{"url":"http://public2.vulnerablecode.io/api/packages/4424?format=json","purl":"pkg:deb/debian/samba@2.2.3a-15","type":"deb","namespace":"debian","name":"samba","version":"2.2.3a-15","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2:4.17.12+dfsg-0+deb12u2","latest_non_vulnerable_version":"2:4.17.12+dfsg-0+deb12u2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3643?format=json","vulnerability_id":"VCID-1yzz-fu2r-rqgy","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44142.json","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44142.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44142","reference_id":"","reference_type":"","scores":[{"value":"0.35695","scoring_system":"epss","scoring_elements":"0.97161","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44142"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004693","reference_id":"1004693","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2046146","reference_id":"2046146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2046146"},{"reference_url":"https://security.archlinux.org/AVG-2648","reference_id":"AVG-2648","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2648"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0328","reference_id":"RHSA-2022:0328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0329","reference_id":"RHSA-2022:0329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0330","reference_id":"RHSA-2022:0330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0331","reference_id":"RHSA-2022:0331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0332","reference_id":"RHSA-2022:0332","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0332"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0457","reference_id":"RHSA-2022:0457","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0457"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0458","reference_id":"RHSA-2022:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0663","reference_id":"RHSA-2022:0663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0664","reference_id":"RHSA-2022:0664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0664"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5394?format=json","purl":"pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3"}],"aliases":["CVE-2021-44142"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1yzz-fu2r-rqgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6202?format=json","vulnerability_id":"VCID-26vq-jj49-byez","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16841.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16841.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16841","reference_id":"","reference_type":"","scores":[{"value":"0.09452","scoring_system":"epss","scoring_elements":"0.92965","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1642545","reference_id":"1642545","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1642545"},{"reference_url":"https://security.archlinux.org/ASA-201811-22","reference_id":"ASA-201811-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-22"},{"reference_url":"https://security.archlinux.org/AVG-823","reference_id":"AVG-823","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-823"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5042?format=json","purl":"pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5394?format=json","purl":"pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3"}],"aliases":["CVE-2018-16841"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-26vq-jj49-byez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6201?format=json","vulnerability_id":"VCID-35qh-y7xf-nkdn","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16851.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16851.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16851","reference_id":"","reference_type":"","scores":[{"value":"0.08925","scoring_system":"epss","scoring_elements":"0.92732","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646377","reference_id":"1646377","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646377"},{"reference_url":"https://security.archlinux.org/ASA-201811-22","reference_id":"ASA-201811-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-22"},{"reference_url":"https://security.archlinux.org/AVG-823","reference_id":"AVG-823","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-823"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5042?format=json","purl":"pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5394?format=json","purl":"pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3"}],"aliases":["CVE-2018-16851"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-35qh-y7xf-nkdn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4311?format=json","vulnerability_id":"VCID-3ddh-cm8f-nuf2","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1050.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1050.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1050","reference_id":"","reference_type":"","scores":[{"value":"0.19654","scoring_system":"epss","scoring_elements":"0.95539","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1050"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1538771","reference_id":"1538771","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1538771"},{"reference_url":"https://security.archlinux.org/ASA-201803-10","reference_id":"ASA-201803-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-10"},{"reference_url":"https://security.archlinux.org/AVG-651","reference_id":"AVG-651","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-651"},{"reference_url":"https://security.gentoo.org/glsa/201805-07","reference_id":"GLSA-201805-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201805-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1860","reference_id":"RHSA-2018:1860","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1860"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1883","reference_id":"RHSA-2018:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2612","reference_id":"RHSA-2018:2612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2613","reference_id":"RHSA-2018:2613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3056","reference_id":"RHSA-2018:3056","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3056"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5042?format=json","purl":"pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5394?format=json","purl":"pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3"}],"aliases":["CVE-2018-1050"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ddh-cm8f-nuf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100665?format=json","vulnerability_id":"VCID-4pjr-6tfv-hqgu","summary":"The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7540.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7540.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7540","reference_id":"","reference_type":"","scores":[{"value":"0.39597","scoring_system":"epss","scoring_elements":"0.97384","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1288451","reference_id":"1288451","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1288451"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0010","reference_id":"RHSA-2016:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0015","reference_id":"RHSA-2016:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0015"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4431?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8tyg-f73c-zuh3"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-eaxm-5jgj-eqcg"},{"vulnerability":"VCID-egeg-4ds7-d3d1"},{"vulnerability":"VCID-enbr-g8ae-ubbc"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m364-w7f6-aug7"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-p4mk-1t9q-sbb3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-vtne-we7s-tuet"},{"vulnerability":"VCID-xvjy-amhr-z3d8"},{"vulnerability":"VCID-yt92-mfwy-z7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7"}],"aliases":["CVE-2015-7540"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4pjr-6tfv-hqgu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7023?format=json","vulnerability_id":"VCID-5tub-1spq-b7c7","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25719.json","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25719.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25719","reference_id":"","reference_type":"","scores":[{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43839","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25719"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019732","reference_id":"2019732","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019732"},{"reference_url":"https://security.archlinux.org/AVG-2538","reference_id":"AVG-2538","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2538"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5142","reference_id":"RHSA-2021:5142","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5142"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5195","reference_id":"RHSA-2021:5195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0007","reference_id":"RHSA-2022:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0076","reference_id":"RHSA-2022:0076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0076"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5636?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6"}],"aliases":["CVE-2020-25719"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5tub-1spq-b7c7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6390?format=json","vulnerability_id":"VCID-688u-s2a3-8fha","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15275.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15275.