Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/371050?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/371050?format=api", "purl": "pkg:alpm/archlinux/samba@4.17.4-4", "type": "alpm", "namespace": "archlinux", "name": "samba", "version": "4.17.4-4", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "4.17.5-1", "latest_non_vulnerable_version": "4.22.2-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47300?format=api", "vulnerability_id": "VCID-3du2-evy8-jfa1", "summary": "Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42898.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42898.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42898", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08257", "scoring_system": "epss", "scoring_elements": "0.92245", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.08257", "scoring_system": "epss", "scoring_elements": "0.9225", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.08257", "scoring_system": "epss", "scoring_elements": "0.92249", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.08734", "scoring_system": "epss", "scoring_elements": "0.92555", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.08734", "scoring_system": "epss", "scoring_elements": "0.92549", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.08734", "scoring_system": "epss", "scoring_elements": "0.92545", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.08734", "scoring_system": "epss", "scoring_elements": "0.92535", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.08734", "scoring_system": "epss", "scoring_elements": "0.92524", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.08734", "scoring_system": "epss", "scoring_elements": "0.92515", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.08734", "scoring_system": "epss", "scoring_elements": "0.9258", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.9254", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92532", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92575", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92565", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92564", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92558", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92553", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08889", "scoring_system": "epss", "scoring_elements": "0.92542", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187", "reference_id": "1024187", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024267", "reference_id": "1024267", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024267" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960", "reference_id": "2140960", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140960" }, { "reference_url": "https://web.mit.edu/kerberos/advisories/", "reference_id": "advisories", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://web.mit.edu/kerberos/advisories/" }, { "reference_url": "https://security.archlinux.org/AVG-2828", "reference_id": "AVG-2828", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2828" }, { "reference_url": "https://www.samba.org/samba/security/CVE-2022-42898.html", "reference_id": "CVE-2022-42898.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://www.samba.org/samba/security/CVE-2022-42898.html" }, { "reference_url": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", "reference_id": "ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583" }, { "reference_url": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c", "reference_id": "GHSA-64mq-fvfj-5x3c", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://security.gentoo.org/glsa/202310-06", "reference_id": "GLSA-202310-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://security.gentoo.org/glsa/202310-06" }, { "reference_url": "https://security.gentoo.org/glsa/202405-11", "reference_id": "GLSA-202405-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-11" }, { "reference_url": "https://web.mit.edu/kerberos/krb5-1.19/", "reference_id": "krb5-1.19", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://web.mit.edu/kerberos/krb5-1.19/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230216-0008/", "reference_id": "ntap-20230216-0008", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230216-0008/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230223-0001/", "reference_id": "ntap-20230223-0001", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230223-0001/" }, { "reference_url": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt", "reference_id": "README-1.20.1.txt", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8637", "reference_id": "RHSA-2022:8637", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8637" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8638", "reference_id": "RHSA-2022:8638", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8638" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8639", "reference_id": "RHSA-2022:8639", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8639" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8640", "reference_id": "RHSA-2022:8640", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8640" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8641", "reference_id": "RHSA-2022:8641", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8641" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8648", "reference_id": "RHSA-2022:8648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8662", "reference_id": "RHSA-2022:8662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8663", "reference_id": "RHSA-2022:8663", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8663" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8669", "reference_id": "RHSA-2022:8669", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9029", "reference_id": "RHSA-2022:9029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9029" }, { "reference_url": "https://bugzilla.samba.org/show_bug.cgi?id=15203", "reference_id": "show_bug.cgi?id=15203", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/" } ], "url": "https://bugzilla.samba.org/show_bug.cgi?id=15203" }, { "reference_url": "https://usn.ubuntu.com/5800-1/", "reference_id": "USN-5800-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5800-1/" }, { "reference_url": "https://usn.ubuntu.com/5822-1/", "reference_id": "USN-5822-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5822-1/" }, { "reference_url": "https://usn.ubuntu.com/5828-1/", "reference_id": "USN-5828-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5828-1/" }, { "reference_url": "https://usn.ubuntu.com/5936-1/", "reference_id": "USN-5936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5936-1/" }, { "reference_url": "https://usn.ubuntu.com/7582-1/", "reference_id": "USN-7582-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7582-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371051?format=api", "purl": "pkg:alpm/archlinux/samba@4.17.5-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/samba@4.17.5-1" } ], "aliases": [ "CVE-2022-42898" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3du2-evy8-jfa1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48502?format=api", "vulnerability_id": "VCID-5cd3-497h-qkhw", "summary": "Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38023.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38023.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57789", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57735", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57757", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.5773", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57785", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57787", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57804", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57782", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57761", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64514", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64376", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64421", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64467", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64436", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64461", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.6515", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65162", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65134", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65149", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65163", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38023" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154362