4.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.19.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2023-42670"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4by1-xwe3-cubx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64923?format=json","vulnerability_id":"VCID-4h99-zsd9-5ke4","summary":"The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.  NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0547.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2724.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2724.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2724","reference_id":"","reference_type":"","scores":[{"value":"0.01165","scoring_system":"epss","scoring_elements":"0.78967","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2724"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=726691","reference_id":"726691","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=726691"},{"reference_url":"https://security.gentoo.org/glsa/201206-22","reference_id":"GLSA-201206-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1220","reference_id":"RHSA-2011:1220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1221","reference_id":"RHSA-2011:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1221"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128414?format=json","purl":"pkg:deb/debian/samba@2:3.4.7~dfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.4.7~dfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2011-2724"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4h99-zsd9-5ke4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100665?format=json","vulnerability_id":"VCID-4pjr-6tfv-hqgu","summary":"The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7540.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7540.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7540","reference_id":"","reference_type":"","scores":[{"value":"0.39597","scoring_system":"epss","scoring_elements":"0.97384","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1288451","reference_id":"1288451","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1288451"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0010","reference_id":"RHSA-2016:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0015","reference_id":"RHSA-2016:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0015"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128437?format=json","purl":"pkg:deb/debian/samba@2:4.1.22%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.22%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2015-7540"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4pjr-6tfv-hqgu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100603?format=json","vulnerability_id":"VCID-4t9d-yycr-fqhy","summary":"Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1154.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1154.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1154","reference_id":"","reference_type":"","scores":[{"value":"0.27766","scoring_system":"epss","scoring_elements":"0.96544","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1154"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617382","reference_id":"1617382","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:670","reference_id":"RHSA-2004:670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:681","reference_id":"RHSA-2004:681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:020","reference_id":"RHSA-2005:020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:020"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128389?format=json","purl":"pkg:deb/debian/samba@3.0.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2004-1154"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4t9d-yycr-fqhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72439?format=json","vulnerability_id":"VCID-53zv-2nms-e3da","summary":"Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in 'enc_part' instead of the unencrypted version stored in 'ticket'. Use of the unencrypted version provides an opportunity for successful server impersonation and other attacks. NOTE: this CVE is only for Heimdal and other products that embed Heimdal code; it does not apply to other instances in which this part of the Kerberos 5 protocol specification is violated.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11103.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11103.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11103","reference_id":"","reference_type":"","scores":[{"value":"0.05637","scoring_system":"epss","scoring_elements":"0.9051","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11103"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1469976","reference_id":"1469976","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1469976"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868208","reference_id":"868208","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868208"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868209","reference_id":"868209","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868209"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128444?format=json","purl":"pkg:deb/debian/samba@2:4.6.5%2Bdfsg-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.6.5%252Bdfsg-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2017-11103"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-53zv-2nms-e3da"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100658?format=json","vulnerability_id":"VCID-548z-f1hq-4ffh","summary":"NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in string_wrappers.h.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3560.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3560.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3560","reference_id":"","reference_type":"","scores":[{"value":"0.71948","scoring_system":"epss","scoring_elements":"0.98763","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3560"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1126010","reference_id":"1126010","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1126010"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756759","reference_id":"756759","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756759"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1008","reference_id":"RHSA-2014:1008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1009","reference_id":"RHSA-2014:1009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1009"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128435?format=json","purl":"pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2014-3560"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-548z-f1hq-4ffh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95276?format=json","vulnerability_id":"VCID-5e5h-6dg4-ryd4","summary":"samba: infinite loop in mdssvc RPC service for spotlight","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34966.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34966.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222793","reference_id":"2222793","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222793"},{"reference_url":"https://security.gentoo.org/glsa/202402-28","reference_id":"GLSA-202402-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-28"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6667","reference_id":"RHSA-2023:6667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7139","reference_id":"RHSA-2023:7139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0423","reference_id":"RHSA-2024:0423","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0580","reference_id":"RHSA-2024:0580","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0580"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4101","reference_id":"RHSA-2024:4101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4101"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128498?format=json","purl":"pkg:deb/debian/samba@2:4.17.10%2Bdfsg-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.10%252Bdfsg-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128499?format=json","purl":"pkg:deb/debian/samba@2:4.18.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.18.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2023-34966"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5e5h-6dg4-ryd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75222?format=json","vulnerability_id":"VCID-5tc4-e6tj-3qfa","summary":"A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20277.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20277.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20277","reference_id":"","reference_type":"","scores":[{"value":"0.09838","scoring_system":"epss","scoring_elements":"0.93121","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20277"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1941402","reference_id":"1941402","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1941402"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985935","reference_id":"985935","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985935"},{"reference_url":"https://security.archlinux.org/AVG-1732","reference_id":"AVG-1732","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1732"},{"reference_url":"https://security.archlinux.org/AVG-1734","reference_id":"AVG-1734","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1734"},{"reference_url":"https://security.gentoo.org/glsa/202105-22","reference_id":"GLSA-202105-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1072","reference_id":"RHSA-2021:1072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1197","reference_id":"RHSA-2021:1197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1213","reference_id":"RHSA-2021:1213","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1213"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1214","reference_id":"RHSA-2021:1214","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1214"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2331","reference_id":"RHSA-2021:2331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2786","reference_id":"RHSA-2021:2786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2786"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128486?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2021-20277"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5tc4-e6tj-3qfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7023?format=json","vulnerability_id":"VCID-5tub-1spq-b7c7","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25719.json","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25719.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25719","reference_id":"","reference_type":"","scores":[{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43839","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25719"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019732","reference_id":"2019732","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019732"},{"reference_url":"https://security.archlinux.org/AVG-2538","reference_id":"AVG-2538","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2538"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5142","reference_id":"RHSA-2021:5142","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5142"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5195","reference_id":"RHSA-2021:5195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0007","reference_id":"RHSA-2022:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0076","reference_id":"RHSA-2022:0076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0076"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128443?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128442?format=json","purl":"pkg:deb/debian/samba@2:4.13.14%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.14%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-25719"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5tub-1spq-b7c7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100692?format=json","vulnerability_id":"VCID-5uh7-w6s9-47gr","summary":"The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10919.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10919.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10919","reference_id":"","reference_type":"","scores":[{"value":"0.01373","scoring_system":"epss","scoring_elements":"0.80567","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10919"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610645","reference_id":"1610645","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610645"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128457?format=json","purl":"pkg:deb/debian/samba@2:4.8.4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.8.4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-10919"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5uh7-w6s9-47gr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100624?format=json","vulnerability_id":"VCID-5xej-61wz-mbc6","summary":"Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2813.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2813.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2813","reference_id":"","reference_type":"","scores":[{"value":"0.00847","scoring_system":"epss","scoring_elements":"0.75201","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2813"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=523752","reference_id":"523752","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=523752"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550422","reference_id":"550422","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1529","reference_id":"RHSA-2009:1529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1585","reference_id":"RHSA-2009:1585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1585"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128405?format=json","purl":"pkg:deb/debian/samba@2:3.4.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.4.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2009-2813"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5xej-61wz-mbc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6390?format=json","vulnerability_id":"VCID-688u-s2a3-8fha","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15275.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15275.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15275","reference_id":"","reference_type":"","scores":[{"value":"0.4327","scoring_system":"epss","scoring_elements":"0.97572","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15275"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1512465","reference_id":"1512465","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1512465"},{"reference_url":"https://security.archlinux.org/ASA-201712-1","reference_id":"ASA-201712-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201712-1"},{"reference_url":"https://security.archlinux.org/AVG-535","reference_id":"AVG-535","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-535"},{"reference_url":"https://security.gentoo.org/glsa/201805-07","reference_id":"GLSA-201805-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201805-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3260","reference_id":"RHSA-2017:3260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3261","reference_id":"RHSA-2017:3261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3278","reference_id":"RHSA-2017:3278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3278"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128446?format=json","purl":"pkg:deb/debian/samba@2:4.7.1%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.7.1%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2017-15275"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-688u-s2a3-8fha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75219?format=json","vulnerability_id":"VCID-68mw-cr8k-qfgs","summary":"ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5330.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5330.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5330","reference_id":"","reference_type":"","scores":[{"value":"0.01625","scoring_system":"epss","scoring_elements":"0.82196","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281326","reference_id":"1281326","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281326"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0006","reference_id":"RHSA-2016:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0009","reference_id":"RHSA-2016:0009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0010","reference_id":"RHSA-2016:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0014","reference_id":"RHSA-2016:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0015","reference_id":"RHSA-2016:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0016","reference_id":"RHSA-2016:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0016"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128437?format=json","purl":"pkg:deb/debian/samba@2:4.1.22%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.22%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2015-5330"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-68mw-cr8k-qfgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100668?format=json","vulnerability_id":"VCID-6pd7-pxth-3faj","summary":"The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0771.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0771.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0771","reference_id":"","reference_type":"","scores":[{"value":"0.05663","scoring_system":"epss","scoring_elements":"0.90536","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1309978","reference_id":"1309978","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1309978"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128439?format=json","purl":"pkg:deb/debian/samba@2:4.3.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.3.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2016-0771"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6pd7-pxth-3faj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100649?format=json","vulnerability_id":"VCID-6y1r-n3tf-qbfy","summary":"Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4475.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4475.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4475","reference_id":"","reference_type":"","scores":[{"value":"0.06902","scoring_system":"epss","scoring_elements":"0.91547","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1024542","reference_id":"1024542","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1024542"},{"reference_url":"https://security.gentoo.org/glsa/201502-15","reference_id":"GLSA-201502-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1806","reference_id":"RHSA-2013:1806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0009","reference_id":"RHSA-2014:0009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0009"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128425?format=json","purl":"pkg:deb/debian/samba@2:4.0.11%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.0.11%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2013-4475"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6y1r-n3tf-qbfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100655?format=json","vulnerability_id":"VCID-73fb-wuxr-2fa7","summary":"The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged response packet that triggers a communication loop, a related issue to CVE-1999-0103.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0239.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0239.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0239","reference_id":"","reference_type":"","scores":[{"value":"0.22157","scoring_system":"epss","scoring_elements":"0.95902","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0239"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1101988","reference_id":"1101988","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1101988"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=749845","reference_id":"749845","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=749845"},{"reference_url":"https://security.gentoo.org/glsa/201502-15","reference_id":"GLSA-201502-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128428?format=json","purl":"pkg:deb/debian/samba@2:4.1.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2014-0239"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-73fb-wuxr-2fa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100725?format=json","vulnerability_id":"VCID-76dk-atu1-ebbm","summary":"All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43566.json","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43566.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43566","reference_id":"","reference_type":"","scores":[{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.5852","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43566"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004691","reference_id":"1004691","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004691"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2009676","reference_id":"2009676","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2009676"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128491?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128489?format=json","purl":"pkg:deb/debian/samba@2:4.16.0%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.16.0%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2021-43566"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-76dk-atu1-ebbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100602?format=json","vulnerability_id":"VCID-7dmk-ay48-pkct","summary":"The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0930.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0930.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0930","reference_id":"","reference_type":"","scores":[{"value":"0.06058","scoring_system":"epss","scoring_elements":"0.90896","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0930"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617324","reference_id":"1617324","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:632","reference_id":"RHSA-2004:632","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:632"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128387?format=json","purl":"pkg:deb/debian/samba@3.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0930"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7dmk-ay48-pkct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100597?format=json","vulnerability_id":"VCID-7fwh-y82u-ybdd","summary":"Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0807.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0807.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0807","reference_id":"","reference_type":"","scores":[{"value":"0.09849","scoring_system":"epss","scoring_elements":"0.93125","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0807"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617297","reference_id":"1617297","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617297"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:467","reference_id":"RHSA-2004:467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:467"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128377?format=json","purl":"pkg:deb/debian/samba@3.0.7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0807"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7fwh-y82u-ybdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100720?format=json","vulnerability_id":"VCID-7n9k-74nf-ayah","summary":"A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creation. This issue occurs because the administrator owns the object due to the lack of an Access Control List (ACL) at the time of creation and later being recognized as the 'creator owner.' The retained significant rights of the delegated administrator may not be well understood, potentially leading to unintended privilege escalation or security risks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25720.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25720.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25720","reference_id":"","reference_type":"","scores":[{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42808","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25720"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2305954","reference_id":"2305954","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2305954"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128483?format=json","purl":"pkg:deb/debian/samba@2:4.17.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-25720"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7n9k-74nf-ayah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100715?format=json","vulnerability_id":"VCID-7q6r-9cgn-5kfp","summary":"A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14318.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14318.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14318","reference_id":"","reference_type":"","scores":[{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36232","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14318"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1892631","reference_id":"1892631","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1892631"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973400","reference_id":"973400","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973400"},{"reference_url":"https://security.gentoo.org/glsa/202012-24","reference_id":"GLSA-202012-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5439","reference_id":"RHSA-2020:5439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1647","reference_id":"RHSA-2021:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3723","reference_id":"RHSA-2021:3723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3723"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128479?format=json","purl":"pkg:deb/debian/samba@2:4.13.2%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.2%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-14318"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7q6r-9cgn-5kfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72449?format=json","vulnerability_id":"VCID-7rsk-suge-a7b4","summary":"Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-44640","reference_id":"","reference_type":"","scores":[{"value":"0.01611","scoring_system":"epss","scoring_elements":"0.82104","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-44640"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187","reference_id":"1024187","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187"},{"reference_url":"https://security.gentoo.org/glsa/202310-06","reference_id":"GLSA-202310-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128502?format=json","purl":"pkg:deb/debian/samba@2:4.17.4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-44640"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7rsk-suge-a7b4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100657?format=json","vulnerability_id":"VCID-82sk-6wse-qkbh","summary":"The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3493.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3493.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3493","reference_id":"","reference_type":"","scores":[{"value":"0.02413","scoring_system":"epss","scoring_elements":"0.85384","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3493"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1108748","reference_id":"1108748","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1108748"},{"reference_url":"https://security.gentoo.org/glsa/201502-15","reference_id":"GLSA-201502-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0866","reference_id":"RHSA-2014:0866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0867","reference_id":"RHSA-2014:0867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1009","reference_id":"RHSA-2014:1009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1009"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128434?format=json","purl":"pkg:deb/debian/samba@2:4.1.9%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2014-3493"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-82sk-6wse-qkbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100627?format=json","vulnerability_id":"VCID-84jf-xy5a-yqfw","summary":"client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0547.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0547.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0547","reference_id":"","reference_type":"","scores":[{"value":"0.01967","scoring_system":"epss","scoring_elements":"0.8385","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0547"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=562156","reference_id":"562156","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=562156"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=568942","reference_id":"568942","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=568942"},{"reference_url":"https://security.gentoo.org/glsa/201206-29","reference_id":"GLSA-201206-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1219","reference_id":"RHSA-2011:1219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1219"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128406?format=json","purl":"pkg:deb/debian/samba@2:3.4.5~dfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.4.5~dfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2010-0547"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-84jf-xy5a-yqfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100643?format=json","vulnerability_id":"VCID-85f1-s2xy-vkbe","summary":"Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging (1) objectClass access by a user, (2) objectClass access by a group, or (3) write access to an attribute.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0172.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0172.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0172","reference_id":"","reference_type":"","scores":[{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51866","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0172"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=895631","reference_id":"895631","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=895631"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128376?format=json","purl":"pkg:deb/debian/samba@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2013-0172"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-85f1-s2xy-vkbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100660?format=json","vulnerability_id":"VCID-8hfr-fp5z-s3c1","summary":"The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0240.