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15275","reference_id":"","reference_type":"","scores":[{"value":"0.4327","scoring_system":"epss","scoring_elements":"0.97572","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15275"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1512465","reference_id":"1512465","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1512465"},{"reference_url":"https://security.archlinux.org/ASA-201712-1","reference_id":"ASA-201712-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201712-1"},{"reference_url":"https://security.archlinux.org/AVG-535","reference_id":"AVG-535","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-535"},{"reference_url":"https://security.gentoo.org/glsa/201805-07","reference_id":"GLSA-201805-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201805-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3260","reference_id":"RHSA-2017:3260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3261","reference_id":"RHSA-2017:3261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3278","reference_id":"RHSA-2017:3278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3278"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4435?format=json","purl":"pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9"},{"url":"http://public2.vulnerablecode.io/api/packages/5042?format=json","purl":"pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5394?format=json","purl":"pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3"}],"aliases":["CVE-2017-15275"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-688u-s2a3-8fha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75219?format=json","vulnerability_id":"VCID-68mw-cr8k-qfgs","summary":"ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5330.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5330.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5330","reference_id":"","reference_type":"","scores":[{"value":"0.01625","scoring_system":"epss","scoring_elements":"0.82196","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281326","reference_id":"1281326","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281326"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0006","reference_id":"RHSA-2016:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0009","reference_id":"RHSA-2016:0009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0010","reference_id":"RHSA-2016:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0014","reference_id":"RHSA-2016:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0015","reference_id":"RHSA-2016:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0016","reference_id":"RHSA-2016:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0016"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4431?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8tyg-f73c-zuh3"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-eaxm-5jgj-eqcg"},{"vulnerability":"VCID-egeg-4ds7-d3d1"},{"vulnerability":"VCID-enbr-g8ae-ubbc"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m364-w7f6-aug7"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-p4mk-1t9q-sbb3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-vtne-we7s-tuet"},{"vulnerability":"VCID-xvjy-amhr-z3d8"},{"vulnerability":"VCID-yt92-mfwy-z7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7"}],"aliases":["CVE-2015-5330"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-68mw-cr8k-qfgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100668?format=json","vulnerability_id":"VCID-6pd7-pxth-3faj","summary":"The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0771.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0771.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0771","reference_id":"","reference_type":"","scores":[{"value":"0.05663","scoring_system":"epss","scoring_elements":"0.90536","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1309978","reference_id":"1309978","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1309978"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4431?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8tyg-f73c-zuh3"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-eaxm-5jgj-eqcg"},{"vulnerability":"VCID-egeg-4ds7-d3d1"},{"vulnerability":"VCID-enbr-g8ae-ubbc"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m364-w7f6-aug7"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-p4mk-1t9q-sbb3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-vtne-we7s-tuet"},{"vulnerability":"VCID-xvjy-amhr-z3d8"},{"vulnerability":"VCID-yt92-mfwy-z7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7"}],"aliases":["CVE-2016-0771"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6pd7-pxth-3faj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100649?format=json","vulnerability_id":"VCID-6y1r-n3tf-qbfy","summary":"Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream (ADS).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4475.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4475.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4475","reference_id":"","reference_type":"","scores":[{"value":"0.06902","scoring_system":"epss","scoring_elements":"0.91547","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1024542","reference_id":"1024542","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1024542"},{"reference_url":"https://security.gentoo.org/glsa/201502-15","reference_id":"GLSA-201502-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1806","reference_id":"RHSA-2013:1806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0009","reference_id":"RHSA-2014:0009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0009"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4431?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8tyg-f73c-zuh3"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-eaxm-5jgj-eqcg"},{"vulnerability":"VCID-egeg-4ds7-d3d1"},{"vulnerability":"VCID-enbr-g8ae-ubbc"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m364-w7f6-aug7"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-p4mk-1t9q-sbb3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-vtne-we7s-tuet"},{"vulnerability":"VCID-xvjy-amhr-z3d8"},{"vulnerability":"VCID-yt92-mfwy-z7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7"}],"aliases":["CVE-2013-4475"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6y1r-n3tf-qbfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100657?format=json","vulnerability_id":"VCID-82sk-6wse-qkbh","summary":"The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a character-set conversion failure that triggers an invalid pointer dereference.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3493.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3493.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3493","reference_id":"","reference_type":"","scores":[{"value":"0.02413","scoring_system":"epss","scoring_elements":"0.85384","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3493"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1108748","reference_id":"1108748","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1108748"},{"reference_url":"https://security.gentoo.org/glsa/201502-15","reference_id":"GLSA-201502-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0866","reference_id":"RHSA-2014:0866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0867","reference_id":"RHSA-2014:0867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1009","reference_id":"RHSA-2014:1009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1009"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4431?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8tyg-f73c-zuh3"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-eaxm-5jgj-eqcg"},{"vulnerability":"VCID-egeg-4ds7-d3d1"},{"vulnerability":"VCID-enbr-g8ae-ubbc"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m364-w7f6-aug7"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-p4mk-1t9q-sbb3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-vtne-we7s-tuet"},{"vulnerability":"VCID-xvjy-amhr-z3d8"},{"vulnerability":"VCID-yt92-mfwy-z7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7"}],"aliases":["CVE-2014-3493"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-82sk-6wse-qkbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100660?format=json","vulnerability_id":"VCID-8hfr-fp5z-s3c1","summary":"The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0240.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0240.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0240","reference_id":"","reference_type":"","scores":[{"value":"0.90696","scoring_system":"epss","scoring_elements":"0.99637","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0240"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0240","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0240"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1191325","reference_id":"1191325","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1191325"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779033","reference_id":"779033","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779033"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/dos/36741.py","reference_id":"CVE-2015-0240;OSVDB-118637","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/dos/36741.py"},{"reference_url":"https://security.gentoo.org/glsa/201502-15","reference_id":"GLSA-201502-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0249","reference_id":"RHSA-2015:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0250","reference_id":"RHSA-2015:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0251","reference_id":"RHSA-2015:0251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0251"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0252","reference_id":"RHSA-2015:0252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0253","reference_id":"RHSA-2015:0253","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0253"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0254","reference_id":"RHSA-2015:0254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0255","reference_id":"RHSA-2015:0255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0256","reference_id":"RHSA-2015:0256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0257","reference_id":"RHSA-2015:0257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0257"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4431?