Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/samba@4.7.0-r0?arch=armhf&distroversion=edge&reponame=main
Typeapk
Namespacealpine
Namesamba
Version4.7.0-r0
Qualifiers
arch armhf
distroversion edge
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version4.7.3-r0
Latest_non_vulnerable_version4.23.8-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-44hn-cr8c-akft
vulnerability_id VCID-44hn-cr8c-akft
summary It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12150.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12150.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12150
reference_id
reference_type
scores
0
value 0.221
scoring_system epss
scoring_elements 0.95905
published_at 2026-06-08T12:55:00Z
1
value 0.221
scoring_system epss
scoring_elements 0.95897
published_at 2026-06-04T12:55:00Z
2
value 0.221
scoring_system epss
scoring_elements 0.95901
published_at 2026-06-05T12:55:00Z
3
value 0.221
scoring_system epss
scoring_elements 0.95904
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12150
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv2
scoring_elements AV:A/AC:H/Au:N/C:C/I:C/A:N
1
value 8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1488400
reference_id 1488400
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1488400
7
reference_url https://access.redhat.com/errata/RHSA-2017:2789
reference_id RHSA-2017:2789
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2789
8
reference_url https://access.redhat.com/errata/RHSA-2017:2790
reference_id RHSA-2017:2790
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2790
9
reference_url https://access.redhat.com/errata/RHSA-2017:2791
reference_id RHSA-2017:2791
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2791
10
reference_url https://access.redhat.com/errata/RHSA-2017:2858
reference_id RHSA-2017:2858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2858
11
reference_url https://usn.ubuntu.com/3426-1/
reference_id USN-3426-1
reference_type
scores
url https://usn.ubuntu.com/3426-1/
12
reference_url https://usn.ubuntu.com/3426-2/
reference_id USN-3426-2
reference_type
scores
url https://usn.ubuntu.com/3426-2/
fixed_packages
0
url pkg:apk/alpine/samba@4.7.0-r0?arch=armhf&distroversion=edge&reponame=main
purl pkg:apk/alpine/samba@4.7.0-r0?arch=armhf&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.7.0-r0%3Farch=armhf&distroversion=edge&reponame=main
aliases CVE-2017-12150
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-44hn-cr8c-akft
1
url VCID-e45f-ty2v-g7g8
vulnerability_id VCID-e45f-ty2v-g7g8
summary A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12151.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12151.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12151
reference_id
reference_type
scores
0
value 0.04146
scoring_system epss
scoring_elements 0.88867
published_at 2026-06-07T12:55:00Z
1
value 0.04146
scoring_system epss
scoring_elements 0.88852
published_at 2026-06-04T12:55:00Z
2
value 0.04146
scoring_system epss
scoring_elements 0.88869
published_at 2026-06-06T12:55:00Z
3
value 0.05265
scoring_system epss
scoring_elements 0.90173
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12151
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv2
scoring_elements AV:A/AC:M/Au:N/C:C/I:C/A:N
1
value 8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1488197
reference_id 1488197
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1488197
7
reference_url https://access.redhat.com/errata/RHSA-2017:2790
reference_id RHSA-2017:2790
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2790
8
reference_url https://access.redhat.com/errata/RHSA-2017:2858
reference_id RHSA-2017:2858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2858
9
reference_url https://usn.ubuntu.com/3426-1/
reference_id USN-3426-1
reference_type
scores
url https://usn.ubuntu.com/3426-1/
fixed_packages
0
url pkg:apk/alpine/samba@4.7.0-r0?arch=armhf&distroversion=edge&reponame=main
purl pkg:apk/alpine/samba@4.7.0-r0?arch=armhf&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.7.0-r0%3Farch=armhf&distroversion=edge&reponame=main
aliases CVE-2017-12151
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e45f-ty2v-g7g8
2
url VCID-nazc-kauc-rqb6
vulnerability_id VCID-nazc-kauc-rqb6
summary An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12163.json
reference_id
reference_type
scores
0
value 4.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12163.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12163
reference_id
reference_type
scores
0
value 0.41375
scoring_system epss
scoring_elements 0.97477
published_at 2026-06-04T12:55:00Z
1
value 0.41375
scoring_system epss
scoring_elements 0.97483
published_at 2026-06-07T12:55:00Z
2
value 0.41375
scoring_system epss
scoring_elements 0.97484
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12163
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1491206
reference_id 1491206
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1491206
7
reference_url https://access.redhat.com/errata/RHSA-2017:2789
reference_id RHSA-2017:2789
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2789
8
reference_url https://access.redhat.com/errata/RHSA-2017:2790
reference_id RHSA-2017:2790
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2790
9
reference_url https://access.redhat.com/errata/RHSA-2017:2791
reference_id RHSA-2017:2791
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2791
10
reference_url https://access.redhat.com/errata/RHSA-2017:2858
reference_id RHSA-2017:2858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2858
11
reference_url https://usn.ubuntu.com/3426-1/
reference_id USN-3426-1
reference_type
scores
url https://usn.ubuntu.com/3426-1/
12
reference_url https://usn.ubuntu.com/3426-2/
reference_id USN-3426-2
reference_type
scores
url https://usn.ubuntu.com/3426-2/
fixed_packages
0
url pkg:apk/alpine/samba@4.7.0-r0?arch=armhf&distroversion=edge&reponame=main
purl pkg:apk/alpine/samba@4.7.0-r0?arch=armhf&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.7.0-r0%3Farch=armhf&distroversion=edge&reponame=main
aliases CVE-2017-12163
risk_score 1.9
exploitability 0.5
weighted_severity 3.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nazc-kauc-rqb6
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.7.0-r0%3Farch=armhf&distroversion=edge&reponame=main