Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/samba@4.11.5-r0?arch=riscv64&distroversion=v3.22&reponame=main
Typeapk
Namespacealpine
Namesamba
Version4.11.5-r0
Qualifiers
arch riscv64
distroversion v3.22
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version4.12.2-r0
Latest_non_vulnerable_version4.21.9-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-2f2r-y1tw-pyeq
vulnerability_id VCID-2f2r-y1tw-pyeq
summary All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process(such as the RPC server) to terminate. (In the file server case, the most likely target, smbd, operates as process-per-client and so a crash there is harmless).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14907.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14907.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14907
reference_id
reference_type
scores
0
value 0.10242
scoring_system epss
scoring_elements 0.93286
published_at 2026-06-04T12:55:00Z
1
value 0.10242
scoring_system epss
scoring_elements 0.93298
published_at 2026-06-06T12:55:00Z
2
value 0.10242
scoring_system epss
scoring_elements 0.93302
published_at 2026-06-09T12:55:00Z
3
value 0.10242
scoring_system epss
scoring_elements 0.93296
published_at 2026-06-07T12:55:00Z
4
value 0.10242
scoring_system epss
scoring_elements 0.93294
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14907
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14907
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1791207
reference_id 1791207
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1791207
5
reference_url https://security.gentoo.org/glsa/202003-52
reference_id GLSA-202003-52
reference_type
scores
url https://security.gentoo.org/glsa/202003-52
6
reference_url https://access.redhat.com/errata/RHSA-2020:0943
reference_id RHSA-2020:0943
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0943
7
reference_url https://access.redhat.com/errata/RHSA-2020:1878
reference_id RHSA-2020:1878
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1878
8
reference_url https://access.redhat.com/errata/RHSA-2020:3981
reference_id RHSA-2020:3981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3981
9
reference_url https://usn.ubuntu.com/4244-1/
reference_id USN-4244-1
reference_type
scores
url https://usn.ubuntu.com/4244-1/
fixed_packages
0
url pkg:apk/alpine/samba@4.11.5-r0?arch=riscv64&distroversion=v3.22&reponame=main
purl pkg:apk/alpine/samba@4.11.5-r0?arch=riscv64&distroversion=v3.22&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.11.5-r0%3Farch=riscv64&distroversion=v3.22&reponame=main
aliases CVE-2019-14907
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2f2r-y1tw-pyeq
1
url VCID-rsz9-y661-qfce
vulnerability_id VCID-rsz9-y661-qfce
summary There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19344.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19344.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19344
reference_id
reference_type
scores
0
value 0.02193
scoring_system epss
scoring_elements 0.84704
published_at 2026-06-04T12:55:00Z
1
value 0.02193
scoring_system epss
scoring_elements 0.84728
published_at 2026-06-09T12:55:00Z
2
value 0.02193
scoring_system epss
scoring_elements 0.84714
published_at 2026-06-08T12:55:00Z
3
value 0.02193
scoring_system epss
scoring_elements 0.84732
published_at 2026-06-06T12:55:00Z
4
value 0.02193
scoring_system epss
scoring_elements 0.84726
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19344
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19344
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19344
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1791204
reference_id 1791204
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1791204
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950499
reference_id 950499
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950499
6
reference_url https://security.gentoo.org/glsa/202003-52
reference_id GLSA-202003-52
reference_type
scores
url https://security.gentoo.org/glsa/202003-52
7
reference_url https://usn.ubuntu.com/4244-1/
reference_id USN-4244-1
reference_type
scores
url https://usn.ubuntu.com/4244-1/
fixed_packages
0
url pkg:apk/alpine/samba@4.11.5-r0?arch=riscv64&distroversion=v3.22&reponame=main
purl pkg:apk/alpine/samba@4.11.5-r0?arch=riscv64&distroversion=v3.22&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.11.5-r0%3Farch=riscv64&distroversion=v3.22&reponame=main
aliases CVE-2019-19344
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rsz9-y661-qfce
2
url VCID-u4fr-s35u-8khu
vulnerability_id VCID-u4fr-s35u-8khu
summary There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14902.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14902.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14902
reference_id
reference_type
scores
0
value 0.03503
scoring_system epss
scoring_elements 0.87826
published_at 2026-06-04T12:55:00Z
1
value 0.03503
scoring_system epss
scoring_elements 0.87848
published_at 2026-06-05T12:55:00Z
2
value 0.03503
scoring_system epss
scoring_elements 0.87864
published_at 2026-06-09T12:55:00Z
3
value 0.03503
scoring_system epss
scoring_elements 0.8785
published_at 2026-06-07T12:55:00Z
4
value 0.03503
scoring_system epss
scoring_elements 0.87852
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14902
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14902
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1791201
reference_id 1791201
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1791201
5
reference_url https://security.gentoo.org/glsa/202003-52
reference_id GLSA-202003-52
reference_type
scores
url https://security.gentoo.org/glsa/202003-52
6
reference_url https://usn.ubuntu.com/4244-1/
reference_id USN-4244-1
reference_type
scores
url https://usn.ubuntu.com/4244-1/
fixed_packages
0
url pkg:apk/alpine/samba@4.11.5-r0?arch=riscv64&distroversion=v3.22&reponame=main
purl pkg:apk/alpine/samba@4.11.5-r0?arch=riscv64&distroversion=v3.22&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.11.5-r0%3Farch=riscv64&distroversion=v3.22&reponame=main
aliases CVE-2019-14902
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u4fr-s35u-8khu
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/samba@4.11.5-r0%3Farch=riscv64&distroversion=v3.22&reponame=main