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8tyg-f73c-zuh3"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-eaxm-5jgj-eqcg"},{"vulnerability":"VCID-egeg-4ds7-d3d1"},{"vulnerability":"VCID-enbr-g8ae-ubbc"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m364-w7f6-aug7"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-p4mk-1t9q-sbb3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-vtne-we7s-tuet"},{"vulnerability":"VCID-xvjy-amhr-z3d8"},{"vulnerability":"VCID-yt92-mfwy-z7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7"}],"aliases":["CVE-2015-0240"],"risk_score":1.6,"exploitability":"2.0","weighted_severity":"0.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8hfr-fp5z-s3c1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100675?format=json","vulnerability_id":"VCID-8tyg-f73c-zuh3","summary":"Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2115.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2115.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2115","reference_id":"","reference_type":"","scores":[{"value":"0.22744","scoring_system":"epss","scoring_elements":"0.95973","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1312084","reference_id":"1312084","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1312084"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0611","reference_id":"RHSA-2016:0611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0612","reference_id":"RHSA-2016:0612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0613","reference_id":"RHSA-2016:0613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0614","reference_id":"RHSA-2016:0614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0618","reference_id":"RHSA-2016:0618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0619","reference_id":"RHSA-2016:0619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0620","reference_id":"RHSA-2016:0620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0624","reference_id":"RHSA-2016:0624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0624"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4432?format=json","purl":"pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-xvjy-amhr-z3d8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1"}],"aliases":["CVE-2016-2115"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8tyg-f73c-zuh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5845?format=json","vulnerability_id":"VCID-8ztz-2n8a-gqbm","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10730.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10730.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10730","reference_id":"","reference_type":"","scores":[{"value":"0.03789","scoring_system":"epss","scoring_elements":"0.88279","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1849489","reference_id":"1849489","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1849489"},{"reference_url":"https://security.archlinux.org/AVG-1202","reference_id":"AVG-1202","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1202"},{"reference_url":"https://security.gentoo.org/glsa/202007-15","reference_id":"GLSA-202007-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3118","reference_id":"RHSA-2020:3118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3119","reference_id":"RHSA-2020:3119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4568","reference_id":"RHSA-2020:4568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4568"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5636?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6"}],"aliases":["CVE-2020-10730"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8ztz-2n8a-gqbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6199?format=json","vulnerability_id":"VCID-92g2-se8k-ybh5","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16853.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16853.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16853","reference_id":"","reference_type":"","scores":[{"value":"0.04908","scoring_system":"epss","scoring_elements":"0.89783","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16853"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1647246","reference_id":"1647246","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1647246"},{"reference_url":"https://security.archlinux.org/ASA-201811-22","reference_id":"ASA-201811-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-22"},{"reference_url":"https://security.archlinux.org/AVG-823","reference_id":"AVG-823","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-823"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5394?format=json","purl":"pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3"}],"aliases":["CVE-2018-16853"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-92g2-se8k-ybh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100666?format=json","vulnerability_id":"VCID-94d3-5rgf-x3dh","summary":"The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7560.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7560.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7560","reference_id":"","reference_type":"","scores":[{"value":"0.03995","scoring_system":"epss","scoring_elements":"0.88627","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1309992","reference_id":"1309992","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1309992"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0447","reference_id":"RHSA-2016:0447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0448","reference_id":"RHSA-2016:0448","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0448"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0449","reference_id":"RHSA-2016:0449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0449"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4431?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8tyg-f73c-zuh3"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-eaxm-5jgj-eqcg"},{"vulnerability":"VCID-egeg-4ds7-d3d1"},{"vulnerability":"VCID-enbr-g8ae-ubbc"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m364-w7f6-aug7"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-p4mk-1t9q-sbb3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-vtne-we7s-tuet"},{"vulnerability":"VCID-xvjy-amhr-z3d8"},{"vulnerability":"VCID-yt92-mfwy-z7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7"},{"url":"http://public2.vulnerablecode.io/api/packages/4435?format=json","purl":"pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9"}],"aliases":["CVE-2015-7560"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-94d3-5rgf-x3dh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6552?format=json","vulnerability_id":"VCID-apjj-ezss-a3hj","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7494.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7494.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7494","reference_id":"","reference_type":"","scores":[{"value":"0.94176","scoring_system":"epss","scoring_elements":"0.99922","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7494"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1450347","reference_id":"1450347","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1450347"},{"reference_url":"https://security.archlinux.org/ASA-201705-22","reference_id":"ASA-201705-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201705-22"},{"reference_url":"https://security.archlinux.org/AVG-279","reference_id":"AVG-279","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-279"},{"reference_url":"https://github.com/rapid7/metasploit-framework/blob/ae22b4ccf4a3dde77ec339d83091b057aa7e9a77/modules/exploits/linux/samba/is_known_pipename.rb","reference_id":"CVE-2017-7494","reference_type":"exploit","scores":[],"url":"https://github.com/rapid7/metasploit-framework/blob/ae22b4ccf4a3dde77ec339d83091b057aa7e9a77/modules/exploits/linux/samba/is_known_pipename.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42060.py","reference_id":"CVE-2017-7494","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42060.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42084.rb","reference_id":"CVE-2017-7494","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42084.rb"},{"reference_url":"https://security.gentoo.org/glsa/201805-07","reference_id":"GLSA-201805-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201805-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1270","reference_id":"RHSA-2017:1270","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1270"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1271","reference_id":"RHSA-2017:1271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1272","reference_id":"RHSA-2017:1272","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1272"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1273","reference_id":"RHSA-2017:1273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1390","reference_id":"RHSA-2017:1390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1390"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4435?format=json","purl":"pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9"},{"url":"http://public2.vulnerablecode.io/api/packages/5042?format=json","purl":"pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2"}],"aliases":["CVE-2017-7494"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-apjj-ezss-a3hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100653?format=json","vulnerability_id":"VCID-b1ja-e7jm-gbhc","summary":"Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRV_SNAPSHOT_ARRAY response field, which allows remote authenticated users to obtain potentially sensitive information from process memory via a (1) FSCTL_GET_SHADOW_COPY_DATA or (2) FSCTL_SRV_ENUMERATE_SNAPSHOTS request.