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0240.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0240","reference_id":"","reference_type":"","scores":[{"value":"0.90696","scoring_system":"epss","scoring_elements":"0.99637","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0240"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0240","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0240"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1191325","reference_id":"1191325","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1191325"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779033","reference_id":"779033","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779033"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/dos/36741.py","reference_id":"CVE-2015-0240;OSVDB-118637","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/dos/36741.py"},{"reference_url":"https://security.gentoo.org/glsa/201502-15","reference_id":"GLSA-201502-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0249","reference_id":"RHSA-2015:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0250","reference_id":"RHSA-2015:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0251","reference_id":"RHSA-2015:0251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0251"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0252","reference_id":"RHSA-2015:0252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0253","reference_id":"RHSA-2015:0253","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0253"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0254","reference_id":"RHSA-2015:0254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0255","reference_id":"RHSA-2015:0255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0256","reference_id":"RHSA-2015:0256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0257","reference_id":"RHSA-2015:0257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0257"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128436?format=json","purl":"pkg:deb/debian/samba@2:4.1.17%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.17%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2015-0240"],"risk_score":1.6,"exploitability":"2.0","weighted_severity":"0.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8hfr-fp5z-s3c1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92318?format=json","vulnerability_id":"VCID-8jp7-e281-tqha","summary":"samba: AD DC password exposure to privileged users and RODCs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4154.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4154.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241883","reference_id":"2241883","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241883"},{"reference_url":"https://security.gentoo.org/glsa/202402-28","reference_id":"GLSA-202402-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-28"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128506?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128507?format=json","purl":"pkg:deb/debian/samba@2:4.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.19.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2023-4154"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8jp7-e281-tqha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100635?format=json","vulnerability_id":"VCID-8m9d-vzmn-cqcr","summary":"Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0719.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0719.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0719","reference_id":"","reference_type":"","scores":[{"value":"0.10347","scoring_system":"epss","scoring_elements":"0.93324","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0719"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=678328","reference_id":"678328","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=678328"},{"reference_url":"https://security.gentoo.org/glsa/201206-22","reference_id":"GLSA-201206-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0305","reference_id":"RHSA-2011:0305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0306","reference_id":"RHSA-2011:0306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0306"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128413?format=json","purl":"pkg:deb/debian/samba@2:3.5.7~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.5.7~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2011-0719"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8m9d-vzmn-cqcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100590?format=json","vulnerability_id":"VCID-8n5r-u3uc-dkaz","summary":"Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0196.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0196.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0196","reference_id":"","reference_type":"","scores":[{"value":"0.05111","scoring_system":"epss","scoring_elements":"0.90008","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0196"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617001","reference_id":"1617001","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:137","reference_id":"RHSA-2003:137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:138","reference_id":"RHSA-2003:138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:226","reference_id":"RHSA-2003:226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:226"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128373?format=json","purl":"pkg:deb/debian/samba@3.0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2003-0196"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8n5r-u3uc-dkaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100634?format=json","vulnerability_id":"VCID-8q5z-24mn-1uds","summary":"Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3069.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3069.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3069","reference_id":"","reference_type":"","scores":[{"value":"0.15227","scoring_system":"epss","scoring_elements":"0.94735","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3069"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=596891","reference_id":"596891","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=596891"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=630869","reference_id":"630869","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=630869"},{"reference_url":"https://security.gentoo.org/glsa/201206-22","reference_id":"GLSA-201206-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0697","reference_id":"RHSA-2010:0697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0698","reference_id":"RHSA-2010:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0860","reference_id":"RHSA-2010:0860","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0860"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128412?format=json","purl":"pkg:deb/debian/samba@2:3.5.5~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.5.5~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2010-3069"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8q5z-24mn-1uds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100675?format=json","vulnerability_id":"VCID-8tyg-f73c-zuh3","summary":"Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2115.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2115.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2115","reference_id":"","reference_type":"","scores":[{"value":"0.22744","scoring_system":"epss","scoring_elements":"0.95973","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1312084","reference_id":"1312084","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1312084"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0611","reference_id":"RHSA-2016:0611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0612","reference_id":"RHSA-2016:0612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0613","reference_id":"RHSA-2016:0613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0614","reference_id":"RHSA-2016:0614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0618","reference_id":"RHSA-2016:0618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0619","reference_id":"RHSA-2016:0619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0620","reference_id":"RHSA-2016:0620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0624","reference_id":"RHSA-2016:0624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0624"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128438?format=json","purl":"pkg:deb/debian/samba@2:4.3.7%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.3.7%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2115"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8tyg-f73c-zuh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95290?format=json","vulnerability_id":"VCID-8yhb-ghew-b3bw","summary":"samba: spotlight server-side share path disclosure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34968.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34968.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222795","reference_id":"2222795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222795"},{"reference_url":"https://security.gentoo.org/glsa/202402-28","reference_id":"GLSA-202402-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-28"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6667","reference_id":"RHSA-2023:6667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7139","reference_id":"RHSA-2023:7139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0423","reference_id":"RHSA-2024:0423","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0580","reference_id":"RHSA-2024:0580","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0580"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128498?format=json","purl":"pkg:deb/debian/samba@2:4.17.10%2Bdfsg-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.10%252Bdfsg-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128499?format=json","purl":"pkg:deb/debian/samba@2:4.18.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.18.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2023-34968"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8yhb-ghew-b3bw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3529?format=json","vulnerability_id":"VCID-8yq8-wp1b-p7gt","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37967.json","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37967.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37967","reference_id":"","reference_type":"","scores":[{"value":"0.02981","scoring_system":"epss","scoring_elements":"0.86785","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37967"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2154320","reference_id":"2154320","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2154320"},{"reference_url":"https://security.archlinux.org/AVG-2828","reference_id":"AVG-2828","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2828"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128502?format=json","purl":"pkg:deb/debian/samba@2:4.17.4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-37967"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8yq8-wp1b-p7gt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5845?format=json","vulnerability_id":"VCID-8ztz-2n8a-gqbm","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10730.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10730.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10730","reference_id":"","reference_type":"","scores":[{"value":"0.03789","scoring_system":"epss","scoring_elements":"0.88279","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1849489","reference_id":"1849489","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1849489"},{"reference_url":"https://security.archlinux.org/AVG-1202","reference_id":"AVG-1202","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1202"},{"reference_url":"https://security.gentoo.org/glsa/202007-15","reference_id":"GLSA-202007-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3118","reference_id":"RHSA-2020:3118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3119","reference_id":"RHSA-2020:3119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4568","reference_id":"RHSA-2020:4568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4568"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128476?format=json","purl":"pkg:deb/debian/samba@2:4.12.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.12.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-10730"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8ztz-2n8a-gqbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6199?format=json","vulnerability_id":"VCID-92g2-se8k-ybh5","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16853.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16853.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16853","reference_id":"","reference_type":"","scores":[{"value":"0.04908","scoring_system":"epss","scoring_elements":"0.89783","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16853"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1647246","reference_id":"1647246","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1647246"},{"reference_url":"https://security.archlinux.org/ASA-201811-22","reference_id":"ASA-201811-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-22"},{"reference_url":"https://security.archlinux.org/AVG-823","reference_id":"AVG-823","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-823"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128459?format=json","purl":"pkg:deb/debian/samba@2:4.9.2%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.2%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-16853"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-92g2-se8k-ybh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100666?format=json","vulnerability_id":"VCID-94d3-5rgf-x3dh","summary":"The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7560.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7560.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7560","reference_id":"","reference_type":"","scores":[{"value":"0.03995","scoring_system":"epss","scoring_elements":"0.88627","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1309992","reference_id":"1309992","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1309992"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0447","reference_id":"RHSA-2016:0447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0448","reference_id":"RHSA-2016:0448","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0448"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0449","reference_id":"RHSA-2016:0449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0449"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128439?format=json","purl":"pkg:deb/debian/samba@2:4.3.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.3.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2015-7560"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-94d3-5rgf-x3dh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100722?format=json","vulnerability_id":"VCID-95dq-xd5m-judz","summary":"A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20254.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20254.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20254","reference_id":"","reference_type":"","scores":[{"value":"0.01764","scoring_system":"epss","scoring_elements":"0.82966","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20254"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1949442","reference_id":"1949442","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1949442"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987811","reference_id":"987811","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987811"},{"reference_url":"https://security.archlinux.org/AVG-1893","reference_id":"AVG-1893","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1893"},{"reference_url":"https://security.gentoo.org/glsa/202105-22","reference_id":"GLSA-202105-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2313","reference_id":"RHSA-2021:2313","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2313"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3723","reference_id":"RHSA-2021:3723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3724","reference_id":"RHSA-2021:3724","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3988","reference_id":"RHSA-2021:3988","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3988"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4058","reference_id":"RHSA-2021:4058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4058"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4866","reference_id":"RHSA-2021:4866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4866"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128488?format=json","purl":"pkg:deb/debian/samba@2:4.13.5%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.5%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2021-20254"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-95dq-xd5m-judz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4862?format=json","vulnerability_id":"VCID-9bk5-pgap-1khn","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32744.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32744.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32744","reference_id":"","reference_type":"","scores":[{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.67016","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32744"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449","reference_id":"1016449","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108205","reference_id":"2108205","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108205"},{"reference_url":"https://security.archlinux.org/AVG-2782","reference_id":"AVG-2782","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2782"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128497?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128496?format=json","purl":"pkg:deb/debian/samba@2:4.16.4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.16.4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-32744"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9bk5-pgap-1khn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100632?format=json","vulnerability_id":"VCID-9ch7-2sqv-m7b9","summary":"The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \\xff\\xff security blob length in a Session Setup AndX request.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1642.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1642.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1642","reference_id":"","reference_type":"","scores":[{"value":"0.05054","scoring_system":"epss","scoring_elements":"0.89945","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1642"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=594921","reference_id":"594921","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=594921"},{"reference_url":"https://security.gentoo.org/glsa/201206-22","reference_id":"GLSA-201206-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128410?format=json","purl":"pkg:deb/debian/samba@2:3.5.4~dfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.5.4~dfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2010-1642"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9ch7-2sqv-m7b9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92319?format=json","vulnerability_id":"VCID-9cv8-xnmm-cyh8","summary":"samba: \"rpcecho\" development server allows denial of service via sleep() call on AD DC","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42669.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42669.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241884","reference_id":"2241884","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241884"},{"reference_url":"https://security.gentoo.org/glsa/202402-28","reference_id":"GLSA-202402-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-28"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6209","reference_id":"RHSA-2023:6209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6744","reference_id":"RHSA-2023:6744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7371","reference_id":"RHSA-2023:7371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7408","reference_id":"RHSA-2023:7408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7464","reference_id":"RHSA-2023:7464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7467","reference_id":"RHSA-2023:7467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7467"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128506?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128507?format=json","purl":"pkg:deb/debian/samba@2:4.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.19.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2023-42669"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9cv8-xnmm-cyh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100593?format=json","vulnerability_id":"VCID-9frz-rgd4-ekdx","summary":"The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0082.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0082.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0082","reference_id":"","reference_type":"","scores":[{"value":"0.02082","scoring_system":"epss","scoring_elements":"0.84307","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0082"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617143","reference_id":"1617143","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617143"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:064","reference_id":"RHSA-2004:064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:064"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128377?format=json","purl":"pkg:deb/debian/samba@3.0.7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0082"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9frz-rgd4-ekdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100638?format=json","vulnerability_id":"VCID-9j2y-cra5-8bdc","summary":"Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service (memory and CPU consumption) by making many connection requests.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0817.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0817.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0817","reference_id":"","reference_type":"","scores":[{"value":"0.07502","scoring_system":"epss","scoring_elements":"0.91936","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0817"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=785746","reference_id":"785746","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=785746"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128416?format=json","purl":"pkg:deb/debian/samba@2:3.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2012-0817"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9j2y-cra5-8bdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59300?format=json","vulnerability_id":"VCID-9kyr-nxjs-xkaw","summary":"samba: vfs_worm does not block directory modification","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2340.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2340.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447318","reference_id":"2447318","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22963","reference_id":"RHSA-2026:22963","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22963"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128514?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128513?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2026-2340"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9kyr-nxjs-xkaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100637?format=json","vulnerability_id":"VCID-a7b1-q34r-9qaj","summary":"Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program (aka the user field to the Change Password page).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2694.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2694.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2694","reference_id":"","reference_type":"","scores":[{"value":"0.02323","scoring_system":"epss","scoring_elements":"0.85099","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2694"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=722537","reference_id":"722537","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=722537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1219","reference_id":"RHSA-2011:1219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1220","reference_id":"RHSA-2011:1220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1221","reference_id":"RHSA-2011:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1221"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128415?format=json","purl":"pkg:deb/debian/samba@2:3.5.10~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.5.10~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2011-2694"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a7b1-q34r-9qaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100636?format=json","vulnerability_id":"VCID-abzu-mfgh-27ew","summary":"Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2522.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2522.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2522","reference_id":"","reference_type":"","scores":[{"value":"0.17507","scoring_system":"epss","scoring_elements":"0.95201","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2522"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=721348","reference_id":"721348","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=721348"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/17577.txt","reference_id":"CVE-2011-2522;OSVDB-74071","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/17577.txt"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1219","reference_id":"RHSA-2011:1219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1220","reference_id":"RHSA-2011:1220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1221","reference_id":"RHSA-2011:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1221"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128415?format=json","purl":"pkg:deb/debian/samba@2:3.5.10~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.5.10~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2011-2522"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-abzu-mfgh-27ew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100729?format=json","vulnerability_id":"VCID-afjh-h9hy-u7dz","summary":"Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32743.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32743.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32743","reference_id":"","reference_type":"","scores":[{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.78854","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32743"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021022","reference_id":"1021022","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021022"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2121128","reference_id":"2121128","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2121128"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128487?format=json","purl":"pkg:deb/debian/samba@2:4.17.2%2Bdfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.2%252Bdfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-32743"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-afjh-h9hy-u7dz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6552?format=json","vulnerability_id":"VCID-apjj-ezss-a3hj","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7494.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7494.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7494","reference_id":"","reference_type":"","scores":[{"value":"0.94176","scoring_system":"epss","scoring_elements":"0.99922","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7494"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1450347","reference_id":"1450347","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1450347"},{"reference_url":"https://security.archlinux.org/ASA-201705-22","reference_id":"ASA-201705-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201705-22"},{"reference_url":"https://security.archlinux.org/AVG-279","reference_id":"AVG-279","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-279"},{"reference_url":"https://github.com/rapid7/metasploit-framework/blob/ae22b4ccf4a3dde77ec339d83091b057aa7e9a77/modules/exploits/linux/samba/is_known_pipename.rb","reference_id":"CVE-2017-7494","reference_type":"exploit","scores":[],"url":"https://github.com/rapid7/metasploit-framework/blob/ae22b4ccf4a3dde77ec339d83091b057aa7e9a77/modules/exploits/linux/samba/is_known_pipename.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42060.py","reference_id":"CVE-2017-7494","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42060.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42084.rb","reference_id":"CVE-2017-7494","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42084.rb"},{"reference_url":"https://security.gentoo.org/glsa/201805-07","reference_id":"GLSA-201805-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201805-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1270","reference_id":"RHSA-2017:1270","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1270"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1271","reference_id":"RHSA-2017:1271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1272","reference_id":"RHSA-2017:1272","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1272"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1273","reference_id":"RHSA-2017:1273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1390","reference_id":"RHSA-2017:1390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1390"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128451?format=json","purl":"pkg:deb/debian/samba@2:4.5.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.8%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2017-7494"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-apjj-ezss-a3hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73521?format=json","vulnerability_id":"VCID-atg1-qx5q-hfdu","summary":"samba: Command Injection in WINS Server Hook Script","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10230.json","reference_id":"","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10230.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394377","reference_id":"2394377","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394377"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128511?format=json","purl":"pkg:deb/debian/samba@2:4.22.6%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.6%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128510?format=json","purl":"pkg:deb/debian/samba@2:4.23.