Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/libldb@1.1.20-1.el7_2?arch=2

Type rpm

Namespace redhat

Name libldb

Version 1.1.20-1.el7_2

Qualifiers

arch	2

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url VCID-68mw-cr8k-qfgs

vulnerability_id VCID-68mw-cr8k-qfgs

summary ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5330.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5330.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-5330

reference_id

reference_type

scores

value	0.01625
scoring_system	epss
scoring_elements	0.82196
published_at	2026-06-04T12:55:00Z

value	0.01625
scoring_system	epss
scoring_elements	0.82225
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1281326
reference_id	1281326
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1281326

reference_url	https://security.gentoo.org/glsa/201612-47
reference_id	GLSA-201612-47
reference_type
scores
url	https://security.gentoo.org/glsa/201612-47

reference_url	https://access.redhat.com/errata/RHSA-2016:0006
reference_id	RHSA-2016:0006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0006

reference_url	https://access.redhat.com/errata/RHSA-2016:0009
reference_id	RHSA-2016:0009
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0009

reference_url	https://access.redhat.com/errata/RHSA-2016:0010
reference_id	RHSA-2016:0010
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0010

reference_url	https://access.redhat.com/errata/RHSA-2016:0014
reference_id	RHSA-2016:0014
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0014

reference_url	https://access.redhat.com/errata/RHSA-2016:0015
reference_id	RHSA-2016:0015
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0015

reference_url	https://access.redhat.com/errata/RHSA-2016:0016
reference_id	RHSA-2016:0016
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0016

reference_url	https://usn.ubuntu.com/2855-1/
reference_id	USN-2855-1
reference_type
scores
url	https://usn.ubuntu.com/2855-1/

reference_url	https://usn.ubuntu.com/2856-1/
reference_id	USN-2856-1
reference_type
scores
url	https://usn.ubuntu.com/2856-1/

fixed_packages

aliases CVE-2015-5330

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-68mw-cr8k-qfgs

url

VCID-tyhs-5xjv-c7b5

vulnerability_id

VCID-tyhs-5xjv-c7b5

summary

The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3223.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3223.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-3223

reference_id

reference_type

scores

value	0.20255
scoring_system	epss
scoring_elements	0.95629
published_at	2026-06-04T12:55:00Z

value	0.20255
scoring_system	epss
scoring_elements	0.95635
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-3223

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:C

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1290287
reference_id	1290287
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1290287

reference_url	https://security.gentoo.org/glsa/201612-47
reference_id	GLSA-201612-47
reference_type
scores
url	https://security.gentoo.org/glsa/201612-47

reference_url	https://access.redhat.com/errata/RHSA-2016:0009
reference_id	RHSA-2016:0009
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0009

reference_url	https://access.redhat.com/errata/RHSA-2016:0014
reference_id	RHSA-2016:0014
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0014

reference_url	https://usn.ubuntu.com/2855-1/
reference_id	USN-2855-1
reference_type
scores
url	https://usn.ubuntu.com/2855-1/

reference_url	https://usn.ubuntu.com/2856-1/
reference_id	USN-2856-1
reference_type
scores
url	https://usn.ubuntu.com/2856-1/

fixed_packages

aliases

CVE-2015-3223

risk_score

0.1

exploitability

0.5

weighted_severity

0.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-tyhs-5xjv-c7b5

Fixing_vulnerabilities

Risk_score 0.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libldb@1.1.20-1.el7_2%3Farch=2

Package Instance