{"url":"http://public2.vulnerablecode.io/api/packages/333012?format=json","purl":"pkg:apk/alpine/samba@4.10.5-r0?arch=riscv64&distroversion=v3.23&reponame=main","type":"apk","namespace":"alpine","name":"samba","version":"4.10.5-r0","qualifiers":{"arch":"riscv64","distroversion":"v3.23","reponame":"main"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"4.10.8-r0","latest_non_vulnerable_version":"4.22.10-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100702?format=json","vulnerability_id":"VCID-emy1-4uv9-4kfn","summary":"Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD DC LDAP server Denial of Service. This is related to an attacker using the paged search control. The attacker must have directory read access in order to attempt an exploit.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12436.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12436.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12436","reference_id":"","reference_type":"","scores":[{"value":"0.02349","scoring_system":"epss","scoring_elements":"0.8519","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02349","scoring_system":"epss","scoring_elements":"0.85215","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02349","scoring_system":"epss","scoring_elements":"0.8522","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02349","scoring_system":"epss","scoring_elements":"0.85214","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12436"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1711837","reference_id":"1711837","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1711837"},{"reference_url":"https://usn.ubuntu.com/4018-1/","reference_id":"USN-4018-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4018-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/333012?format=json","purl":"pkg:apk/alpine/samba@4.10.5-r0?arch=riscv64&distroversion=v3.23&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.10.5-r0%3Farch=riscv64&distroversion=v3.23&reponame=main"}],"aliases":["CVE-2019-12436"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-emy1-4uv9-4kfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100701?format=json","vulnerability_id":"VCID-mktu-yt4c-tkfq","summary":"Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer dereference, leading to Denial of Service. This is related to the AD DC DNS management server (dnsserver) RPC server process.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12435.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12435.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12435","reference_id":"","reference_type":"","scores":[{"value":"0.03816","scoring_system":"epss","scoring_elements":"0.88321","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03816","scoring_system":"epss","scoring_elements":"0.88339","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03816","scoring_system":"epss","scoring_elements":"0.88341","published_at":"2026-06-06T12:55:00Z"},{"value":"0.03816","scoring_system":"epss","scoring_elements":"0.8834","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12435"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12435","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12435"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1711816","reference_id":"1711816","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1711816"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930748","reference_id":"930748","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930748"},{"reference_url":"https://usn.ubuntu.com/4018-1/","reference_id":"USN-4018-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4018-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/333012?format=json","purl":"pkg:apk/alpine/samba@4.10.5-r0?arch=riscv64&distroversion=v3.23&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.10.5-r0%3Farch=riscv64&distroversion=v3.23&reponame=main"}],"aliases":["CVE-2019-12435"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mktu-yt4c-tkfq"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.10.5-r0%3Farch=riscv64&distroversion=v3.23&reponame=main"}