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.23.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2025-10230"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-atg1-qx5q-hfdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4860?format=json","vulnerability_id":"VCID-aza7-wkqb-m7h1","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32746.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32746.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32746","reference_id":"","reference_type":"","scores":[{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58992","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32746"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449","reference_id":"1016449","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108215","reference_id":"2108215","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108215"},{"reference_url":"https://security.archlinux.org/AVG-2782","reference_id":"AVG-2782","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2782"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7730","reference_id":"RHSA-2022:7730","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7730"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8318","reference_id":"RHSA-2022:8318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8318"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128497?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128496?format=json","purl":"pkg:deb/debian/samba@2:4.16.4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.16.4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-32746"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aza7-wkqb-m7h1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100653?format=json","vulnerability_id":"VCID-b1ja-e7jm-gbhc","summary":"Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRV_SNAPSHOT_ARRAY response field, which allows remote authenticated users to obtain potentially sensitive information from process memory via a (1) FSCTL_GET_SHADOW_COPY_DATA or (2) FSCTL_SRV_ENUMERATE_SNAPSHOTS request.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0178.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0178.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0178","reference_id":"","reference_type":"","scores":[{"value":"0.02302","scoring_system":"epss","scoring_elements":"0.85036","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1101992","reference_id":"1101992","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1101992"},{"reference_url":"https://security.gentoo.org/glsa/201502-15","reference_id":"GLSA-201502-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0867","reference_id":"RHSA-2014:0867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1009","reference_id":"RHSA-2014:1009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1009"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128428?format=json","purl":"pkg:deb/debian/samba@2:4.1.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2014-0178"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b1ja-e7jm-gbhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72445?format=json","vulnerability_id":"VCID-b843-h976-aqhr","summary":"A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3671.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3671.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3671","reference_id":"","reference_type":"","scores":[{"value":"0.05139","scoring_system":"epss","scoring_elements":"0.90036","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3671"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2013080","reference_id":"2013080","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2013080"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996586","reference_id":"996586","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996586"},{"reference_url":"https://security.archlinux.org/AVG-2418","reference_id":"AVG-2418","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2418"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128490?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128486?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2021-3671"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b843-h976-aqhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4668?format=json","vulnerability_id":"VCID-b9y4-s6nz-kkby","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2123.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2123.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2123","reference_id":"","reference_type":"","scores":[{"value":"0.00863","scoring_system":"epss","scoring_elements":"0.75432","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2123"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1392702","reference_id":"1392702","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1392702"},{"reference_url":"https://security.archlinux.org/ASA-201612-19","reference_id":"ASA-201612-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-19"},{"reference_url":"https://security.archlinux.org/AVG-111","reference_id":"AVG-111","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-111"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128441?format=json","purl":"pkg:deb/debian/samba@2:4.5.2%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.2%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2123"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b9y4-s6nz-kkby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100595?format=json","vulnerability_id":"VCID-bbx4-2d6h-e3bb","summary":"Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0600.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0600.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0600","reference_id":"","reference_type":"","scores":[{"value":"0.59614","scoring_system":"epss","scoring_elements":"0.98284","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0600"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617238","reference_id":"1617238","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617238"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=260838","reference_id":"260838","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=260838"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/364.pl","reference_id":"OSVDB-8190;CVE-2004-0600","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/364.pl"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:259","reference_id":"RHSA-2004:259","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:259"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128381?format=json","purl":"pkg:deb/debian/samba@3.0.5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0600"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bbx4-2d6h-e3bb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100621?format=json","vulnerability_id":"VCID-berd-61rd-vbeg","summary":"Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted connection request that specifies a blank share name.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0022.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0022.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0022","reference_id":"","reference_type":"","scores":[{"value":"0.04433","scoring_system":"epss","scoring_elements":"0.89228","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0022"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=479110","reference_id":"479110","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=479110"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128403?format=json","purl":"pkg:deb/debian/samba@2:3.2.5-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.2.5-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2009-0022"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-berd-61rd-vbeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100641?format=json","vulnerability_id":"VCID-bk9c-f69a-akdc","summary":"The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the \"take ownership\" privilege via an LSA connection.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2111.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2111.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2111","reference_id":"","reference_type":"","scores":[{"value":"0.02255","scoring_system":"epss","scoring_elements":"0.84903","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2111"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=813569","reference_id":"813569","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=813569"},{"reference_url":"https://security.gentoo.org/glsa/201206-22","reference_id":"GLSA-201206-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0533","reference_id":"RHSA-2012:0533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0533"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128418?format=json","purl":"pkg:deb/debian/samba@2:3.6.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2012-2111"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bk9c-f69a-akdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3644?format=json","vulnerability_id":"VCID-bkse-muh9-t7a8","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44141.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44141.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44141","reference_id":"","reference_type":"","scores":[{"value":"0.00308","scoring_system":"epss","scoring_elements":"0.543","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44141"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004692","reference_id":"1004692","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004692"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2046120","reference_id":"2046120","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2046120"},{"reference_url":"https://security.archlinux.org/AVG-2648","reference_id":"AVG-2648","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2648"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1756","reference_id":"RHSA-2022:1756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2074","reference_id":"RHSA-2022:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2074"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128489?format=json","purl":"pkg:deb/debian/samba@2:4.16.0%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.16.0%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2021-44141"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bkse-muh9-t7a8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64924?format=json","vulnerability_id":"VCID-bpe6-qsa1-tfc9","summary":"Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local users to cause a denial of service (mounting outage) via a SIGKILL signal during a time window when the /etc/mtab~ file exists.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3585.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3585.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3585","reference_id":"","reference_type":"","scores":[{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33938","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3585"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=742907","reference_id":"742907","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=742907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1219","reference_id":"RHSA-2011:1219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1221","reference_id":"RHSA-2011:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1221"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128414?format=json","purl":"pkg:deb/debian/samba@2:3.4.7~dfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.4.7~dfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2011-3585"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bpe6-qsa1-tfc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100703?format=json","vulnerability_id":"VCID-bykg-wucu-duay","summary":"A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for password complexity. This configuration can fail to verify password complexity when non-ASCII characters are used in the password, which could lead to weak passwords being set for samba users, making it vulnerable to dictionary attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14833.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14833.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14833","reference_id":"","reference_type":"","scores":[{"value":"0.01267","scoring_system":"epss","scoring_elements":"0.79803","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14833"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764126","reference_id":"1764126","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764126"},{"reference_url":"https://security.archlinux.org/ASA-201911-6","reference_id":"ASA-201911-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201911-6"},{"reference_url":"https://security.archlinux.org/AVG-1057","reference_id":"AVG-1057","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1057"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128463?format=json","purl":"pkg:deb/debian/samba@2:4.11.1%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.11.1%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-14833"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bykg-wucu-duay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100663?format=json","vulnerability_id":"VCID-c99r-m2v5-zqa3","summary":"The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote attackers to access snapshots by visiting a shadow copy directory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5299.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5299.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5299","reference_id":"","reference_type":"","scores":[{"value":"0.09138","scoring_system":"epss","scoring_elements":"0.92829","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1276126","reference_id":"1276126","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1276126"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0006","reference_id":"RHSA-2016:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0010","reference_id":"RHSA-2016:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0011","reference_id":"RHSA-2016:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0015","reference_id":"RHSA-2016:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0016","reference_id":"RHSA-2016:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0016"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128437?format=json","purl":"pkg:deb/debian/samba@2:4.1.22%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.22%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2015-5299"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c99r-m2v5-zqa3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100704?format=json","vulnerability_id":"VCID-d4jx-h2cx-kbf3","summary":"A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14847.json","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14847.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14847","reference_id":"","reference_type":"","scores":[{"value":"0.02434","scoring_system":"epss","scoring_elements":"0.85437","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14847"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764142","reference_id":"1764142","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764142"},{"reference_url":"https://security.archlinux.org/ASA-201911-6","reference_id":"ASA-201911-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201911-6"},{"reference_url":"https://security.archlinux.org/AVG-1057","reference_id":"AVG-1057","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1057"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128465?format=json","purl":"pkg:deb/debian/samba@2:4.11.0%2Bdfsg-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.11.0%252Bdfsg-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-14847"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d4jx-h2cx-kbf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100712?format=json","vulnerability_id":"VCID-ddag-h7en-efed","summary":"A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3880.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3880.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3880","reference_id":"","reference_type":"","scores":[{"value":"0.03388","scoring_system":"epss","scoring_elements":"0.87614","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3880"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1691518","reference_id":"1691518","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1691518"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1966","reference_id":"RHSA-2019:1966","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1966"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1967","reference_id":"RHSA-2019:1967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2099","reference_id":"RHSA-2019:2099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3582","reference_id":"RHSA-2019:3582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3582"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128471?format=json","purl":"pkg:deb/debian/samba@2:4.9.5%2Bdfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-3880"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ddag-h7en-efed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100606?format=json","vulnerability_id":"VCID-dm3k-e5p2-3kh1","summary":"The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3403.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3403.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3403","reference_id":"","reference_type":"","scores":[{"value":"0.29763","scoring_system":"epss","scoring_elements":"0.96727","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3403"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618140","reference_id":"1618140","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618140"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=378070","reference_id":"378070","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=378070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0591","reference_id":"RHSA-2006:0591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0591"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128393?format=json","purl":"pkg:deb/debian/samba@3.0.23a-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.23a-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2006-3403"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dm3k-e5p2-3kh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100623?format=json","vulnerability_id":"VCID-dnwj-ja5g-abbe","summary":"The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1888.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1888.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1888","reference_id":"","reference_type":"","scores":[{"value":"0.05392","scoring_system":"epss","scoring_elements":"0.90286","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1888"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=506996","reference_id":"506996","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=506996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1529","reference_id":"RHSA-2009:1529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1585","reference_id":"RHSA-2009:1585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1585"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128404?format=json","purl":"pkg:deb/debian/samba@2:3.3.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.3.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2009-1888"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dnwj-ja5g-abbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6203?format=json","vulnerability_id":"VCID-dtxj-7cam-x3g9","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14629.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14629.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14629","reference_id":"","reference_type":"","scores":[{"value":"0.08971","scoring_system":"epss","scoring_elements":"0.92753","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1625449","reference_id":"1625449","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1625449"},{"reference_url":"https://security.archlinux.org/ASA-201811-22","reference_id":"ASA-201811-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-22"},{"reference_url":"https://security.archlinux.org/AVG-823","reference_id":"AVG-823","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-823"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128459?format=json","purl":"pkg:deb/debian/samba@2:4.9.2%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.2%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-14629"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dtxj-7cam-x3g9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7018?format=json","vulnerability_id":"VCID-dzyk-akhc-t7d2","summary":"silent downgrade","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2124.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2124.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2124","reference_id":"","reference_type":"","scores":[{"value":"0.00699","scoring_system":"epss","scoring_elements":"0.72361","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2124"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019660","reference_id":"2019660","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019660"},{"reference_url":"https://security.archlinux.org/AVG-2539","reference_id":"AVG-2539","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2539"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4843","reference_id":"RHSA-2021:4843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4844","reference_id":"RHSA-2021:4844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5082","reference_id":"RHSA-2021:5082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5082"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5192","reference_id":"RHSA-2021:5192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0008","reference_id":"RHSA-2022:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0074","reference_id":"RHSA-2022:0074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0074"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128443?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128442?format=json","purl":"pkg:deb/debian/samba@2:4.13.14%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.14%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2124"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dzyk-akhc-t7d2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75221?format=json","vulnerability_id":"VCID-e2b4-vjgq-sbdq","summary":"A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27840.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27840.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27840","reference_id":"","reference_type":"","scores":[{"value":"0.14523","scoring_system":"epss","scoring_elements":"0.9458","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27840"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1941400","reference_id":"1941400","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1941400"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985936","reference_id":"985936","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985936"},{"reference_url":"https://security.archlinux.org/AVG-1732","reference_id":"AVG-1732","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1732"},{"reference_url":"https://security.archlinux.org/AVG-1734","reference_id":"AVG-1734","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1734"},{"reference_url":"https://security.gentoo.org/glsa/202105-22","reference_id":"GLSA-202105-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128486?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-27840"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e2b4-vjgq-sbdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100679?format=json","vulnerability_id":"VCID-e45f-ty2v-g7g8","summary":"A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12151.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12151.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12151","reference_id":"","reference_type":"","scores":[{"value":"0.04146","scoring_system":"epss","scoring_elements":"0.88852","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12151"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1488197","reference_id":"1488197","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1488197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2790","reference_id":"RHSA-2017:2790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2858","reference_id":"RHSA-2017:2858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2858"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128445?format=json","purl":"pkg:deb/debian/samba@2:4.6.7%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.6.7%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2017-12151"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e45f-ty2v-g7g8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100670?format=json","vulnerability_id":"VCID-eaxm-5jgj-eqcg","summary":"The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2111.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2111.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2111","reference_id":"","reference_type":"","scores":[{"value":"0.02808","scoring_system":"epss","scoring_elements":"0.864","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311902","reference_id":"1311902","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311902"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0611","reference_id":"RHSA-2016:0611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0612","reference_id":"RHSA-2016:0612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0613","reference_id":"RHSA-2016:0613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0614","reference_id":"RHSA-2016:0614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0618","reference_id":"RHSA-2016:0618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0619","reference_id":"RHSA-2016:0619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0620","reference_id":"RHSA-2016:0620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0621","reference_id":"RHSA-2016:0621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0623","reference_id":"RHSA-2016:0623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0624","reference_id":"RHSA-2016:0624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0625","reference_id":"RHSA-2016:0625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0625"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128438?format=json","purl":"pkg:deb/debian/samba@2:4.3.7%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.3.7%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2111"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eaxm-5jgj-eqcg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100626?format=json","vulnerability_id":"VCID-ebus-zxf9-qfhe","summary":"mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or -v option.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2948.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2948.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2948","reference_id":"","reference_type":"","scores":[{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43573","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2948"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=526074","reference_id":"526074","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=526074"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550423","reference_id":"550423","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550423"},{"reference_url":"https://security.gentoo.org/glsa/201206-22","reference_id":"GLSA-201206-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1529","reference_id":"RHSA-2009:1529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1585","reference_id":"RHSA-2009:1585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1585"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128405?format=json","purl":"pkg:deb/debian/samba@2:3.4.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.4.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2009-2948"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ebus-zxf9-qfhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100676?format=json","vulnerability_id":"VCID-egeg-4ds7-d3d1","summary":"The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka \"BADLOCK.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2118.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2118.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2118","reference_id":"","reference_type":"","scores":[{"value":"0.78522","scoring_system":"epss","scoring_elements":"0.99061","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2118"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1317990","reference_id":"1317990","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1317990"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0611","reference_id":"RHSA-2016:0611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0612","reference_id":"RHSA-2016:0612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0613","reference_id":"RHSA-2016:0613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0614","reference_id":"RHSA-2016:0614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0618","reference_id":"RHSA-2016:0618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0619","reference_id":"RHSA-2016:0619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0620","reference_id":"RHSA-2016:0620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0621","reference_id":"RHSA-2016:0621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0623","reference_id":"RHSA-2016:0623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0624","reference_id":"RHSA-2016:0624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0625","reference_id":"RHSA-2016:0625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0625"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128438?format=json","purl":"pkg:deb/debian/samba@2:4.3.7%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.3.7%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2118"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-egeg-4ds7-d3d1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100702?format=json","vulnerability_id":"VCID-emy1-4uv9-4kfn","summary":"Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD DC LDAP server Denial of Service. This is related to an attacker using the paged search control. The attacker must have directory read access in order to attempt an exploit.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12436.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12436.