", "reference_id": "2154362", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154362" }, { "reference_url": "https://security.archlinux.org/AVG-2828", "reference_id": "AVG-2828", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2828" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0637", "reference_id": "RHSA-2023:0637", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0637" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0638", "reference_id": "RHSA-2023:0638", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0638" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0639", "reference_id": "RHSA-2023:0639", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0639" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0838", "reference_id": "RHSA-2023:0838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1090", "reference_id": "RHSA-2023:1090", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1090" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2127", "reference_id": "RHSA-2023:2127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2136", "reference_id": "RHSA-2023:2136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2137", "reference_id": "RHSA-2023:2137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3491", "reference_id": "RHSA-2023:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3491" }, { "reference_url": "https://usn.ubuntu.com/5822-1/", "reference_id": "USN-5822-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5822-1/" }, { "reference_url": "https://usn.ubuntu.com/5936-1/", "reference_id": "USN-5936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5936-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371051?format=api", "purl": "pkg:alpm/archlinux/samba@4.17.5-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/samba@4.17.5-1" } ], "aliases": [ "CVE-2022-38023" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5cd3-497h-qkhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48503?format=api", "vulnerability_id": "VCID-7xdg-sn88-bkbs", "summary": "Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45141.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45141.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-45141", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71534", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71425", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71412", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71448", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71483", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71449", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71478", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.7129", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71308", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71282", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71324", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71337", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.7136", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71345", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71328", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71374", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71381", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71361", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71413", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0067", "scoring_system": "epss", "scoring_elements": "0.71421", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-45141" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45141", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45141" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154376", "reference_id": "2154376", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154376" }, { "reference_url": "https://security.archlinux.org/AVG-2828", "reference_id": "AVG-2828", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2828" }, { "reference_url": "https://www.samba.org/samba/security/CVE-2022-45141.html", "reference_id": "CVE-2022-45141.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-06T20:38:03Z/" } ], "url": "https://www.samba.org/samba/security/CVE-2022-45141.html" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-06T20:38:03Z/" } ], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://usn.ubuntu.com/5822-1/", "reference_id": "USN-5822-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5822-1/" }, { "reference_url": "https://usn.ubuntu.com/5936-1/", "reference_id": "USN-5936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5936-1/" }, { "reference_url": "https://usn.ubuntu.com/7582-1/", "reference_id": "USN-7582-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7582-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371051?format=api", "purl": "pkg:alpm/archlinux/samba@4.17.5-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/samba@4.17.5-1" } ], "aliases": [ "CVE-2022-45141" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7xdg-sn88-bkbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48501?format=api", "vulnerability_id": "VCID-84q8-2457-qkc5", "summary": "Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37967.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37967.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37967", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.86663", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.86605", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.86622", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.86618", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.86629", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.86474", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.86492", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.86511", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.8652", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.86535", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.86532", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.86526", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.86541", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.86547", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.8654", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.86558", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.86567", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.86566", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02981", "scoring_system": "epss", "scoring_elements": "0.86587", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37967" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154320", "reference_id": "2154320", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154320" }, { "reference_url": "https://security.archlinux.org/AVG-2828", "reference_id": "AVG-2828", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2828" }, { "reference_url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37967", "reference_id": "CVE-2022-37967", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T13:57:00Z/" } ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37967" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://usn.ubuntu.com/5822-1/", "reference_id": "USN-5822-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5822-1/" }, { "reference_url": "https://usn.ubuntu.com/5936-1/", "reference_id": "USN-5936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5936-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371051?format=api", "purl": "pkg:alpm/archlinux/samba@4.17.5-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/samba@4.17.5-1" } ], "aliases": [ "CVE-2022-37967" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-84q8-2457-qkc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/266406?format=api", "vulnerability_id": "VCID-g5j1-tqrd-nkan", "summary": "A vulnerability classified as critical was found in SourceCodester Human Resource Management System 1.0. This vulnerability affects unknown code of the component Profile Photo Handler. The manipulation of the argument parameter leads to os command injection. The attack can be initiated remotely. The identifier of this vulnerability is VDB-210772.