Package Instance

reference_id

119678

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/

url

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2046146
reference_id	2046146
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2046146

reference_url

reference_id

AVG-2648

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin

reference_url

reference_id

cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/

url

https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin

reference_url

https://www.samba.org/samba/security/CVE-2021-44142.html

reference_id

CVE-2021-44142.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/

url

https://www.samba.org/samba/security/CVE-2021-44142.html

reference_url

reference_id

GLSA-202309-06

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/

url

reference_url	https://access.redhat.com/errata/RHSA-2022:0328
reference_id	RHSA-2022:0328
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0328

reference_url	https://access.redhat.com/errata/RHSA-2022:0329
reference_id	RHSA-2022:0329
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0329

reference_url	https://access.redhat.com/errata/RHSA-2022:0330
reference_id	RHSA-2022:0330
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0330

reference_url	https://access.redhat.com/errata/RHSA-2022:0331
reference_id	RHSA-2022:0331
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0331

reference_url	https://access.redhat.com/errata/RHSA-2022:0332
reference_id	RHSA-2022:0332
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0332

reference_url	https://access.redhat.com/errata/RHSA-2022:0457
reference_id	RHSA-2022:0457
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0457

reference_url	https://access.redhat.com/errata/RHSA-2022:0458
reference_id	RHSA-2022:0458
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0458

reference_url	https://access.redhat.com/errata/RHSA-2022:0663
reference_id	RHSA-2022:0663
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0663

reference_url	https://access.redhat.com/errata/RHSA-2022:0664
reference_id	RHSA-2022:0664
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0664

reference_url

reference_id

show_bug.cgi?id=14914

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14907.json

reference_url	https://usn.ubuntu.com/5260-1/
reference_id	USN-5260-1
reference_type
scores
url	https://usn.ubuntu.com/5260-1/

reference_url	https://usn.ubuntu.com/5260-2/
reference_id	USN-5260-2
reference_type
scores
url	https://usn.ubuntu.com/5260-2/

reference_url	https://usn.ubuntu.com/5260-3/
reference_id	USN-5260-3
reference_type
scores
url	https://usn.ubuntu.com/5260-3/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2021-44142

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1yzz-fu2r-rqgy

url VCID-2f2r-y1tw-pyeq

vulnerability_id VCID-2f2r-y1tw-pyeq

summary All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process(such as the RPC server) to terminate. (In the file server case, the most likely target, smbd, operates as process-per-client and so a crash there is harmless).

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14907.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14907

reference_id

reference_type

scores

value	0.10242
scoring_system	epss
scoring_elements	0.93286
published_at	2026-06-04T12:55:00Z

value	0.10242
scoring_system	epss
scoring_elements	0.93298
published_at	2026-06-06T12:55:00Z

value	0.10242
scoring_system	epss
scoring_elements	0.93302
published_at	2026-06-09T12:55:00Z

value	0.10242
scoring_system	epss
scoring_elements	0.93296
published_at	2026-06-07T12:55:00Z

value	0.10242
scoring_system	epss
scoring_elements	0.93294
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14907

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14907
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14907

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1791207
reference_id	1791207
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1791207

reference_url	https://security.gentoo.org/glsa/202003-52
reference_id	GLSA-202003-52
reference_type
scores
url	https://security.gentoo.org/glsa/202003-52

reference_url	https://access.redhat.com/errata/RHSA-2020:0943
reference_id	RHSA-2020:0943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0943

reference_url	https://access.redhat.com/errata/RHSA-2020:1878
reference_id	RHSA-2020:1878
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1878

reference_url	https://access.redhat.com/errata/RHSA-2020:3981
reference_id	RHSA-2020:3981
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3981

reference_url	https://usn.ubuntu.com/4244-1/
reference_id	USN-4244-1
reference_type
scores
url	https://usn.ubuntu.com/4244-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2019-14907

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2f2r-y1tw-pyeq

url VCID-5e5h-6dg4-ryd4

vulnerability_id VCID-5e5h-6dg4-ryd4

summary samba: infinite loop in mdssvc RPC service for spotlight

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34966.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34966.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-34966

reference_id

reference_type

scores

value	0.1431
scoring_system	epss
scoring_elements	0.94538
published_at	2026-06-05T12:55:00Z

value	0.1431
scoring_system	epss
scoring_elements	0.9454
published_at	2026-06-06T12:55:00Z

value	0.1431
scoring_system	epss
scoring_elements	0.94542
published_at	2026-06-08T12:55:00Z

value	0.1431
scoring_system	epss
scoring_elements	0.94547
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-34966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2222793
reference_id	2222793
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2222793

reference_url	https://security.gentoo.org/glsa/202402-28
reference_id	GLSA-202402-28
reference_type
scores
url	https://security.gentoo.org/glsa/202402-28

reference_url	https://access.redhat.com/errata/RHSA-2023:6667
reference_id	RHSA-2023:6667
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6667

reference_url	https://access.redhat.com/errata/RHSA-2023:7139
reference_id	RHSA-2023:7139
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7139

reference_url	https://access.redhat.com/errata/RHSA-2024:0423
reference_id	RHSA-2024:0423
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0423

reference_url	https://access.redhat.com/errata/RHSA-2024:0580
reference_id	RHSA-2024:0580
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0580

reference_url	https://access.redhat.com/errata/RHSA-2024:4101
reference_id	RHSA-2024:4101
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4101

reference_url	https://usn.ubuntu.com/6238-1/
reference_id	USN-6238-1
reference_type
scores
url	https://usn.ubuntu.com/6238-1/

reference_url	https://usn.ubuntu.com/7582-1/
reference_id	USN-7582-1
reference_type
scores
url	https://usn.ubuntu.com/7582-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2023-34966

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5e5h-6dg4-ryd4

url VCID-5tub-1spq-b7c7

vulnerability_id VCID-5tub-1spq-b7c7

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25719.json

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25719.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25719

reference_id

reference_type

scores

value	0.00213
scoring_system	epss
scoring_elements	0.43839
published_at	2026-06-04T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43868
published_at	2026-06-09T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43892
published_at	2026-06-07T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43857
published_at	2026-06-08T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43909
published_at	2026-06-05T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43917
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2019732
reference_id	2019732
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2019732

reference_url

reference_id

AVG-2538

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43566.json

reference_url	https://security.gentoo.org/glsa/202309-06
reference_id	GLSA-202309-06
reference_type
scores
url	https://security.gentoo.org/glsa/202309-06

reference_url	https://access.redhat.com/errata/RHSA-2021:5142
reference_id	RHSA-2021:5142
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5142

reference_url	https://access.redhat.com/errata/RHSA-2021:5195
reference_id	RHSA-2021:5195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5195

reference_url	https://access.redhat.com/errata/RHSA-2022:0007
reference_id	RHSA-2022:0007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0007

reference_url	https://access.redhat.com/errata/RHSA-2022:0076
reference_id	RHSA-2022:0076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0076

reference_url	https://usn.ubuntu.com/5142-1/
reference_id	USN-5142-1
reference_type
scores
url	https://usn.ubuntu.com/5142-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2020-25719

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5tub-1spq-b7c7

url VCID-76dk-atu1-ebbm

vulnerability_id VCID-76dk-atu1-ebbm

summary All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for this attack to succeed.

references

reference_url

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43566.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43566

reference_id

reference_type

scores

value	0.00361
scoring_system	epss
scoring_elements	0.5852
published_at	2026-06-04T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58568
published_at	2026-06-05T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58555
published_at	2026-06-08T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58577
published_at	2026-06-06T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58569
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43566

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43566
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43566

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004691
reference_id	1004691
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004691

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2009676
reference_id	2009676
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2009676

reference_url	https://usn.ubuntu.com/5260-1/
reference_id	USN-5260-1
reference_type
scores
url	https://usn.ubuntu.com/5260-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2021-43566

risk_score 1.1

exploitability 0.5

weighted_severity 2.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-76dk-atu1-ebbm

url VCID-7q6r-9cgn-5kfp

vulnerability_id VCID-7q6r-9cgn-5kfp

summary A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14318.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14318.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14318

reference_id

reference_type

scores

value	0.00157
scoring_system	epss
scoring_elements	0.36232
published_at	2026-06-04T12:55:00Z

value	0.00157
scoring_system	epss
scoring_elements	0.36273
published_at	2026-06-09T12:55:00Z

value	0.00157
scoring_system	epss
scoring_elements	0.36327
published_at	2026-06-05T12:55:00Z

value	0.00157
scoring_system	epss
scoring_elements	0.36336
published_at	2026-06-06T12:55:00Z

value	0.00157
scoring_system	epss
scoring_elements	0.36297
published_at	2026-06-07T12:55:00Z

value	0.00157
scoring_system	epss
scoring_elements	0.36261
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14318

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14318
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14318

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1892631

reference_id

1892631

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T14:56:23Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1892631

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973400
reference_id	973400
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973400

reference_url

https://www.samba.org/samba/security/CVE-2020-14318.html

reference_id

CVE-2020-14318.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T14:56:23Z/

url

https://www.samba.org/samba/security/CVE-2020-14318.html

reference_url

reference_id

GLSA-202012-24

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T14:56:23Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

reference_url

reference_id

msg00015.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T14:56:23Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

reference_url	https://access.redhat.com/errata/RHSA-2020:5439
reference_id	RHSA-2020:5439
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5439

reference_url	https://access.redhat.com/errata/RHSA-2021:1647
reference_id	RHSA-2021:1647
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1647

reference_url	https://access.redhat.com/errata/RHSA-2021:3723
reference_id	RHSA-2021:3723
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3723

reference_url	https://usn.ubuntu.com/4611-1/
reference_id	USN-4611-1
reference_type
scores
url	https://usn.ubuntu.com/4611-1/

reference_url	https://usn.ubuntu.com/4931-1/
reference_id	USN-4931-1
reference_type
scores
url	https://usn.ubuntu.com/4931-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2020-14318

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7q6r-9cgn-5kfp

url VCID-8yhb-ghew-b3bw

vulnerability_id VCID-8yhb-ghew-b3bw

summary samba: spotlight server-side share path disclosure

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34968.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34968.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-34968

reference_id

reference_type

scores

value	0.02345
scoring_system	epss
scoring_elements	0.85198
published_at	2026-06-05T12:55:00Z

value	0.02345
scoring_system	epss
scoring_elements	0.85203
published_at	2026-06-06T12:55:00Z

value	0.02345
scoring_system	epss
scoring_elements	0.85199
published_at	2026-06-09T12:55:00Z

value	0.02345
scoring_system	epss
scoring_elements	0.85197
published_at	2026-06-07T12:55:00Z

value	0.02345
scoring_system	epss
scoring_elements	0.85186
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-34968

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2222795
reference_id	2222795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2222795

reference_url	https://security.gentoo.org/glsa/202402-28
reference_id	GLSA-202402-28
reference_type
scores
url	https://security.gentoo.org/glsa/202402-28

reference_url	https://access.redhat.com/errata/RHSA-2023:6667
reference_id	RHSA-2023:6667
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6667

reference_url	https://access.redhat.com/errata/RHSA-2023:7139
reference_id	RHSA-2023:7139
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7139

reference_url	https://access.redhat.com/errata/RHSA-2024:0423
reference_id	RHSA-2024:0423
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0423

reference_url	https://access.redhat.com/errata/RHSA-2024:0580
reference_id	RHSA-2024:0580
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0580

reference_url	https://usn.ubuntu.com/6238-1/
reference_id	USN-6238-1
reference_type
scores
url	https://usn.ubuntu.com/6238-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2023-34968

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8yhb-ghew-b3bw

url VCID-8ztz-2n8a-gqbm

vulnerability_id VCID-8ztz-2n8a-gqbm

summary denial of service

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10730.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10730.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-10730

reference_id

reference_type

scores

value	0.03789
scoring_system	epss
scoring_elements	0.88279
published_at	2026-06-04T12:55:00Z

value	0.03789
scoring_system	epss
scoring_elements	0.88317
published_at	2026-06-09T12:55:00Z

value	0.03789
scoring_system	epss
scoring_elements	0.88301
published_at	2026-06-08T12:55:00Z

value	0.03789
scoring_system	epss
scoring_elements	0.883
published_at	2026-06-07T12:55:00Z

value	0.03789
scoring_system	epss
scoring_elements	0.88298
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-10730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1849489
reference_id	1849489
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1849489

reference_url

reference_id

AVG-1202

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20254.json

reference_url	https://security.gentoo.org/glsa/202007-15
reference_id	GLSA-202007-15
reference_type
scores
url	https://security.gentoo.org/glsa/202007-15

reference_url	https://access.redhat.com/errata/RHSA-2020:3118
reference_id	RHSA-2020:3118
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3118

reference_url	https://access.redhat.com/errata/RHSA-2020:3119
reference_id	RHSA-2020:3119
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3119

reference_url	https://access.redhat.com/errata/RHSA-2020:4568
reference_id	RHSA-2020:4568
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4568

reference_url	https://usn.ubuntu.com/4409-1/
reference_id	USN-4409-1
reference_type
scores
url	https://usn.ubuntu.com/4409-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2020-10730

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8ztz-2n8a-gqbm

url VCID-95dq-xd5m-judz

vulnerability_id VCID-95dq-xd5m-judz

summary A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity.

references

reference_url

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20254.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20254

reference_id

reference_type

scores

value	0.01764
scoring_system	epss
scoring_elements	0.82989
published_at	2026-06-07T12:55:00Z

value	0.01764
scoring_system	epss
scoring_elements	0.82981
published_at	2026-06-08T12:55:00Z

value	0.01764
scoring_system	epss
scoring_elements	0.82966
published_at	2026-06-04T12:55:00Z

value	0.01764
scoring_system	epss
scoring_elements	0.82993
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20254