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12436","reference_id":"","reference_type":"","scores":[{"value":"0.02349","scoring_system":"epss","scoring_elements":"0.8519","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12436"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1711837","reference_id":"1711837","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1711837"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128376?format=json","purl":"pkg:deb/debian/samba@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12436"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-emy1-4uv9-4kfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100672?format=json","vulnerability_id":"VCID-enbr-g8ae-ubbc","summary":"Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof LDAPS and HTTPS servers and obtain sensitive information via a crafted certificate.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2113.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2113.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2113","reference_id":"","reference_type":"","scores":[{"value":"0.04197","scoring_system":"epss","scoring_elements":"0.88919","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311910","reference_id":"1311910","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311910"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0612","reference_id":"RHSA-2016:0612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0614","reference_id":"RHSA-2016:0614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0618","reference_id":"RHSA-2016:0618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0620","reference_id":"RHSA-2016:0620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0620"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128438?format=json","purl":"pkg:deb/debian/samba@2:4.3.7%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.3.7%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2113"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-enbr-g8ae-ubbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100648?format=json","vulnerability_id":"VCID-et6f-6gtc-5ues","summary":"Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4408.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4408.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4408","reference_id":"","reference_type":"","scores":[{"value":"0.0295","scoring_system":"epss","scoring_elements":"0.86719","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1018032","reference_id":"1018032","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1018032"},{"reference_url":"https://security.gentoo.org/glsa/201502-15","reference_id":"GLSA-201502-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1805","reference_id":"RHSA-2013:1805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1806","reference_id":"RHSA-2013:1806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0009","reference_id":"RHSA-2014:0009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0009"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128419?format=json","purl":"pkg:deb/debian/samba@2:4.0.13%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.0.13%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2013-4408"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-et6f-6gtc-5ues"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95284?format=json","vulnerability_id":"VCID-f93g-v8t6-wyf3","summary":"samba: type confusion in mdssvc RPC service for spotlight","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34967.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34967.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222794","reference_id":"2222794","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222794"},{"reference_url":"https://security.gentoo.org/glsa/202402-28","reference_id":"GLSA-202402-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-28"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6667","reference_id":"RHSA-2023:6667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7139","reference_id":"RHSA-2023:7139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0423","reference_id":"RHSA-2024:0423","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0580","reference_id":"RHSA-2024:0580","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0580"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128498?format=json","purl":"pkg:deb/debian/samba@2:4.17.10%2Bdfsg-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.10%252Bdfsg-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128499?format=json","purl":"pkg:deb/debian/samba@2:4.18.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.18.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2023-34967"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f93g-v8t6-wyf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3528?format=json","vulnerability_id":"VCID-fb3p-pr3k-wbhj","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38023.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38023.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38023","reference_id":"","reference_type":"","scores":[{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64682","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38023"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2154362","reference_id":"2154362","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2154362"},{"reference_url":"https://security.archlinux.org/AVG-2828","reference_id":"AVG-2828","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2828"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0637","reference_id":"RHSA-2023:0637","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0637"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0638","reference_id":"RHSA-2023:0638","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0638"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0639","reference_id":"RHSA-2023:0639","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0639"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0838","reference_id":"RHSA-2023:0838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1090","reference_id":"RHSA-2023:1090","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1090"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2127","reference_id":"RHSA-2023:2127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2136","reference_id":"RHSA-2023:2136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2137","reference_id":"RHSA-2023:2137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3491","reference_id":"RHSA-2023:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3491"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128502?format=json","purl":"pkg:deb/debian/samba@2:4.17.4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38023"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fb3p-pr3k-wbhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100594?format=json","vulnerability_id":"VCID-fdpk-a129-duga","summary":"smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0186","reference_id":"","reference_type":"","scores":[{"value":"0.00525","scoring_system":"epss","scoring_elements":"0.67334","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0186"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/23674.txt","reference_id":"CVE-2004-0186;OSVDB-3916","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/23674.txt"},{"reference_url":"https://www.securityfocus.com/bid/9619/info","reference_id":"CVE-2004-0186;OSVDB-3916","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/9619/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128379?format=json","purl":"pkg:deb/debian/samba@3.0.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.2-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0186"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fdpk-a129-duga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100723?format=json","vulnerability_id":"VCID-fj5p-xkmp-vken","summary":"A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20316.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20316.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20316","reference_id":"","reference_type":"","scores":[{"value":"0.00813","scoring_system":"epss","scoring_elements":"0.74621","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20316"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004690","reference_id":"1004690","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004690"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2009673","reference_id":"2009673","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2009673"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1756","reference_id":"RHSA-2022:1756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2074","reference_id":"RHSA-2022:2074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2074"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128489?format=json","purl":"pkg:deb/debian/samba@2:4.16.0%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.16.0%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2021-20316"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fj5p-xkmp-vken"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92311?format=json","vulnerability_id":"VCID-fusx-6479-27h3","summary":"samba: smbd allows client access to unix domain sockets on the file system as root","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3961.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3961.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241881","reference_id":"2241881","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241881"},{"reference_url":"https://security.gentoo.org/glsa/202402-28","reference_id":"GLSA-202402-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-28"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6209","reference_id":"RHSA-2023:6209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6744","reference_id":"RHSA-2023:6744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7371","reference_id":"RHSA-2023:7371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7408","reference_id":"RHSA-2023:7408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7464","reference_id":"RHSA-2023:7464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7467","reference_id":"RHSA-2023:7467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7467"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128376?format=json","purl":"pkg:deb/debian/samba@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128506?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128507?format=json","purl":"pkg:deb/debian/samba@2:4.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.19.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2023-3961"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fusx-6479-27h3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100630?format=json","vulnerability_id":"VCID-gann-1a73-1uf4","summary":"The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create a symlink containing .. (dot dot) sequences, related to the combination of the unix extensions and wide links options.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0926.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0926.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0926","reference_id":"","reference_type":"","scores":[{"value":"0.56307","scoring_system":"epss","scoring_elements":"0.98151","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0926"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=562568","reference_id":"562568","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=562568"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=568493","reference_id":"568493","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=568493"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33598.rb","reference_id":"CVE-2010-0926;OSVDB-62145","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33598.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33599.txt","reference_id":"CVE-2010-0926;OSVDB-62145","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33599.txt"},{"reference_url":"https://www.securityfocus.com/bid/38111/info","reference_id":"CVE-2010-0926;OSVDB-62145","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/38111/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0313","reference_id":"RHSA-2012:0313","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0313"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128408?format=json","purl":"pkg:deb/debian/samba@2:3.4.6~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.4.6~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2010-0926"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gann-1a73-1uf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59302?format=json","vulnerability_id":"VCID-gec9-c1be-dkba","summary":"samba: group policy certificate enrollment uses http:// without validation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3012.json","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3012.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447319","reference_id":"2447319","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22644","reference_id":"RHSA-2026:22644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22963","reference_id":"RHSA-2026:22963","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22963"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128514?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128513?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2026-3012"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gec9-c1be-dkba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100700?format=json","vulnerability_id":"VCID-gg9p-kzw8-23bq","summary":"A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10218.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10218.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10218","reference_id":"","reference_type":"","scores":[{"value":"0.04508","scoring_system":"epss","scoring_elements":"0.89325","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10218"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1763137","reference_id":"1763137","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1763137"},{"reference_url":"https://security.archlinux.org/ASA-201911-6","reference_id":"ASA-201911-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201911-6"},{"reference_url":"https://security.archlinux.org/AVG-1057","reference_id":"AVG-1057","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0943","reference_id":"RHSA-2020:0943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1084","reference_id":"RHSA-2020:1084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1878","reference_id":"RHSA-2020:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1878"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128463?format=json","purl":"pkg:deb/debian/samba@2:4.11.1%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.11.1%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-10218"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gg9p-kzw8-23bq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100721?format=json","vulnerability_id":"VCID-gx57-3mtp-hqdh","summary":"A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20251.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20251.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20251","reference_id":"","reference_type":"","scores":[{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44834","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20251"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1929800","reference_id":"1929800","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1929800"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128487?format=json","purl":"pkg:deb/debian/samba@2:4.17.2%2Bdfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.2%252Bdfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2021-20251"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gx57-3mtp-hqdh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100620?format=json","vulnerability_id":"VCID-h4dq-47fg-yqga","summary":"smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to read arbitrary memory and cause a denial of service via crafted (1) trans, (2) trans2, and (3) nttrans requests, related to a \"cut&paste error\" that causes an improper bounds check to be performed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4314.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4314.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4314","reference_id":"","reference_type":"","scores":[{"value":"0.1089","scoring_system":"epss","scoring_elements":"0.93522","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4314"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=472298","reference_id":"472298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=472298"},{"reference_url":"https://security.gentoo.org/glsa/200903-07","reference_id":"GLSA-200903-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200903-07"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128402?format=json","purl":"pkg:deb/debian/samba@2:3.2.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.2.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2008-4314"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h4dq-47fg-yqga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100687?format=json","vulnerability_id":"VCID-hbe8-zptv-f7dr","summary":"smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9461.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9461.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9461","reference_id":"","reference_type":"","scores":[{"value":"0.03382","scoring_system":"epss","scoring_elements":"0.87605","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1459464","reference_id":"1459464","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1459464"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864291","reference_id":"864291","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1950","reference_id":"RHSA-2017:1950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2338","reference_id":"RHSA-2017:2338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2778","reference_id":"RHSA-2017:2778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2778"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128453?format=json","purl":"pkg:deb/debian/samba@2:4.5.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2017-9461"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hbe8-zptv-f7dr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100625?format=json","vulnerability_id":"VCID-hhr3-tvv1-r7ex","summary":"smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2906.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2906.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2906","reference_id":"","reference_type":"","scores":[{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60809","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2906"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=526645","reference_id":"526645","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=526645"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550423","reference_id":"550423","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550423"},{"reference_url":"https://security.gentoo.org/glsa/201206-22","reference_id":"GLSA-201206-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1528","reference_id":"RHSA-2009:1528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1529","reference_id":"RHSA-2009:1529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1585","reference_id":"RHSA-2009:1585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1585"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128405?format=json","purl":"pkg:deb/debian/samba@2:3.4.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.4.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2009-2906"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hhr3-tvv1-r7ex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100609?format=json","vulnerability_id":"VCID-hhyy-7a7s-3khn","summary":"Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0454.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0454.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0454","reference_id":"","reference_type":"","scores":[{"value":"0.04407","scoring_system":"epss","scoring_elements":"0.89197","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0454"},{"reference_url":"https://security.gentoo.org/glsa/200702-01","reference_id":"GLSA-200702-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200702-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128394?format=json","purl":"pkg:deb/debian/samba@3.0.23d-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.23d-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2007-0454"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hhyy-7a7s-3khn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4861?format=json","vulnerability_id":"VCID-hkb3-h17f-bbfc","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32745.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32745.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32745","reference_id":"","reference_type":"","scores":[{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.6449","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32745"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449","reference_id":"1016449","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108211","reference_id":"2108211","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108211"},{"reference_url":"https://security.archlinux.org/AVG-2782","reference_id":"AVG-2782","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2782"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128497?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128496?format=json","purl":"pkg:deb/debian/samba@2:4.16.4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.16.4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-32745"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hkb3-h17f-bbfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3526?format=json","vulnerability_id":"VCID-hxfw-6htj-wkhg","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45141.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45141.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-45141","reference_id":"","reference_type":"","scores":[{"value":"0.0067","scoring_system":"epss","scoring_elements":"0.7175","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-45141"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2154376","reference_id":"2154376","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2154376"},{"reference_url":"https://security.archlinux.org/AVG-2828","reference_id":"AVG-2828","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2828"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128489?format=json","purl":"pkg:deb/debian/samba@2:4.16.0%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.16.0%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-45141"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hxfw-6htj-wkhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100696?format=json","vulnerability_id":"VCID-j1a6-7vhx-sbh7","summary":"An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14628.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14628.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14628","reference_id":"","reference_type":"","scores":[{"value":"0.00535","scoring_system":"epss","scoring_elements":"0.67789","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14628"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034803","reference_id":"1034803","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034803"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1625445","reference_id":"1625445","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1625445"},{"reference_url":"https://security.gentoo.org/glsa/202402-28","reference_id":"GLSA-202402-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-28"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128458?format=json","purl":"pkg:deb/debian/samba@2:4.19.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.19.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-14628"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j1a6-7vhx-sbh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59299?format=json","vulnerability_id":"VCID-j1m5-tteg-wqh1","summary":"samba: Missing access check on reparse point operations","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1933.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1933.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447317","reference_id":"2447317","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22963","reference_id":"RHSA-2026:22963","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22963"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128376?format=json","purl":"pkg:deb/debian/samba@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128513?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2026-1933"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j1m5-tteg-wqh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100656?format=json","vulnerability_id":"VCID-j317-uv8e-6fgn","summary":"The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0244.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0244.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0244","reference_id":"","reference_type":"","scores":[{"value":"0.20011","scoring_system":"epss","scoring_elements":"0.95588","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1097815","reference_id":"1097815","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1097815"},{"reference_url":"https://security.gentoo.org/glsa/201502-15","reference_id":"GLSA-201502-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0866","reference_id":"RHSA-2014:0866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0867","reference_id":"RHSA-2014:0867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1009","reference_id":"RHSA-2014:1009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1009"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128434?format=json","purl":"pkg:deb/debian/samba@2:4.1.9%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.9%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2014-0244"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j317-uv8e-6fgn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97640?format=json","vulnerability_id":"VCID-j358-djx5-8qdw","summary":"samba: Access controlled AD LDAP attributes can be discovered","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0614.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0614.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0614","reference_id":"","reference_type":"","scores":[{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44493","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0614"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182776","reference_id":"2182776","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182776"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128505?format=json","purl":"pkg:deb/debian/samba@2:4.17.7%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.7%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2023-0614"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j358-djx5-8qdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100596?format=json","vulnerability_id":"VCID-j9gn-19jv-33c5","summary":"Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the \"mangling method = hash\" option is enabled in smb.conf, has unknown impact and attack vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0686.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0686.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0686","reference_id":"","reference_type":"","scores":[{"value":"0.11636","scoring_system":"epss","scoring_elements":"0.93791","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0686"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617250","reference_id":"1617250","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617250"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=260839","reference_id":"260839","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=260839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:259","reference_id":"RHSA-2004:259","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:259"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:404","reference_id":"RHSA-2004:404","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:404"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128381?format=json","purl":"pkg:deb/debian/samba@3.0.5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0686"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j9gn-19jv-33c5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100688?format=json","vulnerability_id":"VCID-jeut-pn1j-gfg6","summary":"A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10858.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10858.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10858","reference_id":"","reference_type":"","scores":[{"value":"0.0594","scoring_system":"epss","scoring_elements":"0.90803","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10858"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1612805","reference_id":"1612805","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1612805"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2612","reference_id":"RHSA-2018:2612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2613","reference_id":"RHSA-2018:2613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3056","reference_id":"RHSA-2018:3056","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3470","reference_id":"RHSA-2018:3470","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3470"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128457?format=json","purl":"pkg:deb/debian/samba@2:4.8.4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.8.4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-10858"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jeut-pn1j-gfg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6391?format=json","vulnerability_id":"VCID-jmm9-r3u7-zufe","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14746.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14746.