Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/samba@3.6.23-25?arch=el6_7

Type rpm

Namespace redhat

Name samba

Version 3.6.23-25

Qualifiers

arch	el6_7

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-94d3-5rgf-x3dh

vulnerability_id

VCID-94d3-5rgf-x3dh

summary

The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7560.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7560.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-7560

reference_id

reference_type

scores

value	0.03995
scoring_system	epss
scoring_elements	0.88627
published_at	2026-06-04T12:55:00Z

value	0.03995
scoring_system	epss
scoring_elements	0.88644
published_at	2026-06-07T12:55:00Z

value	0.03995
scoring_system	epss
scoring_elements	0.88646
published_at	2026-06-06T12:55:00Z

value	0.03995
scoring_system	epss
scoring_elements	0.88643
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-7560

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:A/AC:M/Au:S/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1309992
reference_id	1309992
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1309992

reference_url	https://access.redhat.com/errata/RHSA-2016:0447
reference_id	RHSA-2016:0447
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0447

reference_url	https://access.redhat.com/errata/RHSA-2016:0448
reference_id	RHSA-2016:0448
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0448

reference_url	https://access.redhat.com/errata/RHSA-2016:0449
reference_id	RHSA-2016:0449
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0449

reference_url	https://usn.ubuntu.com/2922-1/
reference_id	USN-2922-1
reference_type
scores
url	https://usn.ubuntu.com/2922-1/

fixed_packages

aliases

CVE-2015-7560

risk_score

1.2

exploitability

0.5

weighted_severity

2.5

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-94d3-5rgf-x3dh

Fixing_vulnerabilities

Risk_score 1.2

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/samba@3.6.23-25%3Farch=el6_7

Package Instance