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20254
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20254

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1949442
reference_id	1949442
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1949442

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987811
reference_id	987811
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987811

reference_url

https://security.archlinux.org/AVG-1893

reference_id

AVG-1893

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1893

reference_url	https://security.gentoo.org/glsa/202105-22
reference_id	GLSA-202105-22
reference_type
scores
url	https://security.gentoo.org/glsa/202105-22

reference_url	https://access.redhat.com/errata/RHSA-2021:2313
reference_id	RHSA-2021:2313
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2313

reference_url	https://access.redhat.com/errata/RHSA-2021:3723
reference_id	RHSA-2021:3723
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3723

reference_url	https://access.redhat.com/errata/RHSA-2021:3724
reference_id	RHSA-2021:3724
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3724

reference_url	https://access.redhat.com/errata/RHSA-2021:3988
reference_id	RHSA-2021:3988
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3988

reference_url	https://access.redhat.com/errata/RHSA-2021:4058
reference_id	RHSA-2021:4058
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4058

reference_url	https://access.redhat.com/errata/RHSA-2021:4866
reference_id	RHSA-2021:4866
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4866

reference_url	https://usn.ubuntu.com/4930-1/
reference_id	USN-4930-1
reference_type
scores
url	https://usn.ubuntu.com/4930-1/

reference_url	https://usn.ubuntu.com/4931-1/
reference_id	USN-4931-1
reference_type
scores
url	https://usn.ubuntu.com/4931-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2021-20254

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-95dq-xd5m-judz

url VCID-9bk5-pgap-1khn

vulnerability_id VCID-9bk5-pgap-1khn

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32744.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32744.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-32744

reference_id

reference_type

scores

value	0.00516
scoring_system	epss
scoring_elements	0.67016
published_at	2026-06-04T12:55:00Z

value	0.00516
scoring_system	epss
scoring_elements	0.67034
published_at	2026-06-08T12:55:00Z

value	0.00516
scoring_system	epss
scoring_elements	0.67066
published_at	2026-06-06T12:55:00Z

value	0.00516
scoring_system	epss
scoring_elements	0.6705
published_at	2026-06-09T12:55:00Z

value	0.00516
scoring_system	epss
scoring_elements	0.67057
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-32744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449
reference_id	1016449
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2108205
reference_id	2108205
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2108205

reference_url

reference_id

AVG-2782

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32746.json

reference_url	https://security.gentoo.org/glsa/202309-06
reference_id	GLSA-202309-06
reference_type
scores
url	https://security.gentoo.org/glsa/202309-06

reference_url	https://usn.ubuntu.com/5542-1/
reference_id	USN-5542-1
reference_type
scores
url	https://usn.ubuntu.com/5542-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2022-32744

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9bk5-pgap-1khn

url VCID-aza7-wkqb-m7h1

vulnerability_id VCID-aza7-wkqb-m7h1

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32746.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-32746

reference_id

reference_type

scores

value	0.00368
scoring_system	epss
scoring_elements	0.58992
published_at	2026-06-04T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.59021
published_at	2026-06-08T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.59045
published_at	2026-06-06T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.59037
published_at	2026-06-09T12:55:00Z

value	0.00368
scoring_system	epss
scoring_elements	0.5904
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-32746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449
reference_id	1016449
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2108215
reference_id	2108215
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2108215

reference_url

reference_id

AVG-2782

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3671.json

reference_url	https://security.gentoo.org/glsa/202309-06
reference_id	GLSA-202309-06
reference_type
scores
url	https://security.gentoo.org/glsa/202309-06

reference_url	https://access.redhat.com/errata/RHSA-2022:7730
reference_id	RHSA-2022:7730
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7730

reference_url	https://access.redhat.com/errata/RHSA-2022:8318
reference_id	RHSA-2022:8318
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8318

reference_url	https://usn.ubuntu.com/5542-1/
reference_id	USN-5542-1
reference_type
scores
url	https://usn.ubuntu.com/5542-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2022-32746

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aza7-wkqb-m7h1

url VCID-b843-h976-aqhr

vulnerability_id VCID-b843-h976-aqhr

summary A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3671.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3671

reference_id

reference_type

scores

value	0.05139
scoring_system	epss
scoring_elements	0.90036
published_at	2026-06-04T12:55:00Z

value	0.05139
scoring_system	epss
scoring_elements	0.90062
published_at	2026-06-09T12:55:00Z

value	0.05139
scoring_system	epss
scoring_elements	0.90048
published_at	2026-06-07T12:55:00Z

value	0.05139
scoring_system	epss
scoring_elements	0.90047
published_at	2026-06-08T12:55:00Z

value	0.05139
scoring_system	epss
scoring_elements	0.90051
published_at	2026-06-05T12:55:00Z

value	0.05139
scoring_system	epss
scoring_elements	0.9005
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3671

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2013080
reference_id	2013080
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2013080

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996586
reference_id	996586
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996586

reference_url

https://security.archlinux.org/AVG-2418

reference_id

AVG-2418

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2418

reference_url	https://usn.ubuntu.com/5142-1/
reference_id	USN-5142-1
reference_type
scores
url	https://usn.ubuntu.com/5142-1/

reference_url	https://usn.ubuntu.com/5174-1/
reference_id	USN-5174-1
reference_type
scores
url	https://usn.ubuntu.com/5174-1/

reference_url	https://usn.ubuntu.com/5675-1/
reference_id	USN-5675-1
reference_type
scores
url	https://usn.ubuntu.com/5675-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2021-3671

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b843-h976-aqhr

url VCID-bykg-wucu-duay

vulnerability_id VCID-bykg-wucu-duay

summary A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for password complexity. This configuration can fail to verify password complexity when non-ASCII characters are used in the password, which could lead to weak passwords being set for samba users, making it vulnerable to dictionary attacks.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14833.json

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14833.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14833

reference_id

reference_type

scores

value	0.01267
scoring_system	epss
scoring_elements	0.79803
published_at	2026-06-04T12:55:00Z

value	0.01267
scoring_system	epss
scoring_elements	0.79837
published_at	2026-06-09T12:55:00Z

value	0.01267
scoring_system	epss
scoring_elements	0.79829
published_at	2026-06-07T12:55:00Z

value	0.01267
scoring_system	epss
scoring_elements	0.79818
published_at	2026-06-08T12:55:00Z

value	0.01267
scoring_system	epss
scoring_elements	0.79828
published_at	2026-06-05T12:55:00Z

value	0.01267
scoring_system	epss
scoring_elements	0.79834
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14833

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14833
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14833

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1764126
reference_id	1764126
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1764126

reference_url	https://security.archlinux.org/ASA-201911-6
reference_id	ASA-201911-6
reference_type
scores
url	https://security.archlinux.org/ASA-201911-6

reference_url

reference_id

AVG-1057

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14847.json

reference_url	https://usn.ubuntu.com/4167-1/
reference_id	USN-4167-1
reference_type
scores
url	https://usn.ubuntu.com/4167-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2019-14833

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bykg-wucu-duay

url VCID-d4jx-h2cx-kbf3

vulnerability_id VCID-d4jx-h2cx-kbf3

summary A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue.

references

reference_url

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14847.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14847

reference_id

reference_type

scores

value	0.02434
scoring_system	epss
scoring_elements	0.85437
published_at	2026-06-04T12:55:00Z

value	0.02434
scoring_system	epss
scoring_elements	0.85446
published_at	2026-06-08T12:55:00Z

value	0.02434
scoring_system	epss
scoring_elements	0.85465
published_at	2026-06-06T12:55:00Z

value	0.02434
scoring_system	epss
scoring_elements	0.8546
published_at	2026-06-07T12:55:00Z

value	0.02434
scoring_system	epss
scoring_elements	0.85461
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14847

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14847
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14847

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1764142
reference_id	1764142
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1764142

reference_url	https://security.archlinux.org/ASA-201911-6
reference_id	ASA-201911-6
reference_type
scores
url	https://security.archlinux.org/ASA-201911-6

reference_url

reference_id

AVG-1057

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2124.json

reference_url	https://usn.ubuntu.com/4167-1/
reference_id	USN-4167-1
reference_type
scores
url	https://usn.ubuntu.com/4167-1/

reference_url	https://usn.ubuntu.com/4167-2/
reference_id	USN-4167-2
reference_type
scores
url	https://usn.ubuntu.com/4167-2/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2019-14847

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d4jx-h2cx-kbf3

url VCID-dzyk-akhc-t7d2

vulnerability_id VCID-dzyk-akhc-t7d2

summary silent downgrade

references

reference_url

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2124.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2124

reference_id

reference_type

scores

value	0.00699
scoring_system	epss
scoring_elements	0.72361
published_at	2026-06-04T12:55:00Z

value	0.00699
scoring_system	epss
scoring_elements	0.72399
published_at	2026-06-09T12:55:00Z

value	0.00699
scoring_system	epss
scoring_elements	0.72408
published_at	2026-06-06T12:55:00Z

value	0.00699
scoring_system	epss
scoring_elements	0.72388
published_at	2026-06-07T12:55:00Z

value	0.00699
scoring_system	epss
scoring_elements	0.72374
published_at	2026-06-08T12:55:00Z

value	0.00699
scoring_system	epss
scoring_elements	0.72402
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2124

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.9
scoring_system	cvssv2
scoring_elements	AV:A/AC:M/Au:N/C:P/I:N/A:N

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2019660
reference_id	2019660
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2019660

reference_url

https://security.archlinux.org/AVG-2539

reference_id

AVG-2539

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2539

reference_url	https://security.gentoo.org/glsa/202309-06
reference_id	GLSA-202309-06
reference_type
scores
url	https://security.gentoo.org/glsa/202309-06

reference_url	https://access.redhat.com/errata/RHSA-2021:4843
reference_id	RHSA-2021:4843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4843

reference_url	https://access.redhat.com/errata/RHSA-2021:4844
reference_id	RHSA-2021:4844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4844

reference_url	https://access.redhat.com/errata/RHSA-2021:5082
reference_id	RHSA-2021:5082
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5082

reference_url	https://access.redhat.com/errata/RHSA-2021:5192
reference_id	RHSA-2021:5192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5192

reference_url	https://access.redhat.com/errata/RHSA-2022:0008
reference_id	RHSA-2022:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0008

reference_url	https://access.redhat.com/errata/RHSA-2022:0074
reference_id	RHSA-2022:0074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0074

reference_url	https://usn.ubuntu.com/5142-1/
reference_id	USN-5142-1
reference_type
scores
url	https://usn.ubuntu.com/5142-1/

reference_url	https://usn.ubuntu.com/5174-1/
reference_id	USN-5174-1
reference_type
scores
url	https://usn.ubuntu.com/5174-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2016-2124

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dzyk-akhc-t7d2

url VCID-f93g-v8t6-wyf3

vulnerability_id VCID-f93g-v8t6-wyf3

summary samba: type confusion in mdssvc RPC service for spotlight

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34967.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34967.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-34967

reference_id

reference_type

scores

value	0.19204
scoring_system	epss
scoring_elements	0.95485
published_at	2026-06-05T12:55:00Z

value	0.19204
scoring_system	epss
scoring_elements	0.95488
published_at	2026-06-06T12:55:00Z

value	0.19204
scoring_system	epss
scoring_elements	0.9549
published_at	2026-06-08T12:55:00Z

value	0.19204
scoring_system	epss
scoring_elements	0.95494
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-34967

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2222794
reference_id	2222794
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2222794

reference_url	https://security.gentoo.org/glsa/202402-28
reference_id	GLSA-202402-28
reference_type
scores
url	https://security.gentoo.org/glsa/202402-28

reference_url	https://access.redhat.com/errata/RHSA-2023:6667
reference_id	RHSA-2023:6667
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6667

reference_url	https://access.redhat.com/errata/RHSA-2023:7139
reference_id	RHSA-2023:7139
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7139

reference_url	https://access.redhat.com/errata/RHSA-2024:0423
reference_id	RHSA-2024:0423
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0423

reference_url	https://access.redhat.com/errata/RHSA-2024:0580
reference_id	RHSA-2024:0580
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0580

reference_url	https://usn.ubuntu.com/6238-1/
reference_id	USN-6238-1
reference_type
scores
url	https://usn.ubuntu.com/6238-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2023-34967

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f93g-v8t6-wyf3

url VCID-gg9p-kzw8-23bq

vulnerability_id VCID-gg9p-kzw8-23bq

summary A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10218.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10218.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10218

reference_id

reference_type

scores

value	0.04508
scoring_system	epss
scoring_elements	0.89325
published_at	2026-06-04T12:55:00Z

value	0.04508
scoring_system	epss
scoring_elements	0.89361
published_at	2026-06-09T12:55:00Z

value	0.04508
scoring_system	epss
scoring_elements	0.89345
published_at	2026-06-06T12:55:00Z

value	0.04508
scoring_system	epss
scoring_elements	0.89344
published_at	2026-06-08T12:55:00Z

value	0.04508
scoring_system	epss
scoring_elements	0.89343
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10218

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10218
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10218

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1763137
reference_id	1763137
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1763137

reference_url	https://security.archlinux.org/ASA-201911-6
reference_id	ASA-201911-6
reference_type
scores
url	https://security.archlinux.org/ASA-201911-6

reference_url

reference_id

AVG-1057

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32745.json

reference_url	https://access.redhat.com/errata/RHSA-2020:0943
reference_id	RHSA-2020:0943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0943

reference_url	https://access.redhat.com/errata/RHSA-2020:1084
reference_id	RHSA-2020:1084
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1084

reference_url	https://access.redhat.com/errata/RHSA-2020:1878
reference_id	RHSA-2020:1878
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1878

reference_url	https://usn.ubuntu.com/4167-1/
reference_id	USN-4167-1
reference_type
scores
url	https://usn.ubuntu.com/4167-1/

reference_url	https://usn.ubuntu.com/4167-2/
reference_id	USN-4167-2
reference_type
scores
url	https://usn.ubuntu.com/4167-2/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2019-10218