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14746","reference_id":"","reference_type":"","scores":[{"value":"0.31253","scoring_system":"epss","scoring_elements":"0.96859","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1511899","reference_id":"1511899","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1511899"},{"reference_url":"https://security.archlinux.org/ASA-201712-1","reference_id":"ASA-201712-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201712-1"},{"reference_url":"https://security.archlinux.org/AVG-535","reference_id":"AVG-535","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-535"},{"reference_url":"https://security.gentoo.org/glsa/201805-07","reference_id":"GLSA-201805-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201805-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3260","reference_id":"RHSA-2017:3260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3261","reference_id":"RHSA-2017:3261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3278","reference_id":"RHSA-2017:3278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3278"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128446?format=json","purl":"pkg:deb/debian/samba@2:4.7.1%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.7.1%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2017-14746"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jmm9-r3u7-zufe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4310?format=json","vulnerability_id":"VCID-jnby-fw2x-xyf4","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1057.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1057.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1057","reference_id":"","reference_type":"","scores":[{"value":"0.07722","scoring_system":"epss","scoring_elements":"0.92075","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1057"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553553","reference_id":"1553553","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553553"},{"reference_url":"https://security.archlinux.org/ASA-201803-10","reference_id":"ASA-201803-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-10"},{"reference_url":"https://security.archlinux.org/AVG-651","reference_id":"AVG-651","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-651"},{"reference_url":"https://security.gentoo.org/glsa/201805-07","reference_id":"GLSA-201805-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201805-07"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128455?format=json","purl":"pkg:deb/debian/samba@2:4.7.4%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.7.4%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-1057"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jnby-fw2x-xyf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100642?format=json","vulnerability_id":"VCID-jxyu-xxfk-x3gs","summary":"The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging an administrator's pam_winbind configuration-file mistake.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6150.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6150.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-6150","reference_id":"","reference_type":"","scores":[{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31249","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-6150"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1036897","reference_id":"1036897","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1036897"},{"reference_url":"https://security.gentoo.org/glsa/201502-15","reference_id":"GLSA-201502-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0330","reference_id":"RHSA-2014:0330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0383","reference_id":"RHSA-2014:0383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0383"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128419?format=json","purl":"pkg:deb/debian/samba@2:4.0.13%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.0.13%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2012-6150"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jxyu-xxfk-x3gs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100599?format=json","vulnerability_id":"VCID-jyzv-5qe7-g7db","summary":"The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via \"/.////\" style sequences in pathnames.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0815.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0815.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0815","reference_id":"","reference_type":"","scores":[{"value":"0.08221","scoring_system":"epss","scoring_elements":"0.92358","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0815"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617303","reference_id":"1617303","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617303"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=274342","reference_id":"274342","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=274342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:498","reference_id":"RHSA-2004:498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:498"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128385?format=json","purl":"pkg:deb/debian/samba@3.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0815"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jyzv-5qe7-g7db"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100613?format=json","vulnerability_id":"VCID-kr3y-cghu-s7cs","summary":"The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the \"username map script\" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2447.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2447.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2447","reference_id":"","reference_type":"","scores":[{"value":"0.49575","scoring_system":"epss","scoring_elements":"0.97854","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2447"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=239774","reference_id":"239774","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=239774"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/16320.rb","reference_id":"CVE-2007-2447;OSVDB-34700","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/16320.rb"},{"reference_url":"https://security.gentoo.org/glsa/200705-15","reference_id":"GLSA-200705-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200705-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0354","reference_id":"RHSA-2007:0354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0354"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128396?format=json","purl":"pkg:deb/debian/samba@3.0.25-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.25-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2007-2447"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kr3y-cghu-s7cs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100713?format=json","vulnerability_id":"VCID-ksss-h1p9-mbaz","summary":"A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10700.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10700.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10700","reference_id":"","reference_type":"","scores":[{"value":"0.02857","scoring_system":"epss","scoring_elements":"0.86515","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10700"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1825731","reference_id":"1825731","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1825731"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960189","reference_id":"960189","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960189"},{"reference_url":"https://security.gentoo.org/glsa/202007-15","reference_id":"GLSA-202007-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128473?format=json","purl":"pkg:deb/debian/samba@2:4.12.3%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.12.3%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-10700"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ksss-h1p9-mbaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7021?format=json","vulnerability_id":"VCID-kwqt-87ga-1bbn","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25722.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25722.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25722","reference_id":"","reference_type":"","scores":[{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61724","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019764","reference_id":"2019764","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019764"},{"reference_url":"https://security.archlinux.org/AVG-2538","reference_id":"AVG-2538","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2538"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128443?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128442?format=json","purl":"pkg:deb/debian/samba@2:4.13.14%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.14%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-25722"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kwqt-87ga-1bbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100614?format=json","vulnerability_id":"VCID-kymx-bv3z-f7ea","summary":"The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 through 3.0.25c, when the \"winbind nss info\" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1) RFC2307 or (2) Services for UNIX (SFU) primary group attribute is not defined.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4138.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4138.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4138","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28749","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4138"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=286271","reference_id":"286271","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=286271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1016","reference_id":"RHSA-2007:1016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1017","reference_id":"RHSA-2007:1017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1017"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128397?format=json","purl":"pkg:deb/debian/samba@3.0.26-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.26-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2007-4138"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kymx-bv3z-f7ea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100716?format=json","vulnerability_id":"VCID-m1qp-m1d3-nbgw","summary":"A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14323.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14323.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14323","reference_id":"","reference_type":"","scores":[{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.6236","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14323"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1891685","reference_id":"1891685","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1891685"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973399","reference_id":"973399","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973399"},{"reference_url":"https://security.gentoo.org/glsa/202012-24","reference_id":"GLSA-202012-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5439","reference_id":"RHSA-2020:5439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1647","reference_id":"RHSA-2021:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3723","reference_id":"RHSA-2021:3723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3723"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128479?format=json","purl":"pkg:deb/debian/samba@2:4.13.2%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.2%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-14323"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m1qp-m1d3-nbgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100592?format=json","vulnerability_id":"VCID-m28k-z95r-9yc7","summary":"Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-1332","reference_id":"","reference_type":"","scores":[{"value":"0.06492","scoring_system":"epss","scoring_elements":"0.91263","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-1332"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128376?format=json","purl":"pkg:deb/debian/samba@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2003-1332"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m28k-z95r-9yc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100664?format=json","vulnerability_id":"VCID-m364-w7f6-aug7","summary":"Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5370.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5370.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5370","reference_id":"","reference_type":"","scores":[{"value":"0.21108","scoring_system":"epss","scoring_elements":"0.95764","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1309987","reference_id":"1309987","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1309987"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0611","reference_id":"RHSA-2016:0611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0612","reference_id":"RHSA-2016:0612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0613","reference_id":"RHSA-2016:0613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0614","reference_id":"RHSA-2016:0614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0618","reference_id":"RHSA-2016:0618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0619","reference_id":"RHSA-2016:0619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0620","reference_id":"RHSA-2016:0620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0624","reference_id":"RHSA-2016:0624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0624"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128438?format=json","purl":"pkg:deb/debian/samba@2:4.3.7%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.3.7%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2015-5370"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m364-w7f6-aug7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5843?format=json","vulnerability_id":"VCID-m8f3-3jf6-2bdy","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10760.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10760.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10760","reference_id":"","reference_type":"","scores":[{"value":"0.02353","scoring_system":"epss","scoring_elements":"0.85198","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10760"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1849509","reference_id":"1849509","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1849509"},{"reference_url":"https://security.archlinux.org/AVG-1202","reference_id":"AVG-1202","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1202"},{"reference_url":"https://security.gentoo.org/glsa/202007-15","reference_id":"GLSA-202007-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128476?format=json","purl":"pkg:deb/debian/samba@2:4.12.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.12.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-10760"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m8f3-3jf6-2bdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100701?format=json","vulnerability_id":"VCID-mktu-yt4c-tkfq","summary":"Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer dereference, leading to Denial of Service. This is related to the AD DC DNS management server (dnsserver) RPC server process.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12435.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12435.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12435","reference_id":"","reference_type":"","scores":[{"value":"0.03816","scoring_system":"epss","scoring_elements":"0.88321","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12435"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1711816","reference_id":"1711816","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1711816"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930748","reference_id":"930748","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930748"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128464?format=json","purl":"pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12435"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mktu-yt4c-tkfq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100734?format=json","vulnerability_id":"VCID-mnnu-hrtz-uyeg","summary":"","references":[],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128514?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128513?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2026-3238"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mnnu-hrtz-uyeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100647?format=json","vulnerability_id":"VCID-ms3e-8h1d-7yhh","summary":"Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4124.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4124.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4124","reference_id":"","reference_type":"","scores":[{"value":"0.83531","scoring_system":"epss","scoring_elements":"0.99297","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=984401","reference_id":"984401","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=984401"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27778.txt","reference_id":"CVE-2013-4124;OSVDB-95969","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27778.txt"},{"reference_url":"https://security.gentoo.org/glsa/201502-15","reference_id":"GLSA-201502-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1310","reference_id":"RHSA-2013:1310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1310"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1542","reference_id":"RHSA-2013:1542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1543","reference_id":"RHSA-2013:1543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0305","reference_id":"RHSA-2014:0305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0305"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128424?format=json","purl":"pkg:deb/debian/samba@2:3.6.17-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.17-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2013-4124"],"risk_score":1.6,"exploitability":"2.0","weighted_severity":"0.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ms3e-8h1d-7yhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59893?format=json","vulnerability_id":"VCID-mtrk-m8jm-gyfg","summary":"samba: Samba: Remote Code Execution in printing subsystem via unescaped job description","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4480.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4480.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2452232","reference_id":"2452232","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2452232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22644","reference_id":"RHSA-2026:22644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22963","reference_id":"RHSA-2026:22963","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22963"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128514?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128513?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2026-4480"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mtrk-m8jm-gyfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90290?format=json","vulnerability_id":"VCID-mxew-ey1n-zuet","summary":"samba: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0620.json","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0620.json"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107248","reference_id":"1107248","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107248"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370453","reference_id":"2370453","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370453"},{"reference_url":"https://security.archlinux.org/ASA-202506-3","reference_id":"ASA-202506-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202506-3"},{"reference_url":"https://security.archlinux.org/AVG-2892","reference_id":"AVG-2892","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2892"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128376?format=json","purl":"pkg:deb/debian/samba@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128509?format=json","purl":"pkg:deb/debian/samba@2:4.22.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2025-0620"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mxew-ey1n-zuet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5842?format=json","vulnerability_id":"VCID-mxk6-6rwy-hfa3","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14303.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14303.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14303","reference_id":"","reference_type":"","scores":[{"value":"0.26364","scoring_system":"epss","scoring_elements":"0.96413","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14303"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1851298","reference_id":"1851298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1851298"},{"reference_url":"https://security.archlinux.org/AVG-1202","reference_id":"AVG-1202","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1202"},{"reference_url":"https://security.gentoo.org/glsa/202007-15","reference_id":"GLSA-202007-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128476?format=json","purl":"pkg:deb/debian/samba@2:4.12.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.12.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-14303"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mxk6-6rwy-hfa3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100645?format=json","vulnerability_id":"VCID-n1sz-dkw8-77dz","summary":"Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and composing requests that perform SWAT actions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0214.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0214.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0214","reference_id":"","reference_type":"","scores":[{"value":"0.04872","scoring_system":"epss","scoring_elements":"0.8974","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0214"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=905704","reference_id":"905704","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=905704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1310","reference_id":"RHSA-2013:1310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1310"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1542","reference_id":"RHSA-2013:1542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0305","reference_id":"RHSA-2014:0305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0305"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128421?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2013-0214"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n1sz-dkw8-77dz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4666?format=json","vulnerability_id":"VCID-n6xc-pvqq-9bgs","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2126.json","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2126.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2126","reference_id":"","reference_type":"","scores":[{"value":"0.04506","scoring_system":"epss","scoring_elements":"0.89323","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1403115","reference_id":"1403115","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1403115"},{"reference_url":"https://security.archlinux.org/ASA-201612-19","reference_id":"ASA-201612-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-19"},{"reference_url":"https://security.archlinux.org/AVG-111","reference_id":"AVG-111","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0494","reference_id":"RHSA-2017:0494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0495","reference_id":"RHSA-2017:0495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0662","reference_id":"RHSA-2017:0662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0744","reference_id":"RHSA-2017:0744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1265","reference_id":"RHSA-2017:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1265"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128441?format=json","purl":"pkg:deb/debian/samba@2:4.5.2%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.2%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2126"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n6xc-pvqq-9bgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100677?format=json","vulnerability_id":"VCID-n9bw-bctz-pqfx","summary":"libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSION_FLAG_IS_GUEST or (2) SMB2_SESSION_FLAG_IS_NULL flag.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2119.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2119.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2119","reference_id":"","reference_type":"","scores":[{"value":"0.01142","scoring_system":"epss","scoring_elements":"0.78773","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2119"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1351955","reference_id":"1351955","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1351955"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830195","reference_id":"830195","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830195"},{"reference_url":"https://security.gentoo.org/glsa/201805-07","reference_id":"GLSA-201805-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201805-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1486","reference_id":"RHSA-2016:1486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1487","reference_id":"RHSA-2016:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1494","reference_id":"RHSA-2016:1494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1494"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128440?format=json","purl":"pkg:deb/debian/samba@2:4.4.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.4.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2119"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n9bw-bctz-pqfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100681?format=json","vulnerability_id":"VCID-nazc-kauc-rqb6","summary":"An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12163.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12163.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12163","reference_id":"","reference_type":"","scores":[{"value":"0.41375","scoring_system":"epss","scoring_elements":"0.97477","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12163"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1491206","reference_id":"1491206","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1491206"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2789","reference_id":"RHSA-2017:2789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2790","reference_id":"RHSA-2017:2790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2791","reference_id":"RHSA-2017:2791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2858","reference_id":"RHSA-2017:2858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2858"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128445?format=json","purl":"pkg:deb/debian/samba@2:4.6.7%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.6.7%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2017-12163"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nazc-kauc-rqb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100711?format=json","vulnerability_id":"VCID-nhvj-h5wu-xfgy","summary":"A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3870.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3870.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3870","reference_id":"","reference_type":"","scores":[{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.6834","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3870"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1689010","reference_id":"1689010","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1689010"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128471?format=json","purl":"pkg:deb/debian/samba@2:4.9.5%2Bdfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-3870"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nhvj-h5wu-xfgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6198?format=json","vulnerability_id":"VCID-njb3-9hmh-s3cg","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16857.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16857.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16857","reference_id":"","reference_type":"","scores":[{"value":"0.0224","scoring_system":"epss","scoring_elements":"0.84863","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16857"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649278","reference_id":"1649278","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649278"},{"reference_url":"https://security.archlinux.org/ASA-201811-22","reference_id":"ASA-201811-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-22"},{"reference_url":"https://security.archlinux.org/AVG-823","reference_id":"AVG-823","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-823"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128459?format=json","purl":"pkg:deb/debian/samba@2:4.9.2%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.2%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-16857"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-njb3-9hmh-s3cg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3532?format=json","vulnerability_id":"VCID-np9m-wq3n-j7cq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3437.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3437.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3437","reference_id":"","reference_type":"","scores":[{"value":"0.00727","scoring_system":"epss","scoring_elements":"0.72987","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3437"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187","reference_id":"1024187","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2137774","reference_id":"2137774","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2137774"},{"reference_url":"https://security.archlinux.org/AVG-2828","reference_id":"AVG-2828","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2828"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"},{"reference_url":"https://security.gentoo.org/glsa/202310-06","reference_id":"GLSA-202310-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128500?format=json","purl":"pkg:deb/debian/samba@2:4.16.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.16.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-3437"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-np9m-wq3n-j7cq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100651?format=json","vulnerability_id":"VCID-nzms-3u9x-wuat","summary":"Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 does not enforce the password-guessing protection mechanism for all interfaces, which makes it easier for remote attackers to obtain access via brute-force ChangePasswordUser2 (1) SAMR or (2) RAP attempts.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4496.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4496.