Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/libldb@1.1.25-1?arch=el7_1

Type rpm

Namespace redhat

Name libldb

Version 1.1.25-1

Qualifiers

arch	el7_1

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url VCID-8tyg-f73c-zuh3

vulnerability_id VCID-8tyg-f73c-zuh3

summary Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2115.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2115.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2115

reference_id

reference_type

scores

value	0.22744
scoring_system	epss
scoring_elements	0.95973
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2115

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1312084
reference_id	1312084
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1312084

reference_url	https://security.gentoo.org/glsa/201612-47
reference_id	GLSA-201612-47
reference_type
scores
url	https://security.gentoo.org/glsa/201612-47

reference_url	https://access.redhat.com/errata/RHSA-2016:0611
reference_id	RHSA-2016:0611
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0611

reference_url	https://access.redhat.com/errata/RHSA-2016:0612
reference_id	RHSA-2016:0612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0612

reference_url	https://access.redhat.com/errata/RHSA-2016:0613
reference_id	RHSA-2016:0613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0613

reference_url	https://access.redhat.com/errata/RHSA-2016:0614
reference_id	RHSA-2016:0614
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0614

reference_url	https://access.redhat.com/errata/RHSA-2016:0618
reference_id	RHSA-2016:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0618

reference_url	https://access.redhat.com/errata/RHSA-2016:0619
reference_id	RHSA-2016:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0619

reference_url	https://access.redhat.com/errata/RHSA-2016:0620
reference_id	RHSA-2016:0620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0620

reference_url	https://access.redhat.com/errata/RHSA-2016:0624
reference_id	RHSA-2016:0624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0624

fixed_packages

aliases CVE-2016-2115

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8tyg-f73c-zuh3

url VCID-eaxm-5jgj-eqcg

vulnerability_id VCID-eaxm-5jgj-eqcg

summary The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2111.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2111.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2111

reference_id

reference_type

scores

value	0.02808
scoring_system	epss
scoring_elements	0.864
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2111

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1311902
reference_id	1311902
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1311902

reference_url	https://security.gentoo.org/glsa/201612-47
reference_id	GLSA-201612-47
reference_type
scores
url	https://security.gentoo.org/glsa/201612-47

reference_url	https://access.redhat.com/errata/RHSA-2016:0611
reference_id	RHSA-2016:0611
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0611

reference_url	https://access.redhat.com/errata/RHSA-2016:0612
reference_id	RHSA-2016:0612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0612

reference_url	https://access.redhat.com/errata/RHSA-2016:0613
reference_id	RHSA-2016:0613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0613

reference_url	https://access.redhat.com/errata/RHSA-2016:0614
reference_id	RHSA-2016:0614
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0614

reference_url	https://access.redhat.com/errata/RHSA-2016:0618
reference_id	RHSA-2016:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0618

reference_url	https://access.redhat.com/errata/RHSA-2016:0619
reference_id	RHSA-2016:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0619

reference_url	https://access.redhat.com/errata/RHSA-2016:0620
reference_id	RHSA-2016:0620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0620

reference_url	https://access.redhat.com/errata/RHSA-2016:0621
reference_id	RHSA-2016:0621
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0621

reference_url	https://access.redhat.com/errata/RHSA-2016:0623
reference_id	RHSA-2016:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0623

reference_url	https://access.redhat.com/errata/RHSA-2016:0624
reference_id	RHSA-2016:0624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0624

reference_url	https://access.redhat.com/errata/RHSA-2016:0625
reference_id	RHSA-2016:0625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0625

fixed_packages

aliases CVE-2016-2111

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eaxm-5jgj-eqcg

url VCID-p4mk-1t9q-sbb3

vulnerability_id VCID-p4mk-1t9q-sbb3

summary The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "server signing = mandatory" setting, which allows man-in-the-middle attackers to spoof SMB servers by modifying the client-server data stream.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2114.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2114.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2114

reference_id

reference_type

scores

value	0.05863
scoring_system	epss
scoring_elements	0.90727
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2114

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1312082
reference_id	1312082
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1312082

reference_url	https://security.gentoo.org/glsa/201612-47
reference_id	GLSA-201612-47
reference_type
scores
url	https://security.gentoo.org/glsa/201612-47

reference_url	https://access.redhat.com/errata/RHSA-2016:0612
reference_id	RHSA-2016:0612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0612

reference_url	https://access.redhat.com/errata/RHSA-2016:0614
reference_id	RHSA-2016:0614
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0614

reference_url	https://access.redhat.com/errata/RHSA-2016:0618
reference_id	RHSA-2016:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0618

reference_url	https://access.redhat.com/errata/RHSA-2016:0620
reference_id	RHSA-2016:0620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0620

fixed_packages

aliases CVE-2016-2114

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p4mk-1t9q-sbb3

url VCID-vtne-we7s-tuet

vulnerability_id VCID-vtne-we7s-tuet

summary The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2110.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2110.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2110

reference_id

reference_type

scores

value	0.17748
scoring_system	epss
scoring_elements	0.95244
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2110

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1311893
reference_id	1311893
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1311893

reference_url	https://security.gentoo.org/glsa/201612-47
reference_id	GLSA-201612-47
reference_type
scores
url	https://security.gentoo.org/glsa/201612-47

reference_url	https://access.redhat.com/errata/RHSA-2016:0611
reference_id	RHSA-2016:0611
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0611

reference_url	https://access.redhat.com/errata/RHSA-2016:0612
reference_id	RHSA-2016:0612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0612

reference_url	https://access.redhat.com/errata/RHSA-2016:0613
reference_id	RHSA-2016:0613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0613

reference_url	https://access.redhat.com/errata/RHSA-2016:0614
reference_id	RHSA-2016:0614
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0614

reference_url	https://access.redhat.com/errata/RHSA-2016:0618
reference_id	RHSA-2016:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0618

reference_url	https://access.redhat.com/errata/RHSA-2016:0619
reference_id	RHSA-2016:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0619

reference_url	https://access.redhat.com/errata/RHSA-2016:0620
reference_id	RHSA-2016:0620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0620

reference_url	https://access.redhat.com/errata/RHSA-2016:0621
reference_id	RHSA-2016:0621
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0621

reference_url	https://access.redhat.com/errata/RHSA-2016:0623
reference_id	RHSA-2016:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0623

reference_url	https://access.redhat.com/errata/RHSA-2016:0624
reference_id	RHSA-2016:0624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0624

reference_url	https://access.redhat.com/errata/RHSA-2016:0625
reference_id	RHSA-2016:0625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0625

fixed_packages

aliases CVE-2016-2110

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vtne-we7s-tuet

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libldb@1.1.25-1%3Farch=el7_1

Package Instance