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gg9p-kzw8-23bq

url VCID-hkb3-h17f-bbfc

vulnerability_id VCID-hkb3-h17f-bbfc

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32745.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-32745

reference_id

reference_type

scores

value	0.00461
scoring_system	epss
scoring_elements	0.6449
published_at	2026-06-04T12:55:00Z

value	0.00461
scoring_system	epss
scoring_elements	0.6454
published_at	2026-06-09T12:55:00Z

value	0.00461
scoring_system	epss
scoring_elements	0.64531
published_at	2026-06-07T12:55:00Z

value	0.00461
scoring_system	epss
scoring_elements	0.64521
published_at	2026-06-08T12:55:00Z

value	0.00461
scoring_system	epss
scoring_elements	0.64534
published_at	2026-06-05T12:55:00Z

value	0.00461
scoring_system	epss
scoring_elements	0.64543
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-32745

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449
reference_id	1016449
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2108211
reference_id	2108211
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2108211

reference_url

reference_id

AVG-2782

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10700.json

reference_url	https://security.gentoo.org/glsa/202309-06
reference_id	GLSA-202309-06
reference_type
scores
url	https://security.gentoo.org/glsa/202309-06

reference_url	https://usn.ubuntu.com/5542-1/
reference_id	USN-5542-1
reference_type
scores
url	https://usn.ubuntu.com/5542-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2022-32745

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hkb3-h17f-bbfc

url VCID-ksss-h1p9-mbaz

vulnerability_id VCID-ksss-h1p9-mbaz

summary A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10700.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-10700

reference_id

reference_type

scores

value	0.02857
scoring_system	epss
scoring_elements	0.86515
published_at	2026-06-04T12:55:00Z

value	0.02857
scoring_system	epss
scoring_elements	0.86538
published_at	2026-06-06T12:55:00Z

value	0.02857
scoring_system	epss
scoring_elements	0.86535
published_at	2026-06-09T12:55:00Z

value	0.02857
scoring_system	epss
scoring_elements	0.86533
published_at	2026-06-07T12:55:00Z

value	0.02857
scoring_system	epss
scoring_elements	0.86522
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-10700

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1825731
reference_id	1825731
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1825731

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960189
reference_id	960189
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960189

reference_url	https://security.gentoo.org/glsa/202007-15
reference_id	GLSA-202007-15
reference_type
scores
url	https://security.gentoo.org/glsa/202007-15

reference_url	https://usn.ubuntu.com/4341-1/
reference_id	USN-4341-1
reference_type
scores
url	https://usn.ubuntu.com/4341-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2020-10700

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ksss-h1p9-mbaz

url VCID-kwqt-87ga-1bbn

vulnerability_id VCID-kwqt-87ga-1bbn

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25722.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25722.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25722

reference_id

reference_type

scores

value	0.00411
scoring_system	epss
scoring_elements	0.61724
published_at	2026-06-04T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61772
published_at	2026-06-09T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.6177
published_at	2026-06-07T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61755
published_at	2026-06-08T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61773
published_at	2026-06-05T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61781
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2019764
reference_id	2019764
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2019764

reference_url

reference_id

AVG-2538

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14323.json

reference_url	https://security.gentoo.org/glsa/202309-06
reference_id	GLSA-202309-06
reference_type
scores
url	https://security.gentoo.org/glsa/202309-06

reference_url	https://usn.ubuntu.com/5142-1/
reference_id	USN-5142-1
reference_type
scores
url	https://usn.ubuntu.com/5142-1/

reference_url	https://usn.ubuntu.com/5174-1/
reference_id	USN-5174-1
reference_type
scores
url	https://usn.ubuntu.com/5174-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2020-25722

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kwqt-87ga-1bbn

url VCID-m1qp-m1d3-nbgw

vulnerability_id VCID-m1qp-m1d3-nbgw

summary A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.

references

reference_url

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14323.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14323

reference_id

reference_type

scores

value	0.00421
scoring_system	epss
scoring_elements	0.62404
published_at	2026-06-09T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.6236
published_at	2026-06-04T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62406
published_at	2026-06-05T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62414
published_at	2026-06-06T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62405
published_at	2026-06-07T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.6239
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14323

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14323
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14323

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1891685

reference_id

1891685

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1891685

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973399
reference_id	973399
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973399

reference_url

https://www.samba.org/samba/security/CVE-2020-14323.html

reference_id

CVE-2020-14323.html

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

https://www.samba.org/samba/security/CVE-2020-14323.html

reference_url

reference_id

GLSA-202012-24

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JE2M4FE3N3EDXVG4UKSVFPL7SQUGFFDP/

reference_url

reference_id

JE2M4FE3N3EDXVG4UKSVFPL7SQUGFFDP

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JE2M4FE3N3EDXVG4UKSVFPL7SQUGFFDP/

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00008.html

reference_id

msg00008.html

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00008.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00012.html

reference_id

msg00012.html

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00012.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

reference_url

https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html

reference_id

msg00041.html

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html

reference_url

https://security.netapp.com/advisory/ntap-20201103-0001/

reference_id

ntap-20201103-0001

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

https://security.netapp.com/advisory/ntap-20201103-0001/

reference_url	https://access.redhat.com/errata/RHSA-2020:5439
reference_id	RHSA-2020:5439
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5439

reference_url	https://access.redhat.com/errata/RHSA-2021:1647
reference_id	RHSA-2021:1647
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1647

reference_url	https://access.redhat.com/errata/RHSA-2021:3723
reference_id	RHSA-2021:3723
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3723

reference_url	https://usn.ubuntu.com/4611-1/
reference_id	USN-4611-1
reference_type
scores
url	https://usn.ubuntu.com/4611-1/

reference_url	https://usn.ubuntu.com/4931-1/
reference_id	USN-4931-1
reference_type
scores
url	https://usn.ubuntu.com/4931-1/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6HM73N4NEGFW5GIJJGGP6ZZBS6GTXPB/

reference_id

W6HM73N4NEGFW5GIJJGGP6ZZBS6GTXPB

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:46:57Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6HM73N4NEGFW5GIJJGGP6ZZBS6GTXPB/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2020-14323

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m1qp-m1d3-nbgw

url VCID-m8f3-3jf6-2bdy

vulnerability_id VCID-m8f3-3jf6-2bdy

summary denial of service

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10760.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10760.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-10760

reference_id

reference_type

scores

value	0.02353
scoring_system	epss
scoring_elements	0.85198
published_at	2026-06-04T12:55:00Z

value	0.02353
scoring_system	epss
scoring_elements	0.85224
published_at	2026-06-09T12:55:00Z

value	0.02353
scoring_system	epss
scoring_elements	0.85222
published_at	2026-06-07T12:55:00Z

value	0.02353
scoring_system	epss
scoring_elements	0.85211
published_at	2026-06-08T12:55:00Z

value	0.02353
scoring_system	epss
scoring_elements	0.85223
published_at	2026-06-05T12:55:00Z

value	0.02353
scoring_system	epss
scoring_elements	0.85228
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-10760

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10760
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10760

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1849509
reference_id	1849509
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1849509

reference_url

reference_id

AVG-1202

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14303.json

reference_url	https://security.gentoo.org/glsa/202007-15
reference_id	GLSA-202007-15
reference_type
scores
url	https://security.gentoo.org/glsa/202007-15

reference_url	https://usn.ubuntu.com/4409-1/
reference_id	USN-4409-1
reference_type
scores
url	https://usn.ubuntu.com/4409-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2020-10760

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m8f3-3jf6-2bdy

url VCID-mxk6-6rwy-hfa3

vulnerability_id VCID-mxk6-6rwy-hfa3

summary denial of service

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14303.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14303

reference_id

reference_type

scores

value	0.26364
scoring_system	epss
scoring_elements	0.96413
published_at	2026-06-04T12:55:00Z

value	0.26364
scoring_system	epss
scoring_elements	0.96428
published_at	2026-06-09T12:55:00Z

value	0.26364
scoring_system	epss
scoring_elements	0.96421
published_at	2026-06-06T12:55:00Z

value	0.26364
scoring_system	epss
scoring_elements	0.96422
published_at	2026-06-08T12:55:00Z

value	0.26364
scoring_system	epss
scoring_elements	0.96418
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14303

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1851298
reference_id	1851298
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1851298

reference_url

reference_id

AVG-1202

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3437.json

reference_url	https://security.gentoo.org/glsa/202007-15
reference_id	GLSA-202007-15
reference_type
scores
url	https://security.gentoo.org/glsa/202007-15

reference_url	https://usn.ubuntu.com/4454-1/
reference_id	USN-4454-1
reference_type
scores
url	https://usn.ubuntu.com/4454-1/

reference_url	https://usn.ubuntu.com/4454-2/
reference_id	USN-4454-2
reference_type
scores
url	https://usn.ubuntu.com/4454-2/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2020-14303

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mxk6-6rwy-hfa3

url VCID-np9m-wq3n-j7cq

vulnerability_id VCID-np9m-wq3n-j7cq

summary

references

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3437.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-3437

reference_id

reference_type

scores

value	0.00727
scoring_system	epss
scoring_elements	0.73031
published_at	2026-06-06T12:55:00Z

value	0.00727
scoring_system	epss
scoring_elements	0.72987
published_at	2026-06-04T12:55:00Z

value	0.00727
scoring_system	epss
scoring_elements	0.73002
published_at	2026-06-08T12:55:00Z

value	0.00727
scoring_system	epss
scoring_elements	0.73014
published_at	2026-06-07T12:55:00Z

value	0.00727
scoring_system	epss
scoring_elements	0.73025
published_at	2026-06-05T12:55:00Z

value	0.00727
scoring_system	epss
scoring_elements	0.73026
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-3437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

http://www.openwall.com/lists/oss-security/2023/02/08/1

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/

url

http://www.openwall.com/lists/oss-security/2023/02/08/1

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187
reference_id	1024187
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2137774

reference_id

2137774

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2137774

reference_url

https://security.archlinux.org/AVG-2828

reference_id

AVG-2828

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2828

reference_url

https://access.redhat.com/security/cve/CVE-2022-3437

reference_id

CVE-2022-3437

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/

url

https://access.redhat.com/security/cve/CVE-2022-3437

reference_url

https://www.samba.org/samba/security/CVE-2022-3437.html

reference_id

CVE-2022-3437.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/

url

https://www.samba.org/samba/security/CVE-2022-3437.html

reference_url

reference_id

GLSA-202309-06

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/

url

https://security.gentoo.org/glsa/202310-06

reference_url

reference_id

GLSA-202310-06

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/

url

https://security.gentoo.org/glsa/202310-06

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

reference_url

https://security.netapp.com/advisory/ntap-20230216-0008/

reference_id

ntap-20230216-0008

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:53:20Z/

url

https://security.netapp.com/advisory/ntap-20230216-0008/

reference_url	https://usn.ubuntu.com/5800-1/
reference_id	USN-5800-1
reference_type
scores
url	https://usn.ubuntu.com/5800-1/

reference_url	https://usn.ubuntu.com/5822-1/
reference_id	USN-5822-1
reference_type
scores
url	https://usn.ubuntu.com/5822-1/

reference_url	https://usn.ubuntu.com/5936-1/
reference_id	USN-5936-1
reference_type
scores
url	https://usn.ubuntu.com/5936-1/

reference_url	https://usn.ubuntu.com/7582-1/
reference_id	USN-7582-1
reference_type
scores
url	https://usn.ubuntu.com/7582-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2022-3437

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-np9m-wq3n-j7cq

url VCID-prhs-c1gk-97hj

vulnerability_id VCID-prhs-c1gk-97hj

summary An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels. For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020). When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1472.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1472.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1472

reference_id

reference_type

scores

value	0.9438
scoring_system	epss
scoring_elements	0.9997
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1472

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1472
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1472

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1879822
reference_id	1879822
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1879822

reference_url

http://www.openwall.com/lists/oss-security/2020/09/17/2

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/

url

http://www.openwall.com/lists/oss-security/2020/09/17/2

reference_url

https://usn.ubuntu.com/4510-1/

reference_id

4510-1

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/

url

https://usn.ubuntu.com/4510-1/

reference_url

https://usn.ubuntu.com/4510-2/

reference_id

4510-2

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/

url

https://usn.ubuntu.com/4510-2/

reference_url

https://usn.ubuntu.com/4559-1/

reference_id

4559-1

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/

url

https://usn.ubuntu.com/4559-1/

reference_url

https://www.kb.cert.org/vuls/id/490028

reference_id

490028

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/

url

https://www.kb.cert.org/vuls/id/490028

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971048
reference_id	971048
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971048

reference_url	https://security.archlinux.org/ASA-202009-17
reference_id	ASA-202009-17
reference_type
scores
url	https://security.archlinux.org/ASA-202009-17

reference_url

https://security.archlinux.org/AVG-1236

reference_id

AVG-1236

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1236

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_1903::::::::
reference_id	cpe:2.3:o:microsoft:windows_server_1903::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_1903::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_1909::::::::
reference_id	cpe:2.3:o:microsoft:windows_server_1909::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_1909::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2004::::::::
reference_id	cpe:2.3:o:microsoft:windows_server_2004::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2004::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2008_R2:::::::x64:*
reference_id	cpe:2.3:o:microsoft:windows_server_2008_R2:::::::x64:*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2008_R2:::::::x64:*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012_R2:::::::x64:*
reference_id	cpe:2.3:o:microsoft:windows_server_2012_R2:::::::x64:*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012_R2:::::::x64:*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012:::::::x64:*
reference_id	cpe:2.3:o:microsoft:windows_server_2012:::::::x64:*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012:::::::x64:*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2016::::::::
reference_id	cpe:2.3:o:microsoft:windows_server_2016::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2016::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2019::::::::
reference_id	cpe:2.3:o:microsoft:windows_server_2019::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2019::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_20H2::::::::
reference_id	cpe:2.3:o:microsoft:windows_server_20H2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_20H2::::::::