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4496","reference_id":"","reference_type":"","scores":[{"value":"0.0555","scoring_system":"epss","scoring_elements":"0.90433","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4496"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1072792","reference_id":"1072792","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1072792"},{"reference_url":"https://security.gentoo.org/glsa/201502-15","reference_id":"GLSA-201502-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0330","reference_id":"RHSA-2014:0330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0383","reference_id":"RHSA-2014:0383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0383"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128427?format=json","purl":"pkg:deb/debian/samba@2:4.1.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2013-4496"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nzms-3u9x-wuat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100673?format=json","vulnerability_id":"VCID-p4mk-1t9q-sbb3","summary":"The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the \"server signing = mandatory\" setting, which allows man-in-the-middle attackers to spoof SMB servers by modifying the client-server data stream.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2114.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2114.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2114","reference_id":"","reference_type":"","scores":[{"value":"0.05863","scoring_system":"epss","scoring_elements":"0.90727","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1312082","reference_id":"1312082","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1312082"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0612","reference_id":"RHSA-2016:0612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0614","reference_id":"RHSA-2016:0614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0618","reference_id":"RHSA-2016:0618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0620","reference_id":"RHSA-2016:0620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0620"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128438?format=json","purl":"pkg:deb/debian/samba@2:4.3.7%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.3.7%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2114"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p4mk-1t9q-sbb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100684?format=json","vulnerability_id":"VCID-pd84-1cmy-mqf6","summary":"It was discovered that the fix for CVE-2017-12151 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15086.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15086.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15086","reference_id":"","reference_type":"","scores":[{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49219","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15086"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1505785","reference_id":"1505785","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1505785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3110","reference_id":"RHSA-2017:3110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3110"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128376?format=json","purl":"pkg:deb/debian/samba@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2017-15086"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pd84-1cmy-mqf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100639?format=json","vulnerability_id":"VCID-pjsp-z7d9-6fh2","summary":"Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0870.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0870.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0870","reference_id":"","reference_type":"","scores":[{"value":"0.46876","scoring_system":"epss","scoring_elements":"0.9773","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0870"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=795509","reference_id":"795509","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=795509"},{"reference_url":"https://security.gentoo.org/glsa/201206-22","reference_id":"GLSA-201206-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0332","reference_id":"RHSA-2012:0332","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0332"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128411?format=json","purl":"pkg:deb/debian/samba@2:3.4.0~pre1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.4.0~pre1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2012-0870"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pjsp-z7d9-6fh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100719?format=json","vulnerability_id":"VCID-prhs-c1gk-97hj","summary":"An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels. For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see  How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020). When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1472.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1472.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1472","reference_id":"","reference_type":"","scores":[{"value":"0.9438","scoring_system":"epss","scoring_elements":"0.9997","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1472"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879822","reference_id":"1879822","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879822"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971048","reference_id":"971048","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971048"},{"reference_url":"https://security.archlinux.org/ASA-202009-17","reference_id":"ASA-202009-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202009-17"},{"reference_url":"https://security.archlinux.org/AVG-1236","reference_id":"AVG-1236","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1236"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/49071.py","reference_id":"CVE-2020-1472","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/49071.py"},{"reference_url":"https://security.gentoo.org/glsa/202012-24","reference_id":"GLSA-202012-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5439","reference_id":"RHSA-2020:5439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1647","reference_id":"RHSA-2021:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3723","reference_id":"RHSA-2021:3723","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3723"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128479?format=json","purl":"pkg:deb/debian/samba@2:4.13.2%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.2%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-1472"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-prhs-c1gk-97hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73522?format=json","vulnerability_id":"VCID-pzrp-6xtn-37db","summary":"samba: vfs_streams_xattr uninitialized memory write possible","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9640.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9640.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2391698","reference_id":"2391698","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2391698"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128512?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128511?format=json","purl":"pkg:deb/debian/samba@2:4.22.6%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.6%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128510?format=json","purl":"pkg:deb/debian/samba@2:4.23.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.23.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2025-9640"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pzrp-6xtn-37db"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4863?format=json","vulnerability_id":"VCID-q5hu-u9th-33e7","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32742.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32742.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32742","reference_id":"","reference_type":"","scores":[{"value":"0.00574","scoring_system":"epss","scoring_elements":"0.691","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32742"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449","reference_id":"1016449","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108196","reference_id":"2108196","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108196"},{"reference_url":"https://security.archlinux.org/AVG-2782","reference_id":"AVG-2782","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2782"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7056","reference_id":"RHSA-2022:7056","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7111","reference_id":"RHSA-2022:7111","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8317","reference_id":"RHSA-2022:8317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8317"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128497?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128496?format=json","purl":"pkg:deb/debian/samba@2:4.16.4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.16.4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-32742"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q5hu-u9th-33e7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5844?format=json","vulnerability_id":"VCID-qn5w-t24w-xye5","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10745.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10745.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10745","reference_id":"","reference_type":"","scores":[{"value":"0.19658","scoring_system":"epss","scoring_elements":"0.95539","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10745"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1849491","reference_id":"1849491","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1849491"},{"reference_url":"https://security.archlinux.org/AVG-1202","reference_id":"AVG-1202","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1202"},{"reference_url":"https://security.gentoo.org/glsa/202007-15","reference_id":"GLSA-202007-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128476?format=json","purl":"pkg:deb/debian/samba@2:4.12.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.12.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-10745"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qn5w-t24w-xye5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95272?format=json","vulnerability_id":"VCID-qqbv-h38g-zuf9","summary":"samba: SMB2 packet signing is not enforced when \"server signing = required\" is set","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3347.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3347.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222792","reference_id":"2222792","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222792"},{"reference_url":"https://security.gentoo.org/glsa/202402-28","reference_id":"GLSA-202402-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-28"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4325","reference_id":"RHSA-2023:4325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4328","reference_id":"RHSA-2023:4328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4328"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128376?format=json","purl":"pkg:deb/debian/samba@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128498?format=json","purl":"pkg:deb/debian/samba@2:4.17.10%2Bdfsg-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.10%252Bdfsg-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128499?format=json","purl":"pkg:deb/debian/samba@2:4.18.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.18.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2023-3347"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qqbv-h38g-zuf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100659?format=json","vulnerability_id":"VCID-qqme-47b7-2kfe","summary":"Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain Controller (AD DC) is configured, allows remote authenticated users to set the LDB userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain privileges, by leveraging delegation of authority for user-account or computer-account creation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8143.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8143.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8143","reference_id":"","reference_type":"","scores":[{"value":"0.04898","scoring_system":"epss","scoring_elements":"0.89773","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8143"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1181638","reference_id":"1181638","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1181638"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776993","reference_id":"776993","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776993"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128436?format=json","purl":"pkg:deb/debian/samba@2:4.1.17%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.17%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2014-8143"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qqme-47b7-2kfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7020?format=json","vulnerability_id":"VCID-qsns-qxxn-1ygq","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23192.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23192.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-23192","reference_id":"","reference_type":"","scores":[{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28206","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-23192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019666","reference_id":"2019666","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019666"},{"reference_url":"https://security.archlinux.org/AVG-2538","reference_id":"AVG-2538","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2538"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4843","reference_id":"RHSA-2021:4843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5082","reference_id":"RHSA-2021:5082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5082"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0008","reference_id":"RHSA-2022:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0008"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128443?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128442?format=json","purl":"pkg:deb/debian/samba@2:4.13.14%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.14%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2021-23192"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qsns-qxxn-1ygq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92315?format=json","vulnerability_id":"VCID-qtcs-hz4a-97fy","summary":"samba: SMB clients can truncate files with read-only permissions","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4091.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4091.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241882","reference_id":"2241882","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241882"},{"reference_url":"https://security.gentoo.org/glsa/202402-28","reference_id":"GLSA-202402-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-28"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6209","reference_id":"RHSA-2023:6209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6744","reference_id":"RHSA-2023:6744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7371","reference_id":"RHSA-2023:7371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7408","reference_id":"RHSA-2023:7408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7464","reference_id":"RHSA-2023:7464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7467","reference_id":"RHSA-2023:7467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7467"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128506?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128507?format=json","purl":"pkg:deb/debian/samba@2:4.19.1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.19.1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2023-4091"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qtcs-hz4a-97fy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72444?format=json","vulnerability_id":"VCID-r3n1-q8uv-cfbb","summary":"All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authentication, by forcing all tickets for these clients to be non-forwardable. In AD this is implemented by a user attribute delegation_not_allowed (aka not-delegated), which translates to disallow-forwardable. However the Samba AD DC does not do that for S4U2Self and does set the forwardable flag even if the impersonated client has the not-delegated flag set.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14870.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14870.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14870","reference_id":"","reference_type":"","scores":[{"value":"0.04669","scoring_system":"epss","scoring_elements":"0.89506","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14870"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1778589","reference_id":"1778589","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1778589"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946786","reference_id":"946786","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946786"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"},{"reference_url":"https://security.gentoo.org/glsa/202310-06","reference_id":"GLSA-202310-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128466?format=json","purl":"pkg:deb/debian/samba@2:4.11.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.11.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-14870"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r3n1-q8uv-cfbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7025?format=json","vulnerability_id":"VCID-r7zv-4yyc-mqeu","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25717.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25717.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25717","reference_id":"","reference_type":"","scores":[{"value":"0.00517","scoring_system":"epss","scoring_elements":"0.67053","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25717"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019672","reference_id":"2019672","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019672"},{"reference_url":"https://security.archlinux.org/AVG-2538","reference_id":"AVG-2538","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2538"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4843","reference_id":"RHSA-2021:4843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4844","reference_id":"RHSA-2021:4844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5082","reference_id":"RHSA-2021:5082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5082"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5192","reference_id":"RHSA-2021:5192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0008","reference_id":"RHSA-2022:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0074","reference_id":"RHSA-2022:0074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0133","reference_id":"RHSA-2022:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0443","reference_id":"RHSA-2022:0443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0443"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128443?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128442?format=json","purl":"pkg:deb/debian/samba@2:4.13.14%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.14%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-25717"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r7zv-4yyc-mqeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100605?format=json","vulnerability_id":"VCID-rf9h-4yqd-z3gg","summary":"The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-1059","reference_id":"","reference_type":"","scores":[{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.64234","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-1059"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128391?format=json","purl":"pkg:deb/debian/samba@3.0.22-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.22-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2006-1059"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rf9h-4yqd-z3gg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7019?format=json","vulnerability_id":"VCID-rmda-jcc9-2bam","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3738.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3738.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3738","reference_id":"","reference_type":"","scores":[{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.61092","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3738"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2021726","reference_id":"2021726","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2021726"},{"reference_url":"https://security.archlinux.org/AVG-2538","reference_id":"AVG-2538","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2538"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128443?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128442?format=json","purl":"pkg:deb/debian/samba@2:4.13.14%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.14%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2021-3738"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rmda-jcc9-2bam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100618?format=json","vulnerability_id":"VCID-rp3r-6r3h-s3gb","summary":"Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1105.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1105.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1105","reference_id":"","reference_type":"","scores":[{"value":"0.85727","scoring_system":"epss","scoring_elements":"0.99392","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1105"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=446724","reference_id":"446724","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=446724"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483410","reference_id":"483410","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483410"},{"reference_url":"https://security.gentoo.org/glsa/200805-23","reference_id":"GLSA-200805-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200805-23"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/5712.pl","reference_id":"OSVDB-45657;CVE-2008-4189;CVE-2008-1105","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/5712.pl"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0288","reference_id":"RHSA-2008:0288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0289","reference_id":"RHSA-2008:0289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0290","reference_id":"RHSA-2008:0290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0290"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128400?format=json","purl":"pkg:deb/debian/samba@1:3.0.30-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@1:3.0.30-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2008-1105"],"risk_score":1.6,"exploitability":"2.0","weighted_severity":"0.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rp3r-6r3h-s3gb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100587?format=json","vulnerability_id":"VCID-rp73-9v8y-abam","summary":"Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-2196.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-2196.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-2196","reference_id":"","reference_type":"","scores":[{"value":"0.13066","scoring_system":"epss","scoring_elements":"0.94227","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-2196"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128369?format=json","purl":"pkg:deb/debian/samba@2.2.5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2.2.5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2002-2196"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rp73-9v8y-abam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100650?format=json","vulnerability_id":"VCID-rsqy-3xke-dqer","summary":"Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key, which allows local users to obtain sensitive information by reading the key file, as demonstrated by access to the local filesystem on an AD domain controller.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4476.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4476.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4476","reference_id":"","reference_type":"","scores":[{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45379","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4476"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1024547","reference_id":"1024547","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1024547"},{"reference_url":"https://security.gentoo.org/glsa/201502-15","reference_id":"GLSA-201502-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128425?format=json","purl":"pkg:deb/debian/samba@2:4.0.11%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.0.11%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2013-4476"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rsqy-3xke-dqer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100710?format=json","vulnerability_id":"VCID-rsz9-y661-qfce","summary":"There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19344.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19344.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19344","reference_id":"","reference_type":"","scores":[{"value":"0.02193","scoring_system":"epss","scoring_elements":"0.84704","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19344"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1791204","reference_id":"1791204","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1791204"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950499","reference_id":"950499","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950499"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128467?format=json","purl":"pkg:deb/debian/samba@2:4.11.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.11.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-19344"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rsz9-y661-qfce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100622?format=json","vulnerability_id":"VCID-rv44-kq9m-fkbp","summary":"Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1886.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1886.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1886","reference_id":"","reference_type":"","scores":[{"value":"0.24809","scoring_system":"epss","scoring_elements":"0.96255","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1886"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=508061","reference_id":"508061","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=508061"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33053.txt","reference_id":"CVE-2009-1886;OSVDB-55412","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33053.txt"},{"reference_url":"https://www.securityfocus.com/bid/35472/info","reference_id":"CVE-2009-1886;OSVDB-55412","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/35472/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128404?format=json","purl":"pkg:deb/debian/samba@2:3.3.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.3.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2009-1886"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rv44-kq9m-fkbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100652?format=json","vulnerability_id":"VCID-rzyt-ttz5-aycb","summary":"The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x before 4.0.16 and 4.1.x before 4.1.6 removes an ACL during use of a --chown or --chgrp option, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended administrative change.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6442.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6442.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6442","reference_id":"","reference_type":"","scores":[{"value":"0.01273","scoring_system":"epss","scoring_elements":"0.79871","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6442"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1044099","reference_id":"1044099","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1044099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0383","reference_id":"RHSA-2014:0383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0383"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128427?format=json","purl":"pkg:deb/debian/samba@2:4.1.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2013-6442"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rzyt-ttz5-aycb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100399?format=json","vulnerability_id":"VCID-s3ud-fks7-1kb2","summary":"samba: wide links protection broken","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3592.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3592.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3592","reference_id":"","reference_type":"","scores":[{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70841","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3592"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2137776","reference_id":"2137776","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2137776"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128376?format=json","purl":"pkg:deb/debian/samba@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-3592"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s3ud-fks7-1kb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100667?format=json","vulnerability_id":"VCID-sdjf-rkjd-sudg","summary":"The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass intended access restrictions by leveraging the existence of a domain with both a Samba DC and a Windows DC, a similar issue to CVE-2015-2535.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8467.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8467.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8467","reference_id":"","reference_type":"","scores":[{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82702","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8467"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1290294","reference_id":"1290294","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1290294"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128437?format=json","purl":"pkg:deb/debian/samba@2:4.1.22%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.22%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2015-8467"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sdjf-rkjd-sudg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6200?format=json","vulnerability_id":"VCID-sg5x-7v6b-ffgk","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16852.