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0178.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0178.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0178","reference_id":"","reference_type":"","scores":[{"value":"0.02302","scoring_system":"epss","scoring_elements":"0.85036","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1101992","reference_id":"1101992","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1101992"},{"reference_url":"https://security.gentoo.org/glsa/201502-15","reference_id":"GLSA-201502-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0867","reference_id":"RHSA-2014:0867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1009","reference_id":"RHSA-2014:1009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1009"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4431?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8tyg-f73c-zuh3"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-eaxm-5jgj-eqcg"},{"vulnerability":"VCID-egeg-4ds7-d3d1"},{"vulnerability":"VCID-enbr-g8ae-ubbc"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m364-w7f6-aug7"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-p4mk-1t9q-sbb3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-vtne-we7s-tuet"},{"vulnerability":"VCID-xvjy-amhr-z3d8"},{"vulnerability":"VCID-yt92-mfwy-z7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7"}],"aliases":["CVE-2014-0178"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b1ja-e7jm-gbhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4668?format=json","vulnerability_id":"VCID-b9y4-s6nz-kkby","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2123.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2123.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2123","reference_id":"","reference_type":"","scores":[{"value":"0.00863","scoring_system":"epss","scoring_elements":"0.75432","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2123"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1392702","reference_id":"1392702","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1392702"},{"reference_url":"https://security.archlinux.org/ASA-201612-19","reference_id":"ASA-201612-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-19"},{"reference_url":"https://security.archlinux.org/AVG-111","reference_id":"AVG-111","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-111"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4435?format=json","purl":"pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9"},{"url":"http://public2.vulnerablecode.io/api/packages/5042?format=json","purl":"pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2"}],"aliases":["CVE-2016-2123"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b9y4-s6nz-kkby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100663?format=json","vulnerability_id":"VCID-c99r-m2v5-zqa3","summary":"The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote attackers to access snapshots by visiting a shadow copy directory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5299.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5299.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5299","reference_id":"","reference_type":"","scores":[{"value":"0.09138","scoring_system":"epss","scoring_elements":"0.92829","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1276126","reference_id":"1276126","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1276126"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0006","reference_id":"RHSA-2016:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0010","reference_id":"RHSA-2016:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0011","reference_id":"RHSA-2016:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0015","reference_id":"RHSA-2016:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0016","reference_id":"RHSA-2016:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0016"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4431?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8tyg-f73c-zuh3"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-eaxm-5jgj-eqcg"},{"vulnerability":"VCID-egeg-4ds7-d3d1"},{"vulnerability":"VCID-enbr-g8ae-ubbc"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m364-w7f6-aug7"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-p4mk-1t9q-sbb3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-vtne-we7s-tuet"},{"vulnerability":"VCID-xvjy-amhr-z3d8"},{"vulnerability":"VCID-yt92-mfwy-z7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7"},{"url":"http://public2.vulnerablecode.io/api/packages/4435?format=json","purl":"pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9"}],"aliases":["CVE-2015-5299"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c99r-m2v5-zqa3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6203?format=json","vulnerability_id":"VCID-dtxj-7cam-x3g9","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14629.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14629.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14629","reference_id":"","reference_type":"","scores":[{"value":"0.08971","scoring_system":"epss","scoring_elements":"0.92753","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1625449","reference_id":"1625449","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1625449"},{"reference_url":"https://security.archlinux.org/ASA-201811-22","reference_id":"ASA-201811-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-22"},{"reference_url":"https://security.archlinux.org/AVG-823","reference_id":"AVG-823","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-823"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5042?format=json","purl":"pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5394?format=json","purl":"pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3"}],"aliases":["CVE-2018-14629"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dtxj-7cam-x3g9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7018?format=json","vulnerability_id":"VCID-dzyk-akhc-t7d2","summary":"silent downgrade","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2124.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2124.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2124","reference_id":"","reference_type":"","scores":[{"value":"0.00699","scoring_system":"epss","scoring_elements":"0.72361","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2124"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019660","reference_id":"2019660","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019660"},{"reference_url":"https://security.archlinux.org/AVG-2539","reference_id":"AVG-2539","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2539"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4843","reference_id":"RHSA-2021:4843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4844","reference_id":"RHSA-2021:4844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5082","reference_id":"RHSA-2021:5082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5082"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5192","reference_id":"RHSA-2021:5192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0008","reference_id":"RHSA-2022:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0074","reference_id":"RHSA-2022:0074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0074"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5636?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6"}],"aliases":["CVE-2016-2124"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dzyk-akhc-t7d2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100670?format=json","vulnerability_id":"VCID-eaxm-5jgj-eqcg","summary":"The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2111.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2111.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2111","reference_id":"","reference_type":"","scores":[{"value":"0.02808","scoring_system":"epss","scoring_elements":"0.864","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311902","reference_id":"1311902","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311902"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0611","reference_id":"RHSA-2016:0611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0612","reference_id":"RHSA-2016:0612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0613","reference_id":"RHSA-2016:0613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0614","reference_id":"RHSA-2016:0614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0618","reference_id":"RHSA-2016:0618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0619","reference_id":"RHSA-2016:0619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0620","reference_id":"RHSA-2016:0620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0621","reference_id":"RHSA-2016:0621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0623","reference_id":"RHSA-2016:0623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0624","reference_id":"RHSA-2016:0624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0625","reference_id":"RHSA-2016:0625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0625"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4432?format=json","purl":"pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-xvjy-amhr-z3d8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1"}],"aliases":["CVE-2016-2111"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eaxm-5jgj-eqcg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100676?format=json","vulnerability_id":"VCID-egeg-4ds7-d3d1","summary":"The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka \"BADLOCK.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2118.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2118.