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/49071.py
reference_id	CVE-2020-1472
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/49071.py

reference_url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472

reference_id

CVE-2020-1472

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/

url

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472

reference_url

reference_id

GLSA-202012-24

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/

reference_url

reference_id

H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/

reference_url

https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html

reference_id

msg00041.html

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/

url

https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00080.html

reference_id

msg00080.html

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/

url

http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00080.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00086.html

reference_id

msg00086.html

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/

url

http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00086.html

reference_url	https://access.redhat.com/errata/RHSA-2020:5439
reference_id	RHSA-2020:5439
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5439

reference_url	https://access.redhat.com/errata/RHSA-2021:1647
reference_id	RHSA-2021:1647
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1647

reference_url	https://access.redhat.com/errata/RHSA-2021:3723
reference_id	RHSA-2021:3723
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3723

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/

reference_id

ST6X3A2XXYMGD4INR26DQ4FP4QSM753B

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/

reference_url

https://www.synology.com/security/advisory/Synology_SA_20_21

reference_id

Synology_SA_20_21

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/

url

https://www.synology.com/security/advisory/Synology_SA_20_21

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/

reference_id

TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/

reference_url

http://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html

reference_id

Zerologon-Netlogon-Privilege-Escalation.html

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/

url

http://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html

reference_url

http://packetstormsecurity.com/files/159190/Zerologon-Proof-Of-Concept.html

reference_id

Zerologon-Proof-Of-Concept.html

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-01-30T18:45:11Z/

url

http://packetstormsecurity.com/files/159190/Zerologon-Proof-Of-Concept.html

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2020-1472

risk_score 10.0

exploitability 2.0

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-prhs-c1gk-97hj

url VCID-pzrp-6xtn-37db

vulnerability_id VCID-pzrp-6xtn-37db

summary samba: vfs_streams_xattr uninitialized memory write possible

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9640.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9640.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-9640

reference_id

reference_type

scores

value	0.00084
scoring_system	epss
scoring_elements	0.24445
published_at	2026-06-09T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24559
published_at	2026-06-05T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24549
published_at	2026-06-06T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24494
published_at	2026-06-07T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24436
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-9640

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9640
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9640

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2391698

reference_id

2391698

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:06:54Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2391698

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-9640

reference_id

CVE-2025-9640

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:06:54Z/

url

https://access.redhat.com/security/cve/CVE-2025-9640

reference_url

https://www.samba.org/samba/history/security.html

reference_id

security.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:06:54Z/

url

https://www.samba.org/samba/history/security.html

reference_url	https://usn.ubuntu.com/7826-1/
reference_id	USN-7826-1
reference_type
scores
url	https://usn.ubuntu.com/7826-1/

reference_url	https://usn.ubuntu.com/7826-2/
reference_id	USN-7826-2
reference_type
scores
url	https://usn.ubuntu.com/7826-2/

fixed_packages

url	pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u2
purl	pkg:deb/debian/samba@2:4.17.12%2Bdfsg-0%2Bdeb12u2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.17.12%252Bdfsg-0%252Bdeb12u2

aliases CVE-2025-9640

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pzrp-6xtn-37db

url VCID-q5hu-u9th-33e7

vulnerability_id VCID-q5hu-u9th-33e7

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32742.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32742.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-32742

reference_id

reference_type

scores

value	0.00574
scoring_system	epss
scoring_elements	0.691
published_at	2026-06-04T12:55:00Z

value	0.00574
scoring_system	epss
scoring_elements	0.6914
published_at	2026-06-05T12:55:00Z

value	0.00574
scoring_system	epss
scoring_elements	0.69127
published_at	2026-06-08T12:55:00Z

value	0.00574
scoring_system	epss
scoring_elements	0.69143
published_at	2026-06-07T12:55:00Z

value	0.00574
scoring_system	epss
scoring_elements	0.6915
published_at	2026-06-06T12:55:00Z

value	0.00574
scoring_system	epss
scoring_elements	0.69147
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-32742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449
reference_id	1016449
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2108196
reference_id	2108196
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2108196

reference_url

reference_id

AVG-2782

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://www.samba.org/samba/security/CVE-2022-32742.html

reference_url

reference_id

CVE-2022-32742.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T19:44:06Z/

url

https://www.samba.org/samba/security/CVE-2022-32742.html

reference_url

reference_id

GLSA-202309-06

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T19:44:06Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

reference_url

reference_id

msg00015.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T19:44:06Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

reference_url	https://access.redhat.com/errata/RHSA-2022:7056
reference_id	RHSA-2022:7056
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7056

reference_url	https://access.redhat.com/errata/RHSA-2022:7111
reference_id	RHSA-2022:7111
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7111

reference_url	https://access.redhat.com/errata/RHSA-2022:8317
reference_id	RHSA-2022:8317
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8317

reference_url	https://usn.ubuntu.com/5542-1/
reference_id	USN-5542-1
reference_type
scores
url	https://usn.ubuntu.com/5542-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2022-32742

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q5hu-u9th-33e7

url VCID-qn5w-t24w-xye5

vulnerability_id VCID-qn5w-t24w-xye5

summary denial of service

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10745.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10745.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-10745

reference_id

reference_type

scores

value	0.19658
scoring_system	epss
scoring_elements	0.95539
published_at	2026-06-04T12:55:00Z

value	0.19658
scoring_system	epss
scoring_elements	0.95557
published_at	2026-06-09T12:55:00Z

value	0.19658
scoring_system	epss
scoring_elements	0.95552
published_at	2026-06-07T12:55:00Z

value	0.19658
scoring_system	epss
scoring_elements	0.95553
published_at	2026-06-08T12:55:00Z

value	0.19658
scoring_system	epss
scoring_elements	0.95547
published_at	2026-06-05T12:55:00Z

value	0.19658
scoring_system	epss
scoring_elements	0.9555
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-10745

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10745
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10745

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1849491
reference_id	1849491
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1849491

reference_url

reference_id

AVG-1202

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23192.json

reference_url	https://security.gentoo.org/glsa/202007-15
reference_id	GLSA-202007-15
reference_type
scores
url	https://security.gentoo.org/glsa/202007-15

reference_url	https://usn.ubuntu.com/4409-1/
reference_id	USN-4409-1
reference_type
scores
url	https://usn.ubuntu.com/4409-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2020-10745

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qn5w-t24w-xye5

url VCID-qsns-qxxn-1ygq

vulnerability_id VCID-qsns-qxxn-1ygq

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23192.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-23192

reference_id

reference_type

scores

value	0.00106
scoring_system	epss
scoring_elements	0.28206
published_at	2026-06-04T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28147
published_at	2026-06-09T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28186
published_at	2026-06-07T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28143
published_at	2026-06-08T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28278
published_at	2026-06-05T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28228
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-23192

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2019666
reference_id	2019666
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2019666

reference_url

reference_id

AVG-2538

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4091.json

reference_url	https://security.gentoo.org/glsa/202309-06
reference_id	GLSA-202309-06
reference_type
scores
url	https://security.gentoo.org/glsa/202309-06

reference_url	https://access.redhat.com/errata/RHSA-2021:4843
reference_id	RHSA-2021:4843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4843

reference_url	https://access.redhat.com/errata/RHSA-2021:5082
reference_id	RHSA-2021:5082
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5082

reference_url	https://access.redhat.com/errata/RHSA-2022:0008
reference_id	RHSA-2022:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0008

reference_url	https://usn.ubuntu.com/5142-1/
reference_id	USN-5142-1
reference_type
scores
url	https://usn.ubuntu.com/5142-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2021-23192

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qsns-qxxn-1ygq

url VCID-qtcs-hz4a-97fy

vulnerability_id VCID-qtcs-hz4a-97fy

summary samba: SMB clients can truncate files with read-only permissions

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4091.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4091

reference_id

reference_type

scores

value	0.00438
scoring_system	epss
scoring_elements	0.63488
published_at	2026-06-07T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63495
published_at	2026-06-09T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63476
published_at	2026-06-08T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.6349
published_at	2026-06-05T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63497
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2241882

reference_id

2241882

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2241882

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id	cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
reference_id	cpe:/a:redhat:enterprise_linux:9::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::resilientstorage
reference_id	cpe:/a:redhat:enterprise_linux:9::resilientstorage
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::resilientstorage

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_eus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb
reference_id	cpe:/a:redhat:rhel_eus:8.6::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream
reference_id	cpe:/a:redhat:rhel_eus:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb
reference_id	cpe:/a:redhat:rhel_eus:8.8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb
reference_id	cpe:/a:redhat:rhel_eus:9.0::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::resilientstorage
reference_id	cpe:/a:redhat:rhel_eus:9.0::resilientstorage
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::resilientstorage

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb
reference_id	cpe:/a:redhat:rhel_eus:9.2::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::resilientstorage
reference_id	cpe:/a:redhat:rhel_eus:9.2::resilientstorage
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::resilientstorage

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:storage:3
reference_id	cpe:/a:redhat:storage:3
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:storage:3

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_eus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_eus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.0::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8
reference_id	cpe:/o:redhat:rhev_hypervisor:4.4::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8

reference_url

https://access.redhat.com/security/cve/CVE-2023-4091

reference_id

CVE-2023-4091

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/

url

https://access.redhat.com/security/cve/CVE-2023-4091

reference_url

https://www.samba.org/samba/security/CVE-2023-4091.html

reference_id

CVE-2023-4091.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/

url

https://www.samba.org/samba/security/CVE-2023-4091.html

reference_url	https://security.gentoo.org/glsa/202402-28
reference_id	GLSA-202402-28
reference_type
scores
url	https://security.gentoo.org/glsa/202402-28

reference_url

https://access.redhat.com/errata/RHSA-2023:6209

reference_id

RHSA-2023:6209

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/

url

https://access.redhat.com/errata/RHSA-2023:6209

reference_url

https://access.redhat.com/errata/RHSA-2023:6744

reference_id

RHSA-2023:6744

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/

url

https://access.redhat.com/errata/RHSA-2023:6744

reference_url

https://access.redhat.com/errata/RHSA-2023:7371

reference_id

RHSA-2023:7371

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/

url

https://access.redhat.com/errata/RHSA-2023:7371

reference_url

https://access.redhat.com/errata/RHSA-2023:7408

reference_id

RHSA-2023:7408

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/

url

https://access.redhat.com/errata/RHSA-2023:7408

reference_url

https://access.redhat.com/errata/RHSA-2023:7464

reference_id

RHSA-2023:7464

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/

url

https://access.redhat.com/errata/RHSA-2023:7464

reference_url

https://access.redhat.com/errata/RHSA-2023:7467

reference_id

RHSA-2023:7467

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/

url

https://access.redhat.com/errata/RHSA-2023:7467

reference_url

https://bugzilla.samba.org/show_bug.cgi?id=15439

reference_id

show_bug.cgi?id=15439

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T16:18:12Z/

url

https://bugzilla.samba.org/show_bug.cgi?id=15439

reference_url	https://usn.ubuntu.com/6425-1/
reference_id	USN-6425-1
reference_type
scores
url	https://usn.ubuntu.com/6425-1/

reference_url	https://usn.ubuntu.com/6425-3/
reference_id	USN-6425-3
reference_type
scores
url	https://usn.ubuntu.com/6425-3/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2023-4091

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qtcs-hz4a-97fy

url VCID-r3n1-q8uv-cfbb

vulnerability_id VCID-r3n1-q8uv-cfbb

summary All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authentication, by forcing all tickets for these clients to be non-forwardable. In AD this is implemented by a user attribute delegation_not_allowed (aka not-delegated), which translates to disallow-forwardable. However the Samba AD DC does not do that for S4U2Self and does set the forwardable flag even if the impersonated client has the not-delegated flag set.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14870.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14870.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14870

reference_id

reference_type

scores

value	0.04669
scoring_system	epss
scoring_elements	0.89506
published_at	2026-06-04T12:55:00Z

value	0.04669
scoring_system	epss
scoring_elements	0.89525
published_at	2026-06-08T12:55:00Z

value	0.04669
scoring_system	epss
scoring_elements	0.89541
published_at	2026-06-09T12:55:00Z

value	0.04669
scoring_system	epss
scoring_elements	0.89524
published_at	2026-06-06T12:55:00Z

value	0.04669
scoring_system	epss
scoring_elements	0.89523
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14870

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14870
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14870

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1778589
reference_id	1778589
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1778589

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946786
reference_id	946786
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946786

reference_url	https://security.gentoo.org/glsa/202003-52
reference_id	GLSA-202003-52
reference_type
scores
url	https://security.gentoo.org/glsa/202003-52

reference_url	https://security.gentoo.org/glsa/202310-06
reference_id	GLSA-202310-06
reference_type
scores
url	https://security.gentoo.org/glsa/202310-06