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.75767", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.75746", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.75736", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01013", "scoring_system": "epss", "scoring_elements": "0.77157", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01013", "scoring_system": "epss", "scoring_elements": "0.77136", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01013", "scoring_system": "epss", "scoring_elements": "0.77131", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01013", "scoring_system": "epss", "scoring_elements": "0.77172", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01013", "scoring_system": "epss", "scoring_elements": "0.77173", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01013", "scoring_system": "epss", "scoring_elements": "0.77165", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01013", "scoring_system": "epss", "scoring_elements": "0.77199", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01013", "scoring_system": "epss", "scoring_elements": "0.77206", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01013", "scoring_system": "epss", "scoring_elements": "0.77221", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01013", "scoring_system": "epss", "scoring_elements": "0.77225", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01013", "scoring_system": "epss", "scoring_elements": "0.77254", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01013", "scoring_system": "epss", "scoring_elements": "0.77275", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.01013", "scoring_system": "epss", "scoring_elements": "0.77264", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.01013", "scoring_system": "epss", "scoring_elements": "0.77281", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.01013", "scoring_system": "epss", "scoring_elements": "0.77327", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.01013", "scoring_system": "epss", "scoring_elements": "0.77119", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01013", "scoring_system": "epss", "scoring_elements": "0.77129", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3492" }, { "reference_url": "https://security.archlinux.org/AVG-2828", "reference_id": "AVG-2828", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2828" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371051?format=api", "purl": "pkg:alpm/archlinux/samba@4.17.5-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/samba@4.17.5-1" } ], "aliases": [ "CVE-2022-3492" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g5j1-tqrd-nkan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48490?format=api", "vulnerability_id": "VCID-s2ne-rcp3-nbgz", "summary": "Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3437.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3437.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3437", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72746", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72529", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.7256", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72572", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72596", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72579", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72568", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.7261", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72621", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72612", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72654", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72663", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72659", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.7265", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72681", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72705", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72668", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72694", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72545", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72522", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/02/08/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/02/08/1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187", "reference_id": "1024187", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137774", "reference_id": "2137774", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137774" }, { "reference_url": "https://security.archlinux.org/AVG-2828", "reference_id": "AVG-2828", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2828" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2022-3437", "reference_id": "CVE-2022-3437", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2022-3437" }, { "reference_url": "https://www.samba.org/samba/security/CVE-2022-3437.html", "reference_id": "CVE-2022-3437.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/" } ], "url": "https://www.samba.org/samba/security/CVE-2022-3437.html" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/" } ], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://security.gentoo.org/glsa/202310-06", "reference_id": "GLSA-202310-06", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/" } ], "url": "https://security.gentoo.org/glsa/202310-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230216-0008/", "reference_id": "ntap-20230216-0008", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230216-0008/" }, { "reference_url": "https://usn.ubuntu.com/5800-1/", "reference_id": "USN-5800-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5800-1/" }, { "reference_url": "https://usn.ubuntu.com/5822-1/", "reference_id": "USN-5822-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5822-1/" }, { "reference_url": "https://usn.ubuntu.com/5936-1/", "reference_id": "USN-5936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5936-1/" }, { "reference_url": "https://usn.ubuntu.com/7582-1/", "reference_id": "USN-7582-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7582-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371051?format=api", "purl": "pkg:alpm/archlinux/samba@4.17.5-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/samba@4.17.5-1" } ], "aliases": [ "CVE-2022-3437" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s2ne-rcp3-nbgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48500?format=api", "vulnerability_id": "VCID-xmn1-g72k-8qcq", "summary": "Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37966.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37966.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37966", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80452", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80383", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80401", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80395", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80411", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80215", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80235", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80224", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80252", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80262", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.8028", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80265", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80259", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80291", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80295", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80321", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80327", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80345", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.8036", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37966" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154303", "reference_id": "2154303", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154303" }, { "reference_url": "https://security.archlinux.org/AVG-2828", "reference_id": "AVG-2828", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2828" }, { "reference_url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966", "reference_id": "CVE-2022-37966", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T13:50:56Z/" } ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966" }, { "reference_url": "https://security.gentoo.org/glsa/202309-06", "reference_id": "GLSA-202309-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-06" }, { "reference_url": "https://usn.ubuntu.com/5822-1/", "reference_id": "USN-5822-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5822-1/" }, { "reference_url": "https://usn.ubuntu.com/5936-1/", "reference_id": "USN-5936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5936-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371051?format=api", "purl": "pkg:alpm/archlinux/samba@4.17.5-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/samba@4.17.5-1" } ], "aliases": [ "CVE-2022-37966" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xmn1-g72k-8qcq" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/samba@4.17.4-4" }