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2118","reference_id":"","reference_type":"","scores":[{"value":"0.78522","scoring_system":"epss","scoring_elements":"0.99061","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2118"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1317990","reference_id":"1317990","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1317990"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0611","reference_id":"RHSA-2016:0611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0612","reference_id":"RHSA-2016:0612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0613","reference_id":"RHSA-2016:0613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0614","reference_id":"RHSA-2016:0614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0618","reference_id":"RHSA-2016:0618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0619","reference_id":"RHSA-2016:0619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0620","reference_id":"RHSA-2016:0620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0621","reference_id":"RHSA-2016:0621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0623","reference_id":"RHSA-2016:0623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0624","reference_id":"RHSA-2016:0624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0625","reference_id":"RHSA-2016:0625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0625"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4432?format=json","purl":"pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-xvjy-amhr-z3d8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1"}],"aliases":["CVE-2016-2118"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-egeg-4ds7-d3d1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100672?format=json","vulnerability_id":"VCID-enbr-g8ae-ubbc","summary":"Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof LDAPS and HTTPS servers and obtain sensitive information via a crafted certificate.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2113.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2113.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2113","reference_id":"","reference_type":"","scores":[{"value":"0.04197","scoring_system":"epss","scoring_elements":"0.88919","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311910","reference_id":"1311910","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311910"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0612","reference_id":"RHSA-2016:0612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0614","reference_id":"RHSA-2016:0614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0618","reference_id":"RHSA-2016:0618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0620","reference_id":"RHSA-2016:0620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0620"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4432?format=json","purl":"pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-xvjy-amhr-z3d8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1"}],"aliases":["CVE-2016-2113"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-enbr-g8ae-ubbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100648?format=json","vulnerability_id":"VCID-et6f-6gtc-5ues","summary":"Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4408.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4408.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4408","reference_id":"","reference_type":"","scores":[{"value":"0.0295","scoring_system":"epss","scoring_elements":"0.86719","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1018032","reference_id":"1018032","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1018032"},{"reference_url":"https://security.gentoo.org/glsa/201502-15","reference_id":"GLSA-201502-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1805","reference_id":"RHSA-2013:1805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1806","reference_id":"RHSA-2013:1806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0009","reference_id":"RHSA-2014:0009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0009"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4431?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8tyg-f73c-zuh3"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-eaxm-5jgj-eqcg"},{"vulnerability":"VCID-egeg-4ds7-d3d1"},{"vulnerability":"VCID-enbr-g8ae-ubbc"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m364-w7f6-aug7"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-p4mk-1t9q-sbb3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-vtne-we7s-tuet"},{"vulnerability":"VCID-xvjy-amhr-z3d8"},{"vulnerability":"VCID-yt92-mfwy-z7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7"}],"aliases":["CVE-2013-4408"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-et6f-6gtc-5ues"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100656?format=json","vulnerability_id":"VCID-j317-uv8e-6fgn","summary":"The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0244.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0244.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0244","reference_id":"","reference_type":"","scores":[{"value":"0.20011","scoring_system":"epss","scoring_elements":"0.95588","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1097815","reference_id":"1097815","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1097815"},{"reference_url":"https://security.gentoo.org/glsa/201502-15","reference_id":"GLSA-201502-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0866","reference_id":"RHSA-2014:0866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0867","reference_id":"RHSA-2014:0867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1009","reference_id":"RHSA-2014:1009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1009"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4431?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8tyg-f73c-zuh3"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-eaxm-5jgj-eqcg"},{"vulnerability":"VCID-egeg-4ds7-d3d1"},{"vulnerability":"VCID-enbr-g8ae-ubbc"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m364-w7f6-aug7"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-p4mk-1t9q-sbb3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-vtne-we7s-tuet"},{"vulnerability":"VCID-xvjy-amhr-z3d8"},{"vulnerability":"VCID-yt92-mfwy-z7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7"}],"aliases":["CVE-2014-0244"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j317-uv8e-6fgn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6391?format=json","vulnerability_id":"VCID-jmm9-r3u7-zufe","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14746.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14746.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14746","reference_id":"","reference_type":"","scores":[{"value":"0.31253","scoring_system":"epss","scoring_elements":"0.96859","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1511899","reference_id":"1511899","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1511899"},{"reference_url":"https://security.archlinux.org/ASA-201712-1","reference_id":"ASA-201712-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201712-1"},{"reference_url":"https://security.archlinux.org/AVG-535","reference_id":"AVG-535","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-535"},{"reference_url":"https://security.gentoo.org/glsa/201805-07","reference_id":"GLSA-201805-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201805-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3260","reference_id":"RHSA-2017:3260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3261","reference_id":"RHSA-2017:3261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3278","reference_id":"RHSA-2017:3278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3278"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4435?format=json","purl":"pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9"},{"url":"http://public2.vulnerablecode.io/api/packages/5042?format=json","purl":"pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5394?format=json","purl":"pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3"}],"aliases":["CVE-2017-14746"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jmm9-r3u7-zufe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4310?format=json","vulnerability_id":"VCID-jnby-fw2x-xyf4","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1057.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1057.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1057","reference_id":"","reference_type":"","scores":[{"value":"0.07722","scoring_system":"epss","scoring_elements":"0.92075","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1057"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553553","reference_id":"1553553","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553553"},{"reference_url":"https://security.archlinux.org/ASA-201803-10","reference_id":"ASA-201803-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-10"},{"reference_url":"https://security.archlinux.org/AVG-651","reference_id":"AVG-651","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-651"},{"reference_url":"https://security.gentoo.org/glsa/201805-07","reference_id":"GLSA-201805-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201805-07"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5042?format=json","purl":"pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5394?format=json","purl":"pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3"}],"aliases":["CVE-2018-1057"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jnby-fw2x-xyf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7021?format=json","vulnerability_id":"VCID-kwqt-87ga-1bbn","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25722.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25722.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25722","reference_id":"","reference_type":"","scores":[{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61724","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019764","reference_id":"2019764","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019764"},{"reference_url":"https://security.archlinux.org/AVG-2538","reference_id":"AVG-2538","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2538"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5636?