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2019-14870

risk_score 2.5

exploitability 0.5

weighted_severity 4.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r3n1-q8uv-cfbb

url VCID-r7zv-4yyc-mqeu

vulnerability_id VCID-r7zv-4yyc-mqeu

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25717.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25717.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25717

reference_id

reference_type

scores

value	0.00517
scoring_system	epss
scoring_elements	0.67053
published_at	2026-06-04T12:55:00Z

value	0.00517
scoring_system	epss
scoring_elements	0.67085
published_at	2026-06-09T12:55:00Z

value	0.00517
scoring_system	epss
scoring_elements	0.67087
published_at	2026-06-07T12:55:00Z

value	0.00517
scoring_system	epss
scoring_elements	0.67069
published_at	2026-06-08T12:55:00Z

value	0.00517
scoring_system	epss
scoring_elements	0.67094
published_at	2026-06-05T12:55:00Z

value	0.00517
scoring_system	epss
scoring_elements	0.67102
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25717

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2019672
reference_id	2019672
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2019672

reference_url

reference_id

AVG-2538

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3738.json

reference_url	https://security.gentoo.org/glsa/202309-06
reference_id	GLSA-202309-06
reference_type
scores
url	https://security.gentoo.org/glsa/202309-06

reference_url	https://access.redhat.com/errata/RHSA-2021:4843
reference_id	RHSA-2021:4843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4843

reference_url	https://access.redhat.com/errata/RHSA-2021:4844
reference_id	RHSA-2021:4844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4844

reference_url	https://access.redhat.com/errata/RHSA-2021:5082
reference_id	RHSA-2021:5082
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5082

reference_url	https://access.redhat.com/errata/RHSA-2021:5192
reference_id	RHSA-2021:5192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5192

reference_url	https://access.redhat.com/errata/RHSA-2022:0008
reference_id	RHSA-2022:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0008

reference_url	https://access.redhat.com/errata/RHSA-2022:0074
reference_id	RHSA-2022:0074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0074

reference_url	https://access.redhat.com/errata/RHSA-2022:0133
reference_id	RHSA-2022:0133
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0133

reference_url	https://access.redhat.com/errata/RHSA-2022:0443
reference_id	RHSA-2022:0443
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0443

reference_url	https://usn.ubuntu.com/5142-1/
reference_id	USN-5142-1
reference_type
scores
url	https://usn.ubuntu.com/5142-1/

reference_url	https://usn.ubuntu.com/5174-1/
reference_id	USN-5174-1
reference_type
scores
url	https://usn.ubuntu.com/5174-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2020-25717

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r7zv-4yyc-mqeu

url VCID-rmda-jcc9-2bam

vulnerability_id VCID-rmda-jcc9-2bam

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3738.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3738

reference_id

reference_type

scores

value	0.00401
scoring_system	epss
scoring_elements	0.61092
published_at	2026-06-04T12:55:00Z

value	0.00401
scoring_system	epss
scoring_elements	0.61137
published_at	2026-06-09T12:55:00Z

value	0.00401
scoring_system	epss
scoring_elements	0.61136
published_at	2026-06-07T12:55:00Z

value	0.00401
scoring_system	epss
scoring_elements	0.61118
published_at	2026-06-08T12:55:00Z

value	0.00401
scoring_system	epss
scoring_elements	0.61141
published_at	2026-06-05T12:55:00Z

value	0.00401
scoring_system	epss
scoring_elements	0.61148
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3738

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2021726
reference_id	2021726
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2021726

reference_url

reference_id

AVG-2538

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19344.json

reference_url	https://security.gentoo.org/glsa/202309-06
reference_id	GLSA-202309-06
reference_type
scores
url	https://security.gentoo.org/glsa/202309-06

reference_url	https://usn.ubuntu.com/5142-1/
reference_id	USN-5142-1
reference_type
scores
url	https://usn.ubuntu.com/5142-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2021-3738

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rmda-jcc9-2bam

url VCID-rsz9-y661-qfce

vulnerability_id VCID-rsz9-y661-qfce

summary There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19344.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-19344

reference_id

reference_type

scores

value	0.02193
scoring_system	epss
scoring_elements	0.84704
published_at	2026-06-04T12:55:00Z

value	0.02193
scoring_system	epss
scoring_elements	0.84728
published_at	2026-06-09T12:55:00Z

value	0.02193
scoring_system	epss
scoring_elements	0.84714
published_at	2026-06-08T12:55:00Z

value	0.02193
scoring_system	epss
scoring_elements	0.84732
published_at	2026-06-06T12:55:00Z

value	0.02193
scoring_system	epss
scoring_elements	0.84726
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-19344

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19344
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19344

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1791204
reference_id	1791204
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1791204

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950499
reference_id	950499
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950499

reference_url	https://security.gentoo.org/glsa/202003-52
reference_id	GLSA-202003-52
reference_type
scores
url	https://security.gentoo.org/glsa/202003-52

reference_url	https://usn.ubuntu.com/4244-1/
reference_id	USN-4244-1
reference_type
scores
url	https://usn.ubuntu.com/4244-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2019-19344

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rsz9-y661-qfce

url VCID-ss54-ft8h-rufv

vulnerability_id VCID-ss54-ft8h-rufv

summary A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10197.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10197.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10197

reference_id

reference_type

scores

value	0.0479
scoring_system	epss
scoring_elements	0.89662
published_at	2026-06-04T12:55:00Z

value	0.0479
scoring_system	epss
scoring_elements	0.89679
published_at	2026-06-07T12:55:00Z

value	0.0479
scoring_system	epss
scoring_elements	0.8968
published_at	2026-06-08T12:55:00Z

value	0.0479
scoring_system	epss
scoring_elements	0.89696
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10197

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1746225
reference_id	1746225
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1746225

reference_url	https://security.gentoo.org/glsa/202003-52
reference_id	GLSA-202003-52
reference_type
scores
url	https://security.gentoo.org/glsa/202003-52

reference_url	https://access.redhat.com/errata/RHSA-2019:3253
reference_id	RHSA-2019:3253
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3253

reference_url	https://access.redhat.com/errata/RHSA-2019:4023
reference_id	RHSA-2019:4023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:4023

reference_url	https://access.redhat.com/errata/RHSA-2020:1084
reference_id	RHSA-2020:1084
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1084

reference_url	https://access.redhat.com/errata/RHSA-2020:1878
reference_id	RHSA-2020:1878
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1878

reference_url	https://usn.ubuntu.com/4121-1/
reference_id	USN-4121-1
reference_type
scores
url	https://usn.ubuntu.com/4121-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2019-10197

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ss54-ft8h-rufv

url VCID-ssh4-ukvg-5fej

vulnerability_id VCID-ssh4-ukvg-5fej

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25721.json

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25721.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25721

reference_id

reference_type

scores

value	0.00366
scoring_system	epss
scoring_elements	0.58908
published_at	2026-06-04T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58951
published_at	2026-06-09T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58952
published_at	2026-06-07T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58936
published_at	2026-06-08T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58954
published_at	2026-06-05T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.5896
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2021728
reference_id	2021728
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2021728

reference_url

reference_id

AVG-2538

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14383.json

reference_url	https://security.gentoo.org/glsa/202309-06
reference_id	GLSA-202309-06
reference_type
scores
url	https://security.gentoo.org/glsa/202309-06

reference_url	https://usn.ubuntu.com/5142-1/
reference_id	USN-5142-1
reference_type
scores
url	https://usn.ubuntu.com/5142-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2020-25721

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ssh4-ukvg-5fej

url VCID-t35b-ur7m-vqeu

vulnerability_id VCID-t35b-ur7m-vqeu

summary A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate, but many RPC services will not.

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14383.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14383

reference_id

reference_type

scores

value	0.00465
scoring_system	epss
scoring_elements	0.64688
published_at	2026-06-04T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64735
published_at	2026-06-09T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64729
published_at	2026-06-05T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64738
published_at	2026-06-06T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64727
published_at	2026-06-07T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64716
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14383

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1892636

reference_id

1892636

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:10:17Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1892636

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973398
reference_id	973398
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973398

reference_url

https://www.samba.org/samba/security/CVE-2020-14383.html

reference_id

CVE-2020-14383.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:10:17Z/

url

https://www.samba.org/samba/security/CVE-2020-14383.html

reference_url

reference_id

GLSA-202012-24

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:10:17Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

reference_url

reference_id

msg00015.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T15:10:17Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html

reference_url	https://usn.ubuntu.com/4611-1/
reference_id	USN-4611-1
reference_type
scores
url	https://usn.ubuntu.com/4611-1/

reference_url	https://usn.ubuntu.com/4931-1/
reference_id	USN-4931-1
reference_type
scores
url	https://usn.ubuntu.com/4931-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2020-14383

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t35b-ur7m-vqeu

url VCID-u4fr-s35u-8khu

vulnerability_id VCID-u4fr-s35u-8khu

summary There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14902.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14902.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14902

reference_id

reference_type

scores

value	0.03503
scoring_system	epss
scoring_elements	0.87826
published_at	2026-06-04T12:55:00Z

value	0.03503
scoring_system	epss
scoring_elements	0.87848
published_at	2026-06-05T12:55:00Z

value	0.03503
scoring_system	epss
scoring_elements	0.87864
published_at	2026-06-09T12:55:00Z

value	0.03503
scoring_system	epss
scoring_elements	0.8785
published_at	2026-06-07T12:55:00Z

value	0.03503
scoring_system	epss
scoring_elements	0.87852
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14902

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14902
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14902

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1791201
reference_id	1791201
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1791201

reference_url	https://security.gentoo.org/glsa/202003-52
reference_id	GLSA-202003-52
reference_type
scores
url	https://security.gentoo.org/glsa/202003-52

reference_url	https://usn.ubuntu.com/4244-1/
reference_id	USN-4244-1
reference_type
scores
url	https://usn.ubuntu.com/4244-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2019-14902

risk_score 2.5

exploitability 0.5

weighted_severity 4.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u4fr-s35u-8khu

url VCID-uwmy-xe5s-yubn

vulnerability_id VCID-uwmy-xe5s-yubn

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25718.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25718.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25718

reference_id

reference_type

scores

value	0.00198
scoring_system	epss
scoring_elements	0.41646
published_at	2026-06-04T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41673
published_at	2026-06-09T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41698
published_at	2026-06-07T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41665
published_at	2026-06-08T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41721
published_at	2026-06-05T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41728
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2019726
reference_id	2019726
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2019726

reference_url

reference_id

AVG-2538

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2127.json

reference_url	https://security.gentoo.org/glsa/202309-06
reference_id	GLSA-202309-06
reference_type
scores
url	https://security.gentoo.org/glsa/202309-06

reference_url	https://usn.ubuntu.com/5142-1/
reference_id	USN-5142-1
reference_type
scores
url	https://usn.ubuntu.com/5142-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2020-25718

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uwmy-xe5s-yubn

url VCID-uyuw-v56z-93ez

vulnerability_id VCID-uyuw-v56z-93ez

summary samba: out-of-bounds read in winbind AUTH_CRAP

references

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2127.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-2127

reference_id

reference_type

scores

value	0.01225
scoring_system	epss
scoring_elements	0.79467
published_at	2026-06-04T12:55:00Z

value	0.01225
scoring_system	epss
scoring_elements	0.79493
published_at	2026-06-07T12:55:00Z

value	0.01225
scoring_system	epss
scoring_elements	0.79494
published_at	2026-06-05T12:55:00Z

value	0.01225
scoring_system	epss
scoring_elements	0.795
published_at	2026-06-06T12:55:00Z

value	0.01225
scoring_system	epss
scoring_elements	0.79501
published_at	2026-06-09T12:55:00Z

value	0.01225
scoring_system	epss
scoring_elements	0.79483
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-2127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34967

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34968

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4091

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2222791

reference_id

2222791

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:21:45Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2222791

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id	cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
reference_id	cpe:/a:redhat:enterprise_linux:9::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::resilientstorage
reference_id	cpe:/a:redhat:enterprise_linux:9::resilientstorage
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::resilientstorage

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_eus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb
reference_id	cpe:/a:redhat:rhel_eus:8.6::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream
reference_id	cpe:/a:redhat:rhel_eus:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb
reference_id	cpe:/a:redhat:rhel_eus:8.8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:storage:3
reference_id	cpe:/a:redhat:storage:3
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:storage:3

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_eus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_eus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8
reference_id	cpe:/o:redhat:rhev_hypervisor:4.4::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8

reference_url

https://access.redhat.com/security/cve/CVE-2022-2127

reference_id

CVE-2022-2127

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:21:45Z/

url

https://access.redhat.com/security/cve/CVE-2022-2127

reference_url

https://www.samba.org/samba/security/CVE-2022-2127.html

reference_id

CVE-2022-2127.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:21:45Z/

url

https://www.samba.org/samba/security/CVE-2022-2127.html

reference_url	https://security.gentoo.org/glsa/202402-28
reference_id	GLSA-202402-28
reference_type
scores
url	https://security.gentoo.org/glsa/202402-28

reference_url

https://access.redhat.com/errata/RHSA-2023:6667

reference_id

RHSA-2023:6667

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:21:45Z/

url

https://access.redhat.com/errata/RHSA-2023:6667

reference_url

https://access.redhat.com/errata/RHSA-2023:7139

reference_id

RHSA-2023:7139

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:21:45Z/

url

https://access.redhat.com/errata/RHSA-2023:7139

reference_url

https://access.redhat.com/errata/RHSA-2024:0423

reference_id

RHSA-2024:0423

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:21:45Z/

url

https://access.redhat.com/errata/RHSA-2024:0423

reference_url

https://access.redhat.com/errata/RHSA-2024:0580

reference_id

RHSA-2024:0580

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:21:45Z/

url

https://access.redhat.com/errata/RHSA-2024:0580

reference_url	https://usn.ubuntu.com/6238-1/
reference_id	USN-6238-1
reference_type
scores
url	https://usn.ubuntu.com/6238-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2022-2127