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16852.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16852","reference_id":"","reference_type":"","scores":[{"value":"0.02897","scoring_system":"epss","scoring_elements":"0.86592","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16852"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16852","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16852"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646386","reference_id":"1646386","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646386"},{"reference_url":"https://security.archlinux.org/ASA-201811-22","reference_id":"ASA-201811-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-22"},{"reference_url":"https://security.archlinux.org/AVG-823","reference_id":"AVG-823","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-823"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128459?format=json","purl":"pkg:deb/debian/samba@2:4.9.2%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.2%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-16852"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sg5x-7v6b-ffgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100699?format=json","vulnerability_id":"VCID-ss54-ft8h-rufv","summary":"A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10197.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10197.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10197","reference_id":"","reference_type":"","scores":[{"value":"0.0479","scoring_system":"epss","scoring_elements":"0.89662","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10197"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1746225","reference_id":"1746225","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1746225"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3253","reference_id":"RHSA-2019:3253","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3253"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4023","reference_id":"RHSA-2019:4023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1084","reference_id":"RHSA-2020:1084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1878","reference_id":"RHSA-2020:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1878"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128462?format=json","purl":"pkg:deb/debian/samba@2:4.9.13%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.13%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-10197"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ss54-ft8h-rufv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7022?format=json","vulnerability_id":"VCID-ssh4-ukvg-5fej","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25721.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25721.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25721","reference_id":"","reference_type":"","scores":[{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58908","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2021728","reference_id":"2021728","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2021728"},{"reference_url":"https://security.archlinux.org/AVG-2538","reference_id":"AVG-2538","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2538"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128443?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128442?format=json","purl":"pkg:deb/debian/samba@2:4.13.14%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.14%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-25721"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ssh4-ukvg-5fej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100600?format=json","vulnerability_id":"VCID-sx4y-dnaz-2ua3","summary":"smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0829.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0829.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0829","reference_id":"","reference_type":"","scores":[{"value":"0.03962","scoring_system":"epss","scoring_elements":"0.88577","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0829"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128386?format=json","purl":"pkg:deb/debian/samba@2.2.11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2.2.11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0829"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sx4y-dnaz-2ua3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3530?format=json","vulnerability_id":"VCID-t156-69p4-s7gu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37966.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37966.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37966","reference_id":"","reference_type":"","scores":[{"value":"0.01378","scoring_system":"epss","scoring_elements":"0.80598","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37966"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2154303","reference_id":"2154303","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2154303"},{"reference_url":"https://security.archlinux.org/AVG-2828","reference_id":"AVG-2828","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2828"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128502?format=json","purl":"pkg:deb/debian/samba@2:4.17.4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-37966"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t156-69p4-s7gu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100718?format=json","vulnerability_id":"VCID-t35b-ur7m-vqeu","summary":"A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate, but many RPC services will not.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14383.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14383.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14383","reference_id":"","reference_type":"","scores":[{"value":"0.00465","scoring_system":"epss","scoring_elements":"0.64688","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14383"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1892636","reference_id":"1892636","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1892636"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973398","reference_id":"973398","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973398"},{"reference_url":"https://security.gentoo.org/glsa/202012-24","reference_id":"GLSA-202012-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128479?format=json","purl":"pkg:deb/debian/samba@2:4.13.2%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.2%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-14383"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t35b-ur7m-vqeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100690?format=json","vulnerability_id":"VCID-tbhp-xkw4-hucg","summary":"A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer. An authenticated attacker could use this flaw to crash a samba server in an Active Directory Domain Controller configuration. Samba versions before 4.7.9 and 4.8.4 are vulnerable.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10918.json","reference_id":"","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10918.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10918","reference_id":"","reference_type":"","scores":[{"value":"0.04739","scoring_system":"epss","scoring_elements":"0.89599","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10918"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610640","reference_id":"1610640","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610640"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128457?format=json","purl":"pkg:deb/debian/samba@2:4.8.4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.8.4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-10918"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tbhp-xkw4-hucg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100619?format=json","vulnerability_id":"VCID-tn47-ka5t-4bas","summary":"Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb and (2) group_mapping.ldb files, which allows local users to modify the membership of Unix groups.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3789.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3789.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3789","reference_id":"","reference_type":"","scores":[{"value":"0.01059","scoring_system":"epss","scoring_elements":"0.77969","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3789"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=460150","reference_id":"460150","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=460150"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496073","reference_id":"496073","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496073"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128401?format=json","purl":"pkg:deb/debian/samba@2:3.2.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.2.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2008-3789"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tn47-ka5t-4bas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100610?format=json","vulnerability_id":"VCID-tu1y-tz4k-ayak","summary":"The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows file sharing is enabled, does not enforce disk quotas after dropping privileges, which allows remote authenticated users to use disk space in excess of quota.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2407.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2407.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2407","reference_id":"","reference_type":"","scores":[{"value":"0.06255","scoring_system":"epss","scoring_elements":"0.91068","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2407"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128376?format=json","purl":"pkg:deb/debian/samba@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2007-2407"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tu1y-tz4k-ayak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75218?format=json","vulnerability_id":"VCID-tyhs-5xjv-c7b5","summary":"The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3223.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3223.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3223","reference_id":"","reference_type":"","scores":[{"value":"0.20255","scoring_system":"epss","scoring_elements":"0.95629","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1290287","reference_id":"1290287","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1290287"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0009","reference_id":"RHSA-2016:0009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0014","reference_id":"RHSA-2016:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0014"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128437?format=json","purl":"pkg:deb/debian/samba@2:4.1.22%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.22%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2015-3223"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tyhs-5xjv-c7b5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100706?format=json","vulnerability_id":"VCID-u4fr-s35u-8khu","summary":"There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14902.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14902.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14902","reference_id":"","reference_type":"","scores":[{"value":"0.03503","scoring_system":"epss","scoring_elements":"0.87826","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14902"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1791201","reference_id":"1791201","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1791201"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128467?format=json","purl":"pkg:deb/debian/samba@2:4.11.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.11.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-14902"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u4fr-s35u-8khu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75223?format=json","vulnerability_id":"VCID-usyw-3jt1-xyez","summary":"MaxQueryDuration not honoured in Samba AD DC LDAP","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3670.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3670.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3670","reference_id":"","reference_type":"","scores":[{"value":"0.03426","scoring_system":"epss","scoring_elements":"0.87679","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3670"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2077533","reference_id":"2077533","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2077533"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128489?format=json","purl":"pkg:deb/debian/samba@2:4.16.0%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.16.0%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2021-3670"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-usyw-3jt1-xyez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7024?format=json","vulnerability_id":"VCID-uwmy-xe5s-yubn","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25718.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25718.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25718","reference_id":"","reference_type":"","scores":[{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41646","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25718"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019726","reference_id":"2019726","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019726"},{"reference_url":"https://security.archlinux.org/AVG-2538","reference_id":"AVG-2538","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2538"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128443?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128442?format=json","purl":"pkg:deb/debian/samba@2:4.13.14%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.14%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-25718"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uwmy-xe5s-yubn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95264?format=json","vulnerability_id":"VCID-uyuw-v56z-93ez","summary":"samba: out-of-bounds read in winbind AUTH_CRAP","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2127.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2127.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2127","reference_id":"","reference_type":"","scores":[{"value":"0.01225","scoring_system":"epss","scoring_elements":"0.79467","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2127"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222791","reference_id":"2222791","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222791"},{"reference_url":"https://security.gentoo.org/glsa/202402-28","reference_id":"GLSA-202402-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-28"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6667","reference_id":"RHSA-2023:6667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7139","reference_id":"RHSA-2023:7139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0423","reference_id":"RHSA-2024:0423","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0580","reference_id":"RHSA-2024:0580","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0580"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128498?format=json","purl":"pkg:deb/debian/samba@2:4.17.10%2Bdfsg-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.10%252Bdfsg-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128499?format=json","purl":"pkg:deb/debian/samba@2:4.18.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.18.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-2127"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uyuw-v56z-93ez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100608?format=json","vulnerability_id":"VCID-v1yr-nwrt-v3hx","summary":"Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winbindd daemon on Solaris, allows attackers to execute arbitrary code via the (1) gethostbyname and (2) getipnodebyname functions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0453.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0453.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0453","reference_id":"","reference_type":"","scores":[{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67493","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0453"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128376?format=json","purl":"pkg:deb/debian/samba@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2007-0453"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v1yr-nwrt-v3hx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100607?format=json","vulnerability_id":"VCID-v9wu-g3qz-qycb","summary":"smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0452.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0452.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0452","reference_id":"","reference_type":"","scores":[{"value":"0.02271","scoring_system":"epss","scoring_elements":"0.84951","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0452"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618269","reference_id":"1618269","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618269"},{"reference_url":"https://security.gentoo.org/glsa/200702-01","reference_id":"GLSA-200702-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200702-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0060","reference_id":"RHSA-2007:0060","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0061","reference_id":"RHSA-2007:0061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0061"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128394?format=json","purl":"pkg:deb/debian/samba@3.0.23d-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.23d-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2007-0452"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v9wu-g3qz-qycb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100685?format=json","vulnerability_id":"VCID-vctn-c1b3-rbh5","summary":"It was discovered that the fix for CVE-2017-12163 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15087.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15087.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15087","reference_id":"","reference_type":"","scores":[{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55857","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15087"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1505788","reference_id":"1505788","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1505788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3110","reference_id":"RHSA-2017:3110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3110"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128376?format=json","purl":"pkg:deb/debian/samba@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2017-15087"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vctn-c1b3-rbh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4667?format=json","vulnerability_id":"VCID-vedj-x1yz-3uec","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2125.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2125.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2125","reference_id":"","reference_type":"","scores":[{"value":"0.08663","scoring_system":"epss","scoring_elements":"0.92601","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2125"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1403114","reference_id":"1403114","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1403114"},{"reference_url":"https://security.archlinux.org/ASA-201612-19","reference_id":"ASA-201612-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-19"},{"reference_url":"https://security.archlinux.org/AVG-111","reference_id":"AVG-111","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0494","reference_id":"RHSA-2017:0494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0495","reference_id":"RHSA-2017:0495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0662","reference_id":"RHSA-2017:0662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0744","reference_id":"RHSA-2017:0744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1265","reference_id":"RHSA-2017:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1265"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128441?format=json","purl":"pkg:deb/debian/samba@2:4.5.2%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.2%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2125"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vedj-x1yz-3uec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100586?format=json","vulnerability_id":"VCID-vju9-ns28-sydp","summary":"Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1318.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1318.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1318","reference_id":"","reference_type":"","scores":[{"value":"0.75036","scoring_system":"epss","scoring_elements":"0.98892","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1318"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616871","reference_id":"1616871","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616871"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:266","reference_id":"RHSA-2002:266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:266"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128364?format=json","purl":"pkg:deb/debian/samba@2.2.7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2.2.7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2002-1318"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vju9-ns28-sydp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4864?format=json","vulnerability_id":"VCID-vrxh-bq3q-xudq","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2031.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2031.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2031","reference_id":"","reference_type":"","scores":[{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.57804","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2031"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449","reference_id":"1016449","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2094789","reference_id":"2094789","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2094789"},{"reference_url":"https://security.archlinux.org/AVG-2782","reference_id":"AVG-2782","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2782"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128497?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128496?format=json","purl":"pkg:deb/debian/samba@2:4.16.4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.16.4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-2031"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vrxh-bq3q-xudq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100669?format=json","vulnerability_id":"VCID-vtne-we7s-tuet","summary":"The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2110.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2110.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2110","reference_id":"","reference_type":"","scores":[{"value":"0.17748","scoring_system":"epss","scoring_elements":"0.95244","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311893","reference_id":"1311893","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311893"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0611","reference_id":"RHSA-2016:0611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0612","reference_id":"RHSA-2016:0612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0613","reference_id":"RHSA-2016:0613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0614","reference_id":"RHSA-2016:0614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0618","reference_id":"RHSA-2016:0618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0619","reference_id":"RHSA-2016:0619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0620","reference_id":"RHSA-2016:0620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0621","reference_id":"RHSA-2016:0621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0623","reference_id":"RHSA-2016:0623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0624","reference_id":"RHSA-2016:0624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0625","reference_id":"RHSA-2016:0625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0625"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128438?format=json","purl":"pkg:deb/debian/samba@2:4.3.7%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.3.7%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2110"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vtne-we7s-tuet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75220?format=json","vulnerability_id":"VCID-vutz-f18f-z7a2","summary":"A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3824.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3824.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3824","reference_id":"","reference_type":"","scores":[{"value":"0.07704","scoring_system":"epss","scoring_elements":"0.92063","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3824"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1671845","reference_id":"1671845","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1671845"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128469?format=json","purl":"pkg:deb/debian/samba@2:4.9.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-3824"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vutz-f18f-z7a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100714?format=json","vulnerability_id":"VCID-wc26-trz1-u7fv","summary":"A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10704.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10704.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10704","reference_id":"","reference_type":"","scores":[{"value":"0.14522","scoring_system":"epss","scoring_elements":"0.94579","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10704"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1825734","reference_id":"1825734","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1825734"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960188","reference_id":"960188","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960188"},{"reference_url":"https://security.gentoo.org/glsa/202007-15","reference_id":"GLSA-202007-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128473?format=json","purl":"pkg:deb/debian/samba@2:4.12.3%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.12.3%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2020-10704"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wc26-trz1-u7fv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3527?format=json","vulnerability_id":"VCID-wc2t-bbf1-mua5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42898.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42898.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42898","reference_id":"","reference_type":"","scores":[{"value":"0.10832","scoring_system":"epss","scoring_elements":"0.935","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42898"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187","reference_id":"1024187","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024267","reference_id":"1024267","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024267"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2140960","reference_id":"2140960","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2140960"},{"reference_url":"https://security.archlinux.org/AVG-2828","reference_id":"AVG-2828","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2828"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"},{"reference_url":"https://security.gentoo.org/glsa/202310-06","reference_id":"GLSA-202310-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-06"},{"reference_url":"https://security.gentoo.org/glsa/202405-11","reference_id":"GLSA-202405-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8637","reference_id":"RHSA-2022:8637","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8637"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8638","reference_id":"RHSA-2022:8638","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8638"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8639","reference_id":"RHSA-2022:8639","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8639"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8640","reference_id":"RHSA-2022:8640","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8640"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8641","reference_id":"RHSA-2022:8641","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8641"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8648","reference_id":"RHSA-2022:8648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8662","reference_id":"RHSA-2022:8662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8663","reference_id":"RHSA-2022:8663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8669","reference_id":"RHSA-2022:8669","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8669"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:9029","reference_id":"RHSA-2022:9029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:9029"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128504?format=json","purl":"pkg:deb/debian/samba@2:4.17.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-42898"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wc2t-bbf1-mua5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100615?format=json","vulnerability_id":"VCID-wk72-a6my-cyc3","summary":"Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4572.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4572.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4572","reference_id":"","reference_type":"","scores":[{"value":"0.21484","scoring_system":"epss","scoring_elements":"0.95817","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4572"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=294631","reference_id":"294631","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=294631"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451385","reference_id":"451385","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451385"},{"reference_url":"https://security.gentoo.org/glsa/200711-29","reference_id":"GLSA-200711-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1013","reference_id":"RHSA-2007:1013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1016","reference_id":"RHSA-2007:1016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1017","reference_id":"RHSA-2007:1017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1017"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128398?format=json","purl":"pkg:deb/debian/samba@3.0.27-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.27-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2007-4572"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wk72-a6my-cyc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64922?format=json","vulnerability_id":"VCID-wrdj-n64j-1kcg","summary":"smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1678.