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6"}],"aliases":["CVE-2020-25722"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kwqt-87ga-1bbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100664?format=json","vulnerability_id":"VCID-m364-w7f6-aug7","summary":"Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consumption), or possibly execute arbitrary code on a client system via unspecified vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5370.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5370.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5370","reference_id":"","reference_type":"","scores":[{"value":"0.21108","scoring_system":"epss","scoring_elements":"0.95764","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1309987","reference_id":"1309987","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1309987"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0611","reference_id":"RHSA-2016:0611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0612","reference_id":"RHSA-2016:0612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0613","reference_id":"RHSA-2016:0613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0614","reference_id":"RHSA-2016:0614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0618","reference_id":"RHSA-2016:0618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0619","reference_id":"RHSA-2016:0619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0620","reference_id":"RHSA-2016:0620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0624","reference_id":"RHSA-2016:0624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0624"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4432?format=json","purl":"pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-xvjy-amhr-z3d8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1"}],"aliases":["CVE-2015-5370"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m364-w7f6-aug7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5843?format=json","vulnerability_id":"VCID-m8f3-3jf6-2bdy","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10760.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10760.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10760","reference_id":"","reference_type":"","scores":[{"value":"0.02353","scoring_system":"epss","scoring_elements":"0.85198","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10760"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1849509","reference_id":"1849509","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1849509"},{"reference_url":"https://security.archlinux.org/AVG-1202","reference_id":"AVG-1202","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1202"},{"reference_url":"https://security.gentoo.org/glsa/202007-15","reference_id":"GLSA-202007-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5636?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6"}],"aliases":["CVE-2020-10760"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m8f3-3jf6-2bdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5842?format=json","vulnerability_id":"VCID-mxk6-6rwy-hfa3","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14303.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14303.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14303","reference_id":"","reference_type":"","scores":[{"value":"0.26364","scoring_system":"epss","scoring_elements":"0.96413","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14303"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1851298","reference_id":"1851298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1851298"},{"reference_url":"https://security.archlinux.org/AVG-1202","reference_id":"AVG-1202","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1202"},{"reference_url":"https://security.gentoo.org/glsa/202007-15","reference_id":"GLSA-202007-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5636?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6"}],"aliases":["CVE-2020-14303"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mxk6-6rwy-hfa3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4666?format=json","vulnerability_id":"VCID-n6xc-pvqq-9bgs","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2126.json","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2126.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2126","reference_id":"","reference_type":"","scores":[{"value":"0.04506","scoring_system":"epss","scoring_elements":"0.89323","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2126"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1403115","reference_id":"1403115","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1403115"},{"reference_url":"https://security.archlinux.org/ASA-201612-19","reference_id":"ASA-201612-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-19"},{"reference_url":"https://security.archlinux.org/AVG-111","reference_id":"AVG-111","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0494","reference_id":"RHSA-2017:0494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0495","reference_id":"RHSA-2017:0495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0662","reference_id":"RHSA-2017:0662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0744","reference_id":"RHSA-2017:0744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1265","reference_id":"RHSA-2017:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1265"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4435?format=json","purl":"pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9"},{"url":"http://public2.vulnerablecode.io/api/packages/5042?format=json","purl":"pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2"}],"aliases":["CVE-2016-2126"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n6xc-pvqq-9bgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6198?format=json","vulnerability_id":"VCID-njb3-9hmh-s3cg","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16857.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16857.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16857","reference_id":"","reference_type":"","scores":[{"value":"0.0224","scoring_system":"epss","scoring_elements":"0.84863","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16857"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649278","reference_id":"1649278","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649278"},{"reference_url":"https://security.archlinux.org/ASA-201811-22","reference_id":"ASA-201811-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-22"},{"reference_url":"https://security.archlinux.org/AVG-823","reference_id":"AVG-823","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-823"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5394?format=json","purl":"pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3"}],"aliases":["CVE-2018-16857"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-njb3-9hmh-s3cg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100673?format=json","vulnerability_id":"VCID-p4mk-1t9q-sbb3","summary":"The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the \"server signing = mandatory\" setting, which allows man-in-the-middle attackers to spoof SMB servers by modifying the client-server data stream.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2114.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2114.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2114","reference_id":"","reference_type":"","scores":[{"value":"0.05863","scoring_system":"epss","scoring_elements":"0.90727","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1312082","reference_id":"1312082","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1312082"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0612","reference_id":"RHSA-2016:0612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0614","reference_id":"RHSA-2016:0614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0618","reference_id":"RHSA-2016:0618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0620","reference_id":"RHSA-2016:0620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0620"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4432?format=json","purl":"pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-xvjy-amhr-z3d8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1"}],"aliases":["CVE-2016-2114"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p4mk-1t9q-sbb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5844?format=json","vulnerability_id":"VCID-qn5w-t24w-xye5","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10745.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10745.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10745","reference_id":"","reference_type":"","scores":[{"value":"0.19658","scoring_system":"epss","scoring_elements":"0.95539","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10745"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1849491","reference_id":"1849491","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1849491"},{"reference_url":"https://security.archlinux.org/AVG-1202","reference_id":"AVG-1202","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1202"},{"reference_url":"https://security.gentoo.org/glsa/202007-15","reference_id":"GLSA-202007-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5636?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6"}],"aliases":["CVE-2020-10745"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qn5w-t24w-xye5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7025?format=json","vulnerability_id":"VCID-r7zv-4yyc-mqeu","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25717.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25717.