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uyuw-v56z-93ez

url VCID-vrxh-bq3q-xudq

vulnerability_id VCID-vrxh-bq3q-xudq

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2031.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2031.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-2031

reference_id

reference_type

scores

value	0.00351
scoring_system	epss
scoring_elements	0.57804
published_at	2026-06-04T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57859
published_at	2026-06-09T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57855
published_at	2026-06-07T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57842
published_at	2026-06-08T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57857
published_at	2026-06-05T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57866
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-2031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449
reference_id	1016449
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2094789
reference_id	2094789
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2094789

reference_url

reference_id

AVG-2782

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10704.json

reference_url	https://security.gentoo.org/glsa/202309-06
reference_id	GLSA-202309-06
reference_type
scores
url	https://security.gentoo.org/glsa/202309-06

reference_url	https://usn.ubuntu.com/5542-1/
reference_id	USN-5542-1
reference_type
scores
url	https://usn.ubuntu.com/5542-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2022-2031

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vrxh-bq3q-xudq

url VCID-wc26-trz1-u7fv

vulnerability_id VCID-wc26-trz1-u7fv

summary A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10704.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-10704

reference_id

reference_type

scores

value	0.14522
scoring_system	epss
scoring_elements	0.94579
published_at	2026-06-04T12:55:00Z

value	0.14522
scoring_system	epss
scoring_elements	0.94588
published_at	2026-06-05T12:55:00Z

value	0.14522
scoring_system	epss
scoring_elements	0.94589
published_at	2026-06-06T12:55:00Z

value	0.14522
scoring_system	epss
scoring_elements	0.9459
published_at	2026-06-07T12:55:00Z

value	0.14522
scoring_system	epss
scoring_elements	0.94591
published_at	2026-06-08T12:55:00Z

value	0.14522
scoring_system	epss
scoring_elements	0.94597
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-10704

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1825734
reference_id	1825734
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1825734

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960188
reference_id	960188
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960188

reference_url	https://security.gentoo.org/glsa/202007-15
reference_id	GLSA-202007-15
reference_type
scores
url	https://security.gentoo.org/glsa/202007-15

reference_url	https://usn.ubuntu.com/4341-1/
reference_id	USN-4341-1
reference_type
scores
url	https://usn.ubuntu.com/4341-1/

reference_url	https://usn.ubuntu.com/4341-2/
reference_id	USN-4341-2
reference_type
scores
url	https://usn.ubuntu.com/4341-2/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2020-10704

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wc26-trz1-u7fv

url VCID-y3rv-fdkr-qyd2

vulnerability_id VCID-y3rv-fdkr-qyd2

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0336.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0336.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-0336

reference_id

reference_type

scores

value	0.00382
scoring_system	epss
scoring_elements	0.59871
published_at	2026-06-04T12:55:00Z

value	0.00382
scoring_system	epss
scoring_elements	0.59895
published_at	2026-06-08T12:55:00Z

value	0.00382
scoring_system	epss
scoring_elements	0.59923
published_at	2026-06-06T12:55:00Z

value	0.00382
scoring_system	epss
scoring_elements	0.59913
published_at	2026-06-09T12:55:00Z

value	0.00382
scoring_system	epss
scoring_elements	0.5992
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0336

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0336
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0336

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004694
reference_id	1004694
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004694

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2046134
reference_id	2046134
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2046134

reference_url

reference_id

AVG-2648

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14861.json

reference_url	https://security.gentoo.org/glsa/202309-06
reference_id	GLSA-202309-06
reference_type
scores
url	https://security.gentoo.org/glsa/202309-06

reference_url	https://usn.ubuntu.com/5260-1/
reference_id	USN-5260-1
reference_type
scores
url	https://usn.ubuntu.com/5260-1/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2022-0336

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y3rv-fdkr-qyd2

url VCID-ytdy-akzb-a7e1

vulnerability_id VCID-ytdy-akzb-a7e1

summary All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default permissions on the DNS partition allow creation of new records by authenticated users. This is used for example to allow machines to self-register in DNS. If a DNS record was created that case-insensitively matched the name of the zone, the ldb_qsort() and dns_name_compare() routines could be confused into reading memory prior to the list of DNS entries when responding to DnssrvEnumRecords() or DnssrvEnumRecords2() and so following invalid memory as a pointer.

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14861.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14861

reference_id

reference_type

scores

value	0.04997
scoring_system	epss
scoring_elements	0.8991
published_at	2026-06-09T12:55:00Z

value	0.04997
scoring_system	epss
scoring_elements	0.89881
published_at	2026-06-04T12:55:00Z

value	0.04997
scoring_system	epss
scoring_elements	0.89897
published_at	2026-06-05T12:55:00Z

value	0.04997
scoring_system	epss
scoring_elements	0.89898
published_at	2026-06-06T12:55:00Z

value	0.04997
scoring_system	epss
scoring_elements	0.89895
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14861

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1778586
reference_id	1778586
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1778586

reference_url

http://www.openwall.com/lists/oss-security/2024/06/24/3

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/

url

http://www.openwall.com/lists/oss-security/2024/06/24/3

reference_url

https://usn.ubuntu.com/4217-1/

reference_id

4217-1

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/

url

https://usn.ubuntu.com/4217-1/

reference_url

https://usn.ubuntu.com/4217-2/

reference_id

4217-2

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/

url

https://usn.ubuntu.com/4217-2/

reference_url

https://www.samba.org/samba/security/CVE-2019-14861.html

reference_id

CVE-2019-14861.html

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/

url

https://www.samba.org/samba/security/CVE-2019-14861.html

reference_url

https://security.gentoo.org/glsa/202003-52

reference_id

GLSA-202003-52

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/

url

https://security.gentoo.org/glsa/202003-52

reference_url

https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html

reference_id

msg00023.html

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/

url

https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00038.html

reference_id

msg00038.html

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/

url

http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00038.html

reference_url

https://security.netapp.com/advisory/ntap-20191210-0002/

reference_id

ntap-20191210-0002

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/

url

https://security.netapp.com/advisory/ntap-20191210-0002/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PJH3ROOFYMOATD2UEPC47P5RPBDTY77E/

reference_id

PJH3ROOFYMOATD2UEPC47P5RPBDTY77E

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PJH3ROOFYMOATD2UEPC47P5RPBDTY77E/

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14861

reference_id

show_bug.cgi?id=CVE-2019-14861

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14861

reference_url

https://www.synology.com/security/advisory/Synology_SA_19_40

reference_id

Synology_SA_19_40

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/

url

https://www.synology.com/security/advisory/Synology_SA_19_40

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNKA4YIPV7AZR7KK3GW6L3HKGHSGJZFE/

reference_id

WNKA4YIPV7AZR7KK3GW6L3HKGHSGJZFE

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T15:36:30Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNKA4YIPV7AZR7KK3GW6L3HKGHSGJZFE/

fixed_packages

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2019-14861

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ytdy-akzb-a7e1

Fixing_vulnerabilities

url VCID-1drk-e3vx-wbe8

vulnerability_id VCID-1drk-e3vx-wbe8

summary A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1139.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1139.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1139

reference_id

reference_type

scores

value	0.0162
scoring_system	epss
scoring_elements	0.82164
published_at	2026-06-04T12:55:00Z

value	0.0162
scoring_system	epss
scoring_elements	0.82193
published_at	2026-06-05T12:55:00Z

value	0.0162
scoring_system	epss
scoring_elements	0.82195
published_at	2026-06-06T12:55:00Z

value	0.0162
scoring_system	epss
scoring_elements	0.82196
published_at	2026-06-07T12:55:00Z

value	0.0162
scoring_system	epss
scoring_elements	0.8219
published_at	2026-06-08T12:55:00Z

value	0.0162
scoring_system	epss
scoring_elements	0.82204
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1139

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1139
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1139

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1589651
reference_id	1589651
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1589651

reference_url	https://security.gentoo.org/glsa/202003-52
reference_id	GLSA-202003-52
reference_type
scores
url	https://security.gentoo.org/glsa/202003-52

reference_url	https://access.redhat.com/errata/RHSA-2018:2612
reference_id	RHSA-2018:2612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2612

reference_url	https://access.redhat.com/errata/RHSA-2018:2613
reference_id	RHSA-2018:2613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2613

reference_url	https://access.redhat.com/errata/RHSA-2018:3056
reference_id	RHSA-2018:3056
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3056

reference_url	https://usn.ubuntu.com/3738-1/
reference_id	USN-3738-1
reference_type
scores
url	https://usn.ubuntu.com/3738-1/

fixed_packages

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2018-1139

risk_score 2.5

exploitability 0.5

weighted_severity 4.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1drk-e3vx-wbe8

url VCID-1yzz-fu2r-rqgy

vulnerability_id VCID-1yzz-fu2r-rqgy

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44142.json

reference_id

reference_type

scores

value	9.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44142.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-44142

reference_id

reference_type

scores

value	0.35695
scoring_system	epss
scoring_elements	0.97161
published_at	2026-06-04T12:55:00Z

value	0.35695
scoring_system	epss
scoring_elements	0.97167
published_at	2026-06-06T12:55:00Z

value	0.35695
scoring_system	epss
scoring_elements	0.9717
published_at	2026-06-09T12:55:00Z

value	0.35695
scoring_system	epss
scoring_elements	0.97169
published_at	2026-06-08T12:55:00Z

value	0.35695
scoring_system	epss
scoring_elements	0.97168
published_at	2026-06-07T12:55:00Z

value	0.35695
scoring_system	epss
scoring_elements	0.97165
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-44142

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004693
reference_id	1004693
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004693

reference_url

reference_id

119678

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/

url

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2046146
reference_id	2046146
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2046146

reference_url

reference_id

AVG-2648

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin

reference_url

reference_id

cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/

url

https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin

reference_url

https://www.samba.org/samba/security/CVE-2021-44142.html

reference_id

CVE-2021-44142.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/

url

https://www.samba.org/samba/security/CVE-2021-44142.html

reference_url

reference_id

GLSA-202309-06

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/

url

reference_url	https://access.redhat.com/errata/RHSA-2022:0328
reference_id	RHSA-2022:0328
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0328

reference_url	https://access.redhat.com/errata/RHSA-2022:0329
reference_id	RHSA-2022:0329
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0329

reference_url	https://access.redhat.com/errata/RHSA-2022:0330
reference_id	RHSA-2022:0330
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0330

reference_url	https://access.redhat.com/errata/RHSA-2022:0331
reference_id	RHSA-2022:0331
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0331

reference_url	https://access.redhat.com/errata/RHSA-2022:0332
reference_id	RHSA-2022:0332
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0332

reference_url	https://access.redhat.com/errata/RHSA-2022:0457
reference_id	RHSA-2022:0457
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0457

reference_url	https://access.redhat.com/errata/RHSA-2022:0458
reference_id	RHSA-2022:0458
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0458

reference_url	https://access.redhat.com/errata/RHSA-2022:0663
reference_id	RHSA-2022:0663
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0663

reference_url	https://access.redhat.com/errata/RHSA-2022:0664
reference_id	RHSA-2022:0664
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0664

reference_url

reference_id

show_bug.cgi?id=14914

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:30:59Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16841.json

reference_url	https://usn.ubuntu.com/5260-1/
reference_id	USN-5260-1
reference_type
scores
url	https://usn.ubuntu.com/5260-1/

reference_url	https://usn.ubuntu.com/5260-2/
reference_id	USN-5260-2
reference_type
scores
url	https://usn.ubuntu.com/5260-2/

reference_url	https://usn.ubuntu.com/5260-3/
reference_id	USN-5260-3
reference_type
scores
url	https://usn.ubuntu.com/5260-3/

fixed_packages

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2021-44142

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1yzz-fu2r-rqgy

url VCID-26vq-jj49-byez

vulnerability_id VCID-26vq-jj49-byez

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16841.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16841

reference_id

reference_type

scores

value	0.09452
scoring_system	epss
scoring_elements	0.92965
published_at	2026-06-04T12:55:00Z

value	0.09452
scoring_system	epss
scoring_elements	0.92976
published_at	2026-06-09T12:55:00Z

value	0.09452
scoring_system	epss
scoring_elements	0.92968
published_at	2026-06-07T12:55:00Z

value	0.09452
scoring_system	epss
scoring_elements	0.92966
published_at	2026-06-08T12:55:00Z

value	0.09452
scoring_system	epss
scoring_elements	0.92975
published_at	2026-06-05T12:55:00Z

value	0.09452
scoring_system	epss
scoring_elements	0.92972
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1642545
reference_id	1642545
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1642545

reference_url	https://security.archlinux.org/ASA-201811-22
reference_id	ASA-201811-22
reference_type
scores
url	https://security.archlinux.org/ASA-201811-22

reference_url

reference_id

AVG-823

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16851.json

reference_url	https://security.gentoo.org/glsa/202003-52
reference_id	GLSA-202003-52
reference_type
scores
url	https://security.gentoo.org/glsa/202003-52

reference_url	https://usn.ubuntu.com/3827-1/
reference_id	USN-3827-1
reference_type
scores
url	https://usn.ubuntu.com/3827-1/

reference_url	https://usn.ubuntu.com/3827-2/
reference_id	USN-3827-2
reference_type
scores
url	https://usn.ubuntu.com/3827-2/

fixed_packages

url pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

purl pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2018-16841

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-26vq-jj49-byez

url VCID-35qh-y7xf-nkdn

vulnerability_id VCID-35qh-y7xf-nkdn

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16851.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16851

reference_id

reference_type

scores

value	0.08925
scoring_system	epss
scoring_elements	0.92732
published_at	2026-06-04T12:55:00Z