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1678.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1678","reference_id":"","reference_type":"","scores":[{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.72263","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1678"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=695925","reference_id":"695925","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=695925"},{"reference_url":"https://security.gentoo.org/glsa/201206-22","reference_id":"GLSA-201206-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1219","reference_id":"RHSA-2011:1219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1220","reference_id":"RHSA-2011:1220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1221","reference_id":"RHSA-2011:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1221"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128414?format=json","purl":"pkg:deb/debian/samba@2:3.4.7~dfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.4.7~dfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2011-1678"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wrdj-n64j-1kcg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100611?format=json","vulnerability_id":"VCID-wwk6-xbnh-rqfr","summary":"Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2444.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2444.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2444","reference_id":"","reference_type":"","scores":[{"value":"0.01051","scoring_system":"epss","scoring_elements":"0.77891","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2444"},{"reference_url":"https://security.gentoo.org/glsa/200705-15","reference_id":"GLSA-200705-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200705-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128396?format=json","purl":"pkg:deb/debian/samba@3.0.25-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.25-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2007-2444"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wwk6-xbnh-rqfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100633?format=json","vulnerability_id":"VCID-wxjz-mnpb-37b3","summary":"Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2063.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2063.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2063","reference_id":"","reference_type":"","scores":[{"value":"0.77542","scoring_system":"epss","scoring_elements":"0.99005","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2063"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=601419","reference_id":"601419","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=601419"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/remote/16860.rb","reference_id":"CVE-2010-2063;OSVDB-65518","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/remote/16860.rb"},{"reference_url":"https://security.gentoo.org/glsa/201206-22","reference_id":"GLSA-201206-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0488","reference_id":"RHSA-2010:0488","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0488"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128411?format=json","purl":"pkg:deb/debian/samba@2:3.4.0~pre1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.4.0~pre1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2010-2063"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wxjz-mnpb-37b3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100661?format=json","vulnerability_id":"VCID-x55t-cux2-q3gw","summary":"vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5252.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5252.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5252","reference_id":"","reference_type":"","scores":[{"value":"0.17333","scoring_system":"epss","scoring_elements":"0.95169","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1290288","reference_id":"1290288","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1290288"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0006","reference_id":"RHSA-2016:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0010","reference_id":"RHSA-2016:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0011","reference_id":"RHSA-2016:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0015","reference_id":"RHSA-2016:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0016","reference_id":"RHSA-2016:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0016"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128437?format=json","purl":"pkg:deb/debian/samba@2:4.1.22%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.22%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2015-5252"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x55t-cux2-q3gw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97637?format=json","vulnerability_id":"VCID-x9ky-gfg3-hfen","summary":"samba: AD DC admin tool samba-tool sends passwords in cleartext","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0922.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0922.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0922","reference_id":"","reference_type":"","scores":[{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50271","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0922"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182774","reference_id":"2182774","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182774"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128505?format=json","purl":"pkg:deb/debian/samba@2:4.17.7%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.7%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2023-0922"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x9ky-gfg3-hfen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100631?format=json","vulnerability_id":"VCID-xanm-gdz1-gfb5","summary":"The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request with a certain 0x8003 field value.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1635.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1635.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1635","reference_id":"","reference_type":"","scores":[{"value":"0.12656","scoring_system":"epss","scoring_elements":"0.94105","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1635"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=594921","reference_id":"594921","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=594921"},{"reference_url":"https://security.gentoo.org/glsa/201206-22","reference_id":"GLSA-201206-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128409?format=json","purl":"pkg:deb/debian/samba@2:3.6.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2010-1635"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xanm-gdz1-gfb5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97635?format=json","vulnerability_id":"VCID-xmpf-4zxw-dybe","summary":"samba: AD DC \"dnsHostname\" attribute can be deleted by unprivileged authenticated users","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0225.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0225.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0225","reference_id":"","reference_type":"","scores":[{"value":"0.00413","scoring_system":"epss","scoring_elements":"0.61805","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0225"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182772","reference_id":"2182772","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182772"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128505?format=json","purl":"pkg:deb/debian/samba@2:4.17.7%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.7%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2023-0225"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xmpf-4zxw-dybe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100728?format=json","vulnerability_id":"VCID-xt8n-4rnc-b7fs","summary":"In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1615.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1615.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1615","reference_id":"","reference_type":"","scores":[{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.4951","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1615"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021024","reference_id":"1021024","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021024"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2122649","reference_id":"2122649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2122649"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2519","reference_id":"RHSA-2023:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2987","reference_id":"RHSA-2023:2987","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2987"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0423","reference_id":"RHSA-2024:0423","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0423"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128495?format=json","purl":"pkg:deb/debian/samba@2:4.16.5%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.16.5%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-1615"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xt8n-4rnc-b7fs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100598?format=json","vulnerability_id":"VCID-xtkd-zzyu-6ueq","summary":"The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAM_UAS_CHANGE request with a length value that is larger than the number of structures that are provided.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0808.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0808.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0808","reference_id":"","reference_type":"","scores":[{"value":"0.07869","scoring_system":"epss","scoring_elements":"0.92154","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0808"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617298","reference_id":"1617298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:467","reference_id":"RHSA-2004:467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:467"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128377?format=json","purl":"pkg:deb/debian/samba@3.0.7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0808"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xtkd-zzyu-6ueq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100646?format=json","vulnerability_id":"VCID-xuz4-gmed-afb7","summary":"The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 before 1.3.2.3 and 1.4 before 1.4.0.1 and possibly other products, does not properly enforce CIFS share attributes, which allows remote authenticated users to (1) write to a read-only share; (2) trigger data-integrity problems related to the oplock, locking, coherency, or leases attribute; or (3) have an unspecified impact by leveraging incorrect handling of the browseable or \"hide unreadable\" parameter.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0454.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0454.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0454","reference_id":"","reference_type":"","scores":[{"value":"0.01878","scoring_system":"epss","scoring_elements":"0.83482","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0454"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=928419","reference_id":"928419","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=928419"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128423?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2013-0454"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xuz4-gmed-afb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100686?format=json","vulnerability_id":"VCID-xvjy-amhr-z3d8","summary":"Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2619.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2619.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2619","reference_id":"","reference_type":"","scores":[{"value":"0.47493","scoring_system":"epss","scoring_elements":"0.97756","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2619"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429472","reference_id":"1429472","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429472"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1039","reference_id":"CVE-2017-2619","reference_type":"exploit","scores":[],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1039"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/41740.txt","reference_id":"CVE-2017-2619","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/41740.txt"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1265","reference_id":"RHSA-2017:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2338","reference_id":"RHSA-2017:2338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2778","reference_id":"RHSA-2017:2778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2789","reference_id":"RHSA-2017:2789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2789"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128449?format=json","purl":"pkg:deb/debian/samba@2:4.5.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2017-2619"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xvjy-amhr-z3d8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3642?format=json","vulnerability_id":"VCID-y3rv-fdkr-qyd2","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0336.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0336.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0336","reference_id":"","reference_type":"","scores":[{"value":"0.00382","scoring_system":"epss","scoring_elements":"0.59871","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0336"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004694","reference_id":"1004694","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004694"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2046134","reference_id":"2046134","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2046134"},{"reference_url":"https://security.archlinux.org/AVG-2648","reference_id":"AVG-2648","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2648"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128493?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128489?format=json","purl":"pkg:deb/debian/samba@2:4.16.0%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.16.0%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2022-0336"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y3rv-fdkr-qyd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100589?format=json","vulnerability_id":"VCID-y75k-dzty-6qcf","summary":"The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0086.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0086.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0086","reference_id":"","reference_type":"","scores":[{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55753","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0086"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616964","reference_id":"1616964","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616964"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:095","reference_id":"RHSA-2003:095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:096","reference_id":"RHSA-2003:096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:226","reference_id":"RHSA-2003:226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:226"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128371?format=json","purl":"pkg:deb/debian/samba@2.2.8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2.2.8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2003-0086"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y75k-dzty-6qcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93136?format=json","vulnerability_id":"VCID-ymgt-p34u-k3cp","summary":"samba: heap buffer overflow with freshness tokens in the Heimdal KDC","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5568.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5568.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245174","reference_id":"2245174","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245174"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128376?format=json","purl":"pkg:deb/debian/samba@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128508?format=json","purl":"pkg:deb/debian/samba@2:4.19.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.19.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2023-5568"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ymgt-p34u-k3cp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100628?format=json","vulnerability_id":"VCID-ypx9-qgwf-5qan","summary":"smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled, runs with the CAP_DAC_OVERRIDE capability, which allows remote authenticated users to bypass intended file permissions via standard filesystem operations with any client.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0728.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0728.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0728","reference_id":"","reference_type":"","scores":[{"value":"0.01631","scoring_system":"epss","scoring_elements":"0.8224","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0728"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573223","reference_id":"573223","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573223"},{"reference_url":"https://security.gentoo.org/glsa/201206-22","reference_id":"GLSA-201206-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-22"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128407?format=json","purl":"pkg:deb/debian/samba@2:3.4.7~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.4.7~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2010-0728"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ypx9-qgwf-5qan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100671?format=json","vulnerability_id":"VCID-yt92-mfwy-z7er","summary":"The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the \"client ldap sasl wrapping\" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2112.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2112.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2112","reference_id":"","reference_type":"","scores":[{"value":"0.16609","scoring_system":"epss","scoring_elements":"0.95043","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311903","reference_id":"1311903","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311903"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0611","reference_id":"RHSA-2016:0611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0612","reference_id":"RHSA-2016:0612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0613","reference_id":"RHSA-2016:0613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0614","reference_id":"RHSA-2016:0614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0618","reference_id":"RHSA-2016:0618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0619","reference_id":"RHSA-2016:0619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0620","reference_id":"RHSA-2016:0620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0624","reference_id":"RHSA-2016:0624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0624"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128438?format=json","purl":"pkg:deb/debian/samba@2:4.3.7%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.3.7%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2112"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yt92-mfwy-z7er"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100705?format=json","vulnerability_id":"VCID-ytdy-akzb-a7e1","summary":"All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default permissions on the DNS partition allow creation of new records by authenticated users. This is used for example to allow machines to self-register in DNS. If a DNS record was created that case-insensitively matched the name of the zone, the ldb_qsort() and dns_name_compare() routines could be confused into reading memory prior to the list of DNS entries when responding to DnssrvEnumRecords() or DnssrvEnumRecords2() and so following invalid memory as a pointer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14861.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14861.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14861","reference_id":"","reference_type":"","scores":[{"value":"0.04997","scoring_system":"epss","scoring_elements":"0.89881","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1778586","reference_id":"1778586","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1778586"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128466?format=json","purl":"pkg:deb/debian/samba@2:4.11.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.11.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2019-14861"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ytdy-akzb-a7e1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100644?format=json","vulnerability_id":"VCID-yvqm-ryuz-jqdu","summary":"The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0213.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0213.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0213","reference_id":"","reference_type":"","scores":[{"value":"0.11126","scoring_system":"epss","scoring_elements":"0.93611","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0213"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=905700","reference_id":"905700","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=905700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1310","reference_id":"RHSA-2013:1310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1310"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1542","reference_id":"RHSA-2013:1542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0305","reference_id":"RHSA-2014:0305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0305"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128421?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2013-0213"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yvqm-ryuz-jqdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72442?format=json","vulnerability_id":"VCID-yxjb-u3xu-9kcc","summary":"A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket for that principal.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16860.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16860.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16860","reference_id":"","reference_type":"","scores":[{"value":"0.01169","scoring_system":"epss","scoring_elements":"0.78998","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16860"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1705877","reference_id":"1705877","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1705877"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928966","reference_id":"928966","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928966"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128461?format=json","purl":"pkg:deb/debian/samba@2:4.9.5%2Bdfsg-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-16860"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yxjb-u3xu-9kcc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100601?format=json","vulnerability_id":"VCID-z5cg-wngn-47a4","summary":"Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small \"maximum data bytes\" value.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0882.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0882.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0882","reference_id":"","reference_type":"","scores":[{"value":"0.46754","scoring_system":"epss","scoring_elements":"0.97727","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0882"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617311","reference_id":"1617311","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617311"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:632","reference_id":"RHSA-2004:632","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:632"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128377?format=json","purl":"pkg:deb/debian/samba@3.0.7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0882"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z5cg-wngn-47a4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100695?format=json","vulnerability_id":"VCID-zcfp-hhne-tuf2","summary":"A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used as a Active Directory Domain Controller. All versions of Samba from 4.8.0 onwards are vulnerable","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1140.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1140.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1140","reference_id":"","reference_type":"","scores":[{"value":"0.14432","scoring_system":"epss","scoring_elements":"0.94554","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1140"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1580230","reference_id":"1580230","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1580230"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128457?format=json","purl":"pkg:deb/debian/samba@2:4.8.4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.8.4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2018-1140"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zcfp-hhne-tuf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100662?format=json","vulnerability_id":"VCID-zfyb-9wrs-eyfx","summary":"Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream, related to clidfs.c, libsmb_server.c, and smbXcli_base.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5296.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5296.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5296","reference_id":"","reference_type":"","scores":[{"value":"0.03652","scoring_system":"epss","scoring_elements":"0.88073","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1290292","reference_id":"1290292","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1290292"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0006","reference_id":"RHSA-2016:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0010","reference_id":"RHSA-2016:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0011","reference_id":"RHSA-2016:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0015","reference_id":"RHSA-2016:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0016","reference_id":"RHSA-2016:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0016"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128437?format=json","purl":"pkg:deb/debian/samba@2:4.1.22%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.22%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2015-5296"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zfyb-9wrs-eyfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100616?format=json","vulnerability_id":"VCID-zgya-jhhp-9ue4","summary":"Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5398.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5398.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5398","reference_id":"","reference_type":"","scores":[{"value":"0.40715","scoring_system":"epss","scoring_elements":"0.97444","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5398"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=358831","reference_id":"358831","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=358831"},{"reference_url":"https://security.gentoo.org/glsa/200711-29","reference_id":"GLSA-200711-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1013","reference_id":"RHSA-2007:1013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1016","reference_id":"RHSA-2007:1016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1017","reference_id":"RHSA-2007:1017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1034","reference_id":"RHSA-2007:1034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1034"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128398?format=json","purl":"pkg:deb/debian/samba@3.0.27-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@3.0.27-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128365?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tc4-e6tj-3qfa"},{"vulnerability":"VCID-7n9k-74nf-ayah"},{"vulnerability":"VCID-7rsk-suge-a7b4"},{"vulnerability":"VCID-8jp7-e281-tqha"},{"vulnerability":"VCID-8yq8-wp1b-p7gt"},{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-9kyr-nxjs-xkaw"},{"vulnerability":"VCID-afjh-h9hy-u7dz"},{"vulnerability":"VCID-atg1-qx5q-hfdu"},{"vulnerability":"VCID-bkse-muh9-t7a8"},{"vulnerability":"VCID-e2b4-vjgq-sbdq"},{"vulnerability":"VCID-fb3p-pr3k-wbhj"},{"vulnerability":"VCID-fj5p-xkmp-vken"},{"vulnerability":"VCID-gec9-c1be-dkba"},{"vulnerability":"VCID-gx57-3mtp-hqdh"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-j358-djx5-8qdw"},{"vulnerability":"VCID-mnnu-hrtz-uyeg"},{"vulnerability":"VCID-mtrk-m8jm-gyfg"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-wc2t-bbf1-mua5"},{"vulnerability":"VCID-x9ky-gfg3-hfen"},{"vulnerability":"VCID-xmpf-4zxw-dybe"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"},{"vulnerability":"VCID-zx6s-p6p1-z7ft"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2007-5398"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zgya-jhhp-9ue4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59903?format=json","vulnerability_id":"VCID-zx6s-p6p1-z7ft","summary":"samba: Remote Code Execution in SAMR","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4408.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4408.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479762","reference_id":"2479762","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479762"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22644","reference_id":"RHSA-2026:22644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22963","reference_id":"RHSA-2026:22963","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22963"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128363?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128514?format=json","purl":"pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128367?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128513?format=json","purl":"pkg:deb/debian/samba@2:4.22.8%2Bdfsg-0%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.22.8%252Bdfsg-0%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/128366?format=json","purl":"pkg:deb/debian/samba@2:4.24.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2026-4408"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zx6s-p6p1-z7ft"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.24.3%252Bdfsg-1%3Fdistro=trixie"}