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25717","reference_id":"","reference_type":"","scores":[{"value":"0.00517","scoring_system":"epss","scoring_elements":"0.67053","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25717"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019672","reference_id":"2019672","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019672"},{"reference_url":"https://security.archlinux.org/AVG-2538","reference_id":"AVG-2538","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2538"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4843","reference_id":"RHSA-2021:4843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4844","reference_id":"RHSA-2021:4844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5082","reference_id":"RHSA-2021:5082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5082"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5192","reference_id":"RHSA-2021:5192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0008","reference_id":"RHSA-2022:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0074","reference_id":"RHSA-2022:0074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0133","reference_id":"RHSA-2022:0133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0443","reference_id":"RHSA-2022:0443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0443"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5394?format=json","purl":"pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3"},{"url":"http://public2.vulnerablecode.io/api/packages/5636?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6"}],"aliases":["CVE-2020-25717"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r7zv-4yyc-mqeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100667?format=json","vulnerability_id":"VCID-sdjf-rkjd-sudg","summary":"The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass intended access restrictions by leveraging the existence of a domain with both a Samba DC and a Windows DC, a similar issue to CVE-2015-2535.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8467.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8467.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8467","reference_id":"","reference_type":"","scores":[{"value":"0.01714","scoring_system":"epss","scoring_elements":"0.82702","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8467"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1290294","reference_id":"1290294","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1290294"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4431?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8tyg-f73c-zuh3"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-eaxm-5jgj-eqcg"},{"vulnerability":"VCID-egeg-4ds7-d3d1"},{"vulnerability":"VCID-enbr-g8ae-ubbc"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m364-w7f6-aug7"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-p4mk-1t9q-sbb3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-vtne-we7s-tuet"},{"vulnerability":"VCID-xvjy-amhr-z3d8"},{"vulnerability":"VCID-yt92-mfwy-z7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7"}],"aliases":["CVE-2015-8467"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sdjf-rkjd-sudg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6200?format=json","vulnerability_id":"VCID-sg5x-7v6b-ffgk","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16852.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16852.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16852","reference_id":"","reference_type":"","scores":[{"value":"0.02897","scoring_system":"epss","scoring_elements":"0.86592","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16852"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16852","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16852"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646386","reference_id":"1646386","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646386"},{"reference_url":"https://security.archlinux.org/ASA-201811-22","reference_id":"ASA-201811-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-22"},{"reference_url":"https://security.archlinux.org/AVG-823","reference_id":"AVG-823","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-823"},{"reference_url":"https://security.gentoo.org/glsa/202003-52","reference_id":"GLSA-202003-52","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5394?format=json","purl":"pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3"}],"aliases":["CVE-2018-16852"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sg5x-7v6b-ffgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7022?format=json","vulnerability_id":"VCID-ssh4-ukvg-5fej","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25721.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25721.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25721","reference_id":"","reference_type":"","scores":[{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58908","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2021728","reference_id":"2021728","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2021728"},{"reference_url":"https://security.archlinux.org/AVG-2538","reference_id":"AVG-2538","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2538"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5636?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6"}],"aliases":["CVE-2020-25721"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ssh4-ukvg-5fej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75218?format=json","vulnerability_id":"VCID-tyhs-5xjv-c7b5","summary":"The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3223.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3223.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3223","reference_id":"","reference_type":"","scores":[{"value":"0.20255","scoring_system":"epss","scoring_elements":"0.95629","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1290287","reference_id":"1290287","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1290287"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0009","reference_id":"RHSA-2016:0009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0014","reference_id":"RHSA-2016:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0014"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4431?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8tyg-f73c-zuh3"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-eaxm-5jgj-eqcg"},{"vulnerability":"VCID-egeg-4ds7-d3d1"},{"vulnerability":"VCID-enbr-g8ae-ubbc"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m364-w7f6-aug7"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-p4mk-1t9q-sbb3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-vtne-we7s-tuet"},{"vulnerability":"VCID-xvjy-amhr-z3d8"},{"vulnerability":"VCID-yt92-mfwy-z7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7"}],"aliases":["CVE-2015-3223"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tyhs-5xjv-c7b5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7024?format=json","vulnerability_id":"VCID-uwmy-xe5s-yubn","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25718.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25718.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25718","reference_id":"","reference_type":"","scores":[{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41646","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25718"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019726","reference_id":"2019726","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019726"},{"reference_url":"https://security.archlinux.org/AVG-2538","reference_id":"AVG-2538","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2538"},{"reference_url":"https://security.gentoo.org/glsa/202309-06","reference_id":"GLSA-202309-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5636?format=json","purl":"pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9cv8-xnmm-cyh8"},{"vulnerability":"VCID-hxfw-6htj-wkhg"},{"vulnerability":"VCID-j1a6-7vhx-sbh7"},{"vulnerability":"VCID-t156-69p4-s7gu"},{"vulnerability":"VCID-usyw-3jt1-xyez"},{"vulnerability":"VCID-xt8n-4rnc-b7fs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6"}],"aliases":["CVE-2020-25718"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uwmy-xe5s-yubn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4667?format=json","vulnerability_id":"VCID-vedj-x1yz-3uec","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2125.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2125.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2125","reference_id":"","reference_type":"","scores":[{"value":"0.08663","scoring_system":"epss","scoring_elements":"0.92601","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2125"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1403114","reference_id":"1403114","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1403114"},{"reference_url":"https://security.archlinux.org/ASA-201612-19","reference_id":"ASA-201612-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-19"},{"reference_url":"https://security.archlinux.org/AVG-111","reference_id":"AVG-111","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0494","reference_id":"RHSA-2017:0494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0495","reference_id":"RHSA-2017:0495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0662","reference_id":"RHSA-2017:0662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0744","reference_id":"RHSA-2017:0744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1265","reference_id":"RHSA-2017:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1265"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4435?format=json","purl":"pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9"},{"url":"http://public2.vulnerablecode.io/api/packages/5042?format=json","purl":"pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2"}],"aliases":["CVE-2016-2125"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vedj-x1yz-3uec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100669?format=json","vulnerability_id":"VCID-vtne-we7s-tuet","summary":"The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2110.