value	0.08925
scoring_system	epss
scoring_elements	0.92747
published_at	2026-06-09T12:55:00Z

value	0.08925
scoring_system	epss
scoring_elements	0.92735
published_at	2026-06-07T12:55:00Z

value	0.08925
scoring_system	epss
scoring_elements	0.92733
published_at	2026-06-08T12:55:00Z

value	0.08925
scoring_system	epss
scoring_elements	0.92744
published_at	2026-06-05T12:55:00Z

value	0.08925
scoring_system	epss
scoring_elements	0.9274
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1646377
reference_id	1646377
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1646377

reference_url	https://security.archlinux.org/ASA-201811-22
reference_id	ASA-201811-22
reference_type
scores
url	https://security.archlinux.org/ASA-201811-22

reference_url

reference_id

AVG-823

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1050.json

reference_url	https://security.gentoo.org/glsa/202003-52
reference_id	GLSA-202003-52
reference_type
scores
url	https://security.gentoo.org/glsa/202003-52

reference_url	https://usn.ubuntu.com/3827-1/
reference_id	USN-3827-1
reference_type
scores
url	https://usn.ubuntu.com/3827-1/

reference_url	https://usn.ubuntu.com/3827-2/
reference_id	USN-3827-2
reference_type
scores
url	https://usn.ubuntu.com/3827-2/

fixed_packages

url pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

purl pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2018-16851

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-35qh-y7xf-nkdn

url VCID-3ddh-cm8f-nuf2

vulnerability_id VCID-3ddh-cm8f-nuf2

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1050.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1050

reference_id

reference_type

scores

value	0.19654
scoring_system	epss
scoring_elements	0.95539
published_at	2026-06-04T12:55:00Z

value	0.19654
scoring_system	epss
scoring_elements	0.95557
published_at	2026-06-09T12:55:00Z

value	0.19654
scoring_system	epss
scoring_elements	0.95552
published_at	2026-06-07T12:55:00Z

value	0.19654
scoring_system	epss
scoring_elements	0.95553
published_at	2026-06-08T12:55:00Z

value	0.19654
scoring_system	epss
scoring_elements	0.95547
published_at	2026-06-05T12:55:00Z

value	0.19654
scoring_system	epss
scoring_elements	0.9555
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1050

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1538771
reference_id	1538771
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1538771

reference_url	https://security.archlinux.org/ASA-201803-10
reference_id	ASA-201803-10
reference_type
scores
url	https://security.archlinux.org/ASA-201803-10

reference_url

reference_id

AVG-651

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12150.json

reference_url	https://security.gentoo.org/glsa/201805-07
reference_id	GLSA-201805-07
reference_type
scores
url	https://security.gentoo.org/glsa/201805-07

reference_url	https://access.redhat.com/errata/RHSA-2018:1860
reference_id	RHSA-2018:1860
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1860

reference_url	https://access.redhat.com/errata/RHSA-2018:1883
reference_id	RHSA-2018:1883
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1883

reference_url	https://access.redhat.com/errata/RHSA-2018:2612
reference_id	RHSA-2018:2612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2612

reference_url	https://access.redhat.com/errata/RHSA-2018:2613
reference_id	RHSA-2018:2613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2613

reference_url	https://access.redhat.com/errata/RHSA-2018:3056
reference_id	RHSA-2018:3056
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3056

reference_url	https://usn.ubuntu.com/3595-1/
reference_id	USN-3595-1
reference_type
scores
url	https://usn.ubuntu.com/3595-1/

reference_url	https://usn.ubuntu.com/3595-2/
reference_id	USN-3595-2
reference_type
scores
url	https://usn.ubuntu.com/3595-2/

fixed_packages

url pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

purl pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2018-1050

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ddh-cm8f-nuf2

url VCID-44hn-cr8c-akft

vulnerability_id VCID-44hn-cr8c-akft

summary It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.

references

reference_url

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12150.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-12150

reference_id

reference_type

scores

value	0.21657
scoring_system	epss
scoring_elements	0.95848
published_at	2026-06-09T12:55:00Z

value	0.221
scoring_system	epss
scoring_elements	0.95901
published_at	2026-06-05T12:55:00Z

value	0.221
scoring_system	epss
scoring_elements	0.95904
published_at	2026-06-07T12:55:00Z

value	0.221
scoring_system	epss
scoring_elements	0.95905
published_at	2026-06-08T12:55:00Z

value	0.221
scoring_system	epss
scoring_elements	0.95897
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-12150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv2
scoring_elements	AV:A/AC:H/Au:N/C:C/I:C/A:N

value	8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1488400
reference_id	1488400
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1488400

reference_url	https://access.redhat.com/errata/RHSA-2017:2789
reference_id	RHSA-2017:2789
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2789

reference_url	https://access.redhat.com/errata/RHSA-2017:2790
reference_id	RHSA-2017:2790
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2790

reference_url	https://access.redhat.com/errata/RHSA-2017:2791
reference_id	RHSA-2017:2791
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2791

reference_url	https://access.redhat.com/errata/RHSA-2017:2858
reference_id	RHSA-2017:2858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2858

reference_url	https://usn.ubuntu.com/3426-1/
reference_id	USN-3426-1
reference_type
scores
url	https://usn.ubuntu.com/3426-1/

reference_url	https://usn.ubuntu.com/3426-2/
reference_id	USN-3426-2
reference_type
scores
url	https://usn.ubuntu.com/3426-2/

fixed_packages

url pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9

purl pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-6pd7-pxth-3faj

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8tyg-f73c-zuh3

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-94d3-5rgf-x3dh

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-apjj-ezss-a3hj

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-b9y4-s6nz-kkby

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-eaxm-5jgj-eqcg

vulnerability	VCID-egeg-4ds7-d3d1

vulnerability	VCID-enbr-g8ae-ubbc

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hbe8-zptv-f7dr

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m364-w7f6-aug7

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-n6xc-pvqq-9bgs

vulnerability	VCID-n9bw-bctz-pqfx

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-p4mk-1t9q-sbb3

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vedj-x1yz-3uec

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vtne-we7s-tuet

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-xvjy-amhr-z3d8

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-yt92-mfwy-z7er

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9

url pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

purl pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2017-12150

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-44hn-cr8c-akft

url VCID-53zv-2nms-e3da

vulnerability_id VCID-53zv-2nms-e3da

summary Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in 'enc_part' instead of the unencrypted version stored in 'ticket'. Use of the unencrypted version provides an opportunity for successful server impersonation and other attacks. NOTE: this CVE is only for Heimdal and other products that embed Heimdal code; it does not apply to other instances in which this part of the Kerberos 5 protocol specification is violated.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11103.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11103.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-11103

reference_id

reference_type

scores

value	0.05637
scoring_system	epss
scoring_elements	0.9051
published_at	2026-06-04T12:55:00Z

value	0.05637
scoring_system	epss
scoring_elements	0.90524
published_at	2026-06-05T12:55:00Z

value	0.05637
scoring_system	epss
scoring_elements	0.90525
published_at	2026-06-06T12:55:00Z

value	0.05637
scoring_system	epss
scoring_elements	0.90523
published_at	2026-06-07T12:55:00Z

value	0.05637
scoring_system	epss
scoring_elements	0.90522
published_at	2026-06-08T12:55:00Z

value	0.05637
scoring_system	epss
scoring_elements	0.90538
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-11103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11103

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1469976
reference_id	1469976
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1469976

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868208
reference_id	868208
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868208

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868209
reference_id	868209
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868209

reference_url	https://usn.ubuntu.com/3353-1/
reference_id	USN-3353-1
reference_type
scores
url	https://usn.ubuntu.com/3353-1/

reference_url	https://usn.ubuntu.com/3353-2/
reference_id	USN-3353-2
reference_type
scores
url	https://usn.ubuntu.com/3353-2/

reference_url	https://usn.ubuntu.com/3353-3/
reference_id	USN-3353-3
reference_type
scores
url	https://usn.ubuntu.com/3353-3/

reference_url	https://usn.ubuntu.com/3353-4/
reference_id	USN-3353-4
reference_type
scores
url	https://usn.ubuntu.com/3353-4/

fixed_packages

url pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9

purl pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-6pd7-pxth-3faj

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8tyg-f73c-zuh3

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-94d3-5rgf-x3dh

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-apjj-ezss-a3hj

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-b9y4-s6nz-kkby

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-eaxm-5jgj-eqcg

vulnerability	VCID-egeg-4ds7-d3d1

vulnerability	VCID-enbr-g8ae-ubbc

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hbe8-zptv-f7dr

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m364-w7f6-aug7

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-n6xc-pvqq-9bgs

vulnerability	VCID-n9bw-bctz-pqfx

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-p4mk-1t9q-sbb3

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vedj-x1yz-3uec

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vtne-we7s-tuet

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-xvjy-amhr-z3d8

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-yt92-mfwy-z7er

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9

url pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

purl pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2017-11103

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-53zv-2nms-e3da

url VCID-5uh7-w6s9-47gr

vulnerability_id VCID-5uh7-w6s9-47gr

summary The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10919.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10919.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-10919

reference_id

reference_type

scores

value	0.01373
scoring_system	epss
scoring_elements	0.80567
published_at	2026-06-04T12:55:00Z

value	0.01373
scoring_system	epss
scoring_elements	0.80594
published_at	2026-06-05T12:55:00Z

value	0.01373
scoring_system	epss
scoring_elements	0.80596
published_at	2026-06-06T12:55:00Z

value	0.01373
scoring_system	epss
scoring_elements	0.80592
published_at	2026-06-07T12:55:00Z

value	0.01373
scoring_system	epss
scoring_elements	0.80588
published_at	2026-06-08T12:55:00Z

value	0.01373
scoring_system	epss
scoring_elements	0.80609
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-10919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10858
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10858

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10919

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1610645
reference_id	1610645
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1610645

reference_url	https://security.gentoo.org/glsa/202003-52
reference_id	GLSA-202003-52
reference_type
scores
url	https://security.gentoo.org/glsa/202003-52

reference_url	https://usn.ubuntu.com/3738-1/
reference_id	USN-3738-1
reference_type
scores
url	https://usn.ubuntu.com/3738-1/

fixed_packages

url pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

purl pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2018-10919

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5uh7-w6s9-47gr

url VCID-688u-s2a3-8fha

vulnerability_id VCID-688u-s2a3-8fha

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15275.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15275.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15275

reference_id

reference_type

scores

value	0.4327
scoring_system	epss
scoring_elements	0.97572
published_at	2026-06-04T12:55:00Z

value	0.4327
scoring_system	epss
scoring_elements	0.97581
published_at	2026-06-09T12:55:00Z

value	0.4327
scoring_system	epss
scoring_elements	0.97578
published_at	2026-06-06T12:55:00Z

value	0.4327
scoring_system	epss
scoring_elements	0.97577
published_at	2026-06-07T12:55:00Z

value	0.4327
scoring_system	epss
scoring_elements	0.97579
published_at	2026-06-08T12:55:00Z

value	0.4327
scoring_system	epss
scoring_elements	0.97576
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15275

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1512465
reference_id	1512465
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1512465

reference_url	https://security.archlinux.org/ASA-201712-1
reference_id	ASA-201712-1
reference_type
scores
url	https://security.archlinux.org/ASA-201712-1

reference_url

reference_id

AVG-535

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16853.json

reference_url	https://security.gentoo.org/glsa/201805-07
reference_id	GLSA-201805-07
reference_type
scores
url	https://security.gentoo.org/glsa/201805-07

reference_url	https://access.redhat.com/errata/RHSA-2017:3260
reference_id	RHSA-2017:3260
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3260

reference_url	https://access.redhat.com/errata/RHSA-2017:3261
reference_id	RHSA-2017:3261
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3261

reference_url	https://access.redhat.com/errata/RHSA-2017:3278
reference_id	RHSA-2017:3278
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3278

reference_url	https://usn.ubuntu.com/3486-1/
reference_id	USN-3486-1
reference_type
scores
url	https://usn.ubuntu.com/3486-1/

reference_url	https://usn.ubuntu.com/3486-2/
reference_id	USN-3486-2
reference_type
scores
url	https://usn.ubuntu.com/3486-2/

fixed_packages

url pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9

purl pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-6pd7-pxth-3faj

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8tyg-f73c-zuh3

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-94d3-5rgf-x3dh

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-apjj-ezss-a3hj

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-b9y4-s6nz-kkby

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-eaxm-5jgj-eqcg

vulnerability	VCID-egeg-4ds7-d3d1

vulnerability	VCID-enbr-g8ae-ubbc

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hbe8-zptv-f7dr

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m364-w7f6-aug7

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-n6xc-pvqq-9bgs

vulnerability	VCID-n9bw-bctz-pqfx

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-p4mk-1t9q-sbb3

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vedj-x1yz-3uec

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vtne-we7s-tuet

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-xvjy-amhr-z3d8

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-yt92-mfwy-z7er

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9

url pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

purl pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2017-15275

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-688u-s2a3-8fha

url VCID-92g2-se8k-ybh5

vulnerability_id VCID-92g2-se8k-ybh5

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16853.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16853

reference_id

reference_type

scores

value	0.04908
scoring_system	epss
scoring_elements	0.89783
published_at	2026-06-04T12:55:00Z

value	0.04908
scoring_system	epss
scoring_elements	0.89799
published_at	2026-06-08T12:55:00Z

value	0.04908
scoring_system	epss
scoring_elements	0.89801
published_at	2026-06-06T12:55:00Z

value	0.04908
scoring_system	epss
scoring_elements	0.89815
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16853