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2110.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2110","reference_id":"","reference_type":"","scores":[{"value":"0.17748","scoring_system":"epss","scoring_elements":"0.95244","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311893","reference_id":"1311893","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311893"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0611","reference_id":"RHSA-2016:0611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0612","reference_id":"RHSA-2016:0612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0613","reference_id":"RHSA-2016:0613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0614","reference_id":"RHSA-2016:0614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0618","reference_id":"RHSA-2016:0618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0619","reference_id":"RHSA-2016:0619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0620","reference_id":"RHSA-2016:0620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0621","reference_id":"RHSA-2016:0621","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0623","reference_id":"RHSA-2016:0623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0624","reference_id":"RHSA-2016:0624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0625","reference_id":"RHSA-2016:0625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0625"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4432?format=json","purl":"pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-xvjy-amhr-z3d8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1"}],"aliases":["CVE-2016-2110"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vtne-we7s-tuet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100661?format=json","vulnerability_id":"VCID-x55t-cux2-q3gw","summary":"vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5252.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5252.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5252","reference_id":"","reference_type":"","scores":[{"value":"0.17333","scoring_system":"epss","scoring_elements":"0.95169","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1290288","reference_id":"1290288","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1290288"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0006","reference_id":"RHSA-2016:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0010","reference_id":"RHSA-2016:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0011","reference_id":"RHSA-2016:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0015","reference_id":"RHSA-2016:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0016","reference_id":"RHSA-2016:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0016"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4431?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8tyg-f73c-zuh3"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-eaxm-5jgj-eqcg"},{"vulnerability":"VCID-egeg-4ds7-d3d1"},{"vulnerability":"VCID-enbr-g8ae-ubbc"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m364-w7f6-aug7"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-p4mk-1t9q-sbb3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-vtne-we7s-tuet"},{"vulnerability":"VCID-xvjy-amhr-z3d8"},{"vulnerability":"VCID-yt92-mfwy-z7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7"}],"aliases":["CVE-2015-5252"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x55t-cux2-q3gw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100686?format=json","vulnerability_id":"VCID-xvjy-amhr-z3d8","summary":"Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2619.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2619.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2619","reference_id":"","reference_type":"","scores":[{"value":"0.47493","scoring_system":"epss","scoring_elements":"0.97756","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2619"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429472","reference_id":"1429472","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429472"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1039","reference_id":"CVE-2017-2619","reference_type":"exploit","scores":[],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1039"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/41740.txt","reference_id":"CVE-2017-2619","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/41740.txt"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1265","reference_id":"RHSA-2017:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2338","reference_id":"RHSA-2017:2338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2778","reference_id":"RHSA-2017:2778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2789","reference_id":"RHSA-2017:2789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2789"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4435?format=json","purl":"pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9"}],"aliases":["CVE-2017-2619"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xvjy-amhr-z3d8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100671?format=json","vulnerability_id":"VCID-yt92-mfwy-z7er","summary":"The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the \"client ldap sasl wrapping\" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2112.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2112.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2112","reference_id":"","reference_type":"","scores":[{"value":"0.16609","scoring_system":"epss","scoring_elements":"0.95043","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311903","reference_id":"1311903","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311903"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0611","reference_id":"RHSA-2016:0611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0612","reference_id":"RHSA-2016:0612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0613","reference_id":"RHSA-2016:0613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0614","reference_id":"RHSA-2016:0614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0618","reference_id":"RHSA-2016:0618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0619","reference_id":"RHSA-2016:0619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0620","reference_id":"RHSA-2016:0620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0620"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0624","reference_id":"RHSA-2016:0624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0624"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4432?format=json","purl":"pkg:deb/debian/samba@2:4.1.11%2Bdfsg-1~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-xvjy-amhr-z3d8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.1.11%252Bdfsg-1~bpo70%252B1"}],"aliases":["CVE-2016-2112"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yt92-mfwy-z7er"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100662?format=json","vulnerability_id":"VCID-zfyb-9wrs-eyfx","summary":"Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream, related to clidfs.c, libsmb_server.c, and smbXcli_base.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5296.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5296.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5296","reference_id":"","reference_type":"","scores":[{"value":"0.03652","scoring_system":"epss","scoring_elements":"0.88073","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1290292","reference_id":"1290292","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1290292"},{"reference_url":"https://security.gentoo.org/glsa/201612-47","reference_id":"GLSA-201612-47","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0006","reference_id":"RHSA-2016:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0010","reference_id":"RHSA-2016:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0011","reference_id":"RHSA-2016:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0015","reference_id":"RHSA-2016:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0016","reference_id":"RHSA-2016:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0016"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4431?format=json","purl":"pkg:deb/debian/samba@2:3.6.6-6%2Bdeb7u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1yzz-fu2r-rqgy"},{"vulnerability":"VCID-26vq-jj49-byez"},{"vulnerability":"VCID-35qh-y7xf-nkdn"},{"vulnerability":"VCID-3ddh-cm8f-nuf2"},{"vulnerability":"VCID-5tub-1spq-b7c7"},{"vulnerability":"VCID-688u-s2a3-8fha"},{"vulnerability":"VCID-8tyg-f73c-zuh3"},{"vulnerability":"VCID-8ztz-2n8a-gqbm"},{"vulnerability":"VCID-92g2-se8k-ybh5"},{"vulnerability":"VCID-94d3-5rgf-x3dh"},{"vulnerability":"VCID-apjj-ezss-a3hj"},{"vulnerability":"VCID-b9y4-s6nz-kkby"},{"vulnerability":"VCID-c99r-m2v5-zqa3"},{"vulnerability":"VCID-dtxj-7cam-x3g9"},{"vulnerability":"VCID-dzyk-akhc-t7d2"},{"vulnerability":"VCID-eaxm-5jgj-eqcg"},{"vulnerability":"VCID-egeg-4ds7-d3d1"},{"vulnerability":"VCID-enbr-g8ae-ubbc"},{"vulnerability":"VCID-jmm9-r3u7-zufe"},{"vulnerability":"VCID-jnby-fw2x-xyf4"},{"vulnerability":"VCID-kwqt-87ga-1bbn"},{"vulnerability":"VCID-m364-w7f6-aug7"},{"vulnerability":"VCID-m8f3-3jf6-2bdy"},{"vulnerability":"VCID-mxk6-6rwy-hfa3"},{"vulnerability":"VCID-n6xc-pvqq-9bgs"},{"vulnerability":"VCID-njb3-9hmh-s3cg"},{"vulnerability":"VCID-p4mk-1t9q-sbb3"},{"vulnerability":"VCID-qn5w-t24w-xye5"},{"vulnerability":"VCID-r7zv-4yyc-mqeu"},{"vulnerability":"VCID-sg5x-7v6b-ffgk"},{"vulnerability":"VCID-ssh4-ukvg-5fej"},{"vulnerability":"VCID-uwmy-xe5s-yubn"},{"vulnerability":"VCID-vedj-x1yz-3uec"},{"vulnerability":"VCID-vtne-we7s-tuet"},{"vulnerability":"VCID-xvjy-amhr-z3d8"},{"vulnerability":"VCID-yt92-mfwy-z7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:3.6.6-6%252Bdeb7u7"}],"aliases":["CVE-2015-5296"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zfyb-9wrs-eyfx"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2.2.3a-15"}