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1647246
reference_id	1647246
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1647246

reference_url	https://security.archlinux.org/ASA-201811-22
reference_id	ASA-201811-22
reference_type
scores
url	https://security.archlinux.org/ASA-201811-22

reference_url

reference_id

AVG-823

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3880.json

reference_url	https://security.gentoo.org/glsa/202003-52
reference_id	GLSA-202003-52
reference_type
scores
url	https://security.gentoo.org/glsa/202003-52

fixed_packages

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2018-16853

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-92g2-se8k-ybh5

url VCID-ddag-h7en-efed

vulnerability_id VCID-ddag-h7en-efed

summary A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable.

references

reference_url

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3880.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-3880

reference_id

reference_type

scores

value	0.03388
scoring_system	epss
scoring_elements	0.87614
published_at	2026-06-04T12:55:00Z

value	0.03388
scoring_system	epss
scoring_elements	0.87635
published_at	2026-06-08T12:55:00Z

value	0.03388
scoring_system	epss
scoring_elements	0.87647
published_at	2026-06-09T12:55:00Z

value	0.03388
scoring_system	epss
scoring_elements	0.87636
published_at	2026-06-06T12:55:00Z

value	0.03388
scoring_system	epss
scoring_elements	0.87634
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-3880

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3880
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3880

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1691518
reference_id	1691518
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1691518

reference_url	https://access.redhat.com/errata/RHSA-2019:1966
reference_id	RHSA-2019:1966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1966

reference_url	https://access.redhat.com/errata/RHSA-2019:1967
reference_id	RHSA-2019:1967
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1967

reference_url	https://access.redhat.com/errata/RHSA-2019:2099
reference_id	RHSA-2019:2099
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2099

reference_url	https://access.redhat.com/errata/RHSA-2019:3582
reference_id	RHSA-2019:3582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3582

reference_url	https://usn.ubuntu.com/3939-1/
reference_id	USN-3939-1
reference_type
scores
url	https://usn.ubuntu.com/3939-1/

reference_url	https://usn.ubuntu.com/3939-2/
reference_id	USN-3939-2
reference_type
scores
url	https://usn.ubuntu.com/3939-2/

fixed_packages

url pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

purl pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2019-3880

risk_score 1.9

exploitability 0.5

weighted_severity 3.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ddag-h7en-efed

url VCID-dtxj-7cam-x3g9

vulnerability_id VCID-dtxj-7cam-x3g9

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14629.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14629.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14629

reference_id

reference_type

scores

value	0.08971
scoring_system	epss
scoring_elements	0.92753
published_at	2026-06-04T12:55:00Z

value	0.08971
scoring_system	epss
scoring_elements	0.92769
published_at	2026-06-09T12:55:00Z

value	0.08971
scoring_system	epss
scoring_elements	0.92756
published_at	2026-06-07T12:55:00Z

value	0.08971
scoring_system	epss
scoring_elements	0.92754
published_at	2026-06-08T12:55:00Z

value	0.08971
scoring_system	epss
scoring_elements	0.92765
published_at	2026-06-05T12:55:00Z

value	0.08971
scoring_system	epss
scoring_elements	0.9276
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14629

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1625449
reference_id	1625449
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1625449

reference_url	https://security.archlinux.org/ASA-201811-22
reference_id	ASA-201811-22
reference_type
scores
url	https://security.archlinux.org/ASA-201811-22

reference_url

reference_id

AVG-823

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12151.json

reference_url	https://security.gentoo.org/glsa/202003-52
reference_id	GLSA-202003-52
reference_type
scores
url	https://security.gentoo.org/glsa/202003-52

reference_url	https://usn.ubuntu.com/3827-1/
reference_id	USN-3827-1
reference_type
scores
url	https://usn.ubuntu.com/3827-1/

reference_url	https://usn.ubuntu.com/3827-2/
reference_id	USN-3827-2
reference_type
scores
url	https://usn.ubuntu.com/3827-2/

fixed_packages

url pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

purl pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2018-14629

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dtxj-7cam-x3g9

url VCID-e45f-ty2v-g7g8

vulnerability_id VCID-e45f-ty2v-g7g8

summary A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.

references

reference_url

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12151.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-12151

reference_id

reference_type

scores

value	0.04146
scoring_system	epss
scoring_elements	0.88852
published_at	2026-06-04T12:55:00Z

value	0.04146
scoring_system	epss
scoring_elements	0.88869
published_at	2026-06-06T12:55:00Z

value	0.04146
scoring_system	epss
scoring_elements	0.88867
published_at	2026-06-07T12:55:00Z

value	0.05265
scoring_system	epss
scoring_elements	0.90188
published_at	2026-06-09T12:55:00Z

value	0.05265
scoring_system	epss
scoring_elements	0.90173
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-12151

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv2
scoring_elements	AV:A/AC:M/Au:N/C:C/I:C/A:N

value	8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1488197
reference_id	1488197
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1488197

reference_url	https://access.redhat.com/errata/RHSA-2017:2790
reference_id	RHSA-2017:2790
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2790

reference_url	https://access.redhat.com/errata/RHSA-2017:2858
reference_id	RHSA-2017:2858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2858

reference_url	https://usn.ubuntu.com/3426-1/
reference_id	USN-3426-1
reference_type
scores
url	https://usn.ubuntu.com/3426-1/

fixed_packages

url pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9

purl pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-6pd7-pxth-3faj

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8tyg-f73c-zuh3

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-94d3-5rgf-x3dh

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-apjj-ezss-a3hj

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-b9y4-s6nz-kkby

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-eaxm-5jgj-eqcg

vulnerability	VCID-egeg-4ds7-d3d1

vulnerability	VCID-enbr-g8ae-ubbc

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hbe8-zptv-f7dr

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m364-w7f6-aug7

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-n6xc-pvqq-9bgs

vulnerability	VCID-n9bw-bctz-pqfx

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-p4mk-1t9q-sbb3

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vedj-x1yz-3uec

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vtne-we7s-tuet

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-xvjy-amhr-z3d8

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-yt92-mfwy-z7er

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9

url pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

purl pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2017-12151

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e45f-ty2v-g7g8

url VCID-jeut-pn1j-gfg6

vulnerability_id VCID-jeut-pn1j-gfg6

summary A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10858.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10858.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-10858

reference_id

reference_type

scores

value	0.0594
scoring_system	epss
scoring_elements	0.90803
published_at	2026-06-04T12:55:00Z

value	0.0594
scoring_system	epss
scoring_elements	0.90817
published_at	2026-06-06T12:55:00Z

value	0.0594
scoring_system	epss
scoring_elements	0.90829
published_at	2026-06-09T12:55:00Z

value	0.0594
scoring_system	epss
scoring_elements	0.90815
published_at	2026-06-07T12:55:00Z

value	0.0594
scoring_system	epss
scoring_elements	0.90813
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-10858

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10858
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10858

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10919

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1612805
reference_id	1612805
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1612805

reference_url	https://security.gentoo.org/glsa/202003-52
reference_id	GLSA-202003-52
reference_type
scores
url	https://security.gentoo.org/glsa/202003-52

reference_url	https://access.redhat.com/errata/RHSA-2018:2612
reference_id	RHSA-2018:2612
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2612

reference_url	https://access.redhat.com/errata/RHSA-2018:2613
reference_id	RHSA-2018:2613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2613

reference_url	https://access.redhat.com/errata/RHSA-2018:3056
reference_id	RHSA-2018:3056
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3056

reference_url	https://access.redhat.com/errata/RHSA-2018:3470
reference_id	RHSA-2018:3470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3470

reference_url	https://usn.ubuntu.com/3738-1/
reference_id	USN-3738-1
reference_type
scores
url	https://usn.ubuntu.com/3738-1/

fixed_packages

url pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

purl pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2018-10858

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jeut-pn1j-gfg6

url VCID-jmm9-r3u7-zufe

vulnerability_id VCID-jmm9-r3u7-zufe

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14746.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14746.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14746

reference_id

reference_type

scores

value	0.31253
scoring_system	epss
scoring_elements	0.96867
published_at	2026-06-08T12:55:00Z

value	0.31253
scoring_system	epss
scoring_elements	0.96859
published_at	2026-06-04T12:55:00Z

value	0.31253
scoring_system	epss
scoring_elements	0.96868
published_at	2026-06-07T12:55:00Z

value	0.31253
scoring_system	epss
scoring_elements	0.96871
published_at	2026-06-09T12:55:00Z

value	0.31253
scoring_system	epss
scoring_elements	0.96863
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:C/I:C/A:C

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1511899
reference_id	1511899
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1511899

reference_url	https://security.archlinux.org/ASA-201712-1
reference_id	ASA-201712-1
reference_type
scores
url	https://security.archlinux.org/ASA-201712-1

reference_url

reference_id

AVG-535

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1057.json

reference_url	https://security.gentoo.org/glsa/201805-07
reference_id	GLSA-201805-07
reference_type
scores
url	https://security.gentoo.org/glsa/201805-07

reference_url	https://access.redhat.com/errata/RHSA-2017:3260
reference_id	RHSA-2017:3260
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3260

reference_url	https://access.redhat.com/errata/RHSA-2017:3261
reference_id	RHSA-2017:3261
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3261

reference_url	https://access.redhat.com/errata/RHSA-2017:3278
reference_id	RHSA-2017:3278
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3278

reference_url	https://usn.ubuntu.com/3486-1/
reference_id	USN-3486-1
reference_type
scores
url	https://usn.ubuntu.com/3486-1/

fixed_packages

url pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9

purl pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-6pd7-pxth-3faj

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8tyg-f73c-zuh3

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-94d3-5rgf-x3dh

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-apjj-ezss-a3hj

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-b9y4-s6nz-kkby

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-eaxm-5jgj-eqcg

vulnerability	VCID-egeg-4ds7-d3d1

vulnerability	VCID-enbr-g8ae-ubbc

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hbe8-zptv-f7dr

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m364-w7f6-aug7

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-n6xc-pvqq-9bgs

vulnerability	VCID-n9bw-bctz-pqfx

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-p4mk-1t9q-sbb3

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vedj-x1yz-3uec

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vtne-we7s-tuet

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-xvjy-amhr-z3d8

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-yt92-mfwy-z7er

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9

url pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

purl pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2017-14746

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jmm9-r3u7-zufe

url VCID-jnby-fw2x-xyf4

vulnerability_id VCID-jnby-fw2x-xyf4

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1057.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1057

reference_id

reference_type

scores

value	0.07722
scoring_system	epss
scoring_elements	0.92075
published_at	2026-06-04T12:55:00Z

value	0.07722
scoring_system	epss
scoring_elements	0.92088
published_at	2026-06-05T12:55:00Z

value	0.07722
scoring_system	epss
scoring_elements	0.92085
published_at	2026-06-06T12:55:00Z

value	0.07722
scoring_system	epss
scoring_elements	0.92083
published_at	2026-06-07T12:55:00Z

value	0.07722
scoring_system	epss
scoring_elements	0.92084
published_at	2026-06-08T12:55:00Z

value	0.07722
scoring_system	epss
scoring_elements	0.92098
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1057

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1553553
reference_id	1553553
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1553553

reference_url	https://security.archlinux.org/ASA-201803-10
reference_id	ASA-201803-10
reference_type
scores
url	https://security.archlinux.org/ASA-201803-10

reference_url

reference_id

AVG-651

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12435.json

reference_url	https://security.gentoo.org/glsa/201805-07
reference_id	GLSA-201805-07
reference_type
scores
url	https://security.gentoo.org/glsa/201805-07

reference_url	https://usn.ubuntu.com/3595-1/
reference_id	USN-3595-1
reference_type
scores
url	https://usn.ubuntu.com/3595-1/

fixed_packages

url pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

purl pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2018-1057

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jnby-fw2x-xyf4

url VCID-mktu-yt4c-tkfq

vulnerability_id VCID-mktu-yt4c-tkfq

summary Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer dereference, leading to Denial of Service. This is related to the AD DC DNS management server (dnsserver) RPC server process.

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12435.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-12435

reference_id

reference_type

scores

value	0.03816
scoring_system	epss
scoring_elements	0.88321
published_at	2026-06-04T12:55:00Z

value	0.03816
scoring_system	epss
scoring_elements	0.88339
published_at	2026-06-05T12:55:00Z

value	0.03816
scoring_system	epss
scoring_elements	0.88357
published_at	2026-06-09T12:55:00Z

value	0.03816
scoring_system	epss
scoring_elements	0.88341
published_at	2026-06-08T12:55:00Z

value	0.03816
scoring_system	epss
scoring_elements	0.8834
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-12435

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12435
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12435

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1711816
reference_id	1711816
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1711816

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930748
reference_id	930748
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930748

reference_url	https://usn.ubuntu.com/4018-1/
reference_id	USN-4018-1
reference_type
scores
url	https://usn.ubuntu.com/4018-1/

fixed_packages

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2019-12435

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mktu-yt4c-tkfq

url VCID-nazc-kauc-rqb6

vulnerability_id VCID-nazc-kauc-rqb6

summary An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12163.json

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12163.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-12163

reference_id

reference_type

scores

value	0.41375
scoring_system	epss
scoring_elements	0.97485
published_at	2026-06-09T12:55:00Z

value	0.41375
scoring_system	epss
scoring_elements	0.97477
published_at	2026-06-04T12:55:00Z

value	0.41375
scoring_system	epss
scoring_elements	0.97483
published_at	2026-06-07T12:55:00Z

value	0.41375
scoring_system	epss
scoring_elements	0.97484
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-12163

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12151

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12163

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:N/A:N

value	5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1491206
reference_id	1491206
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1491206

reference_url	https://access.redhat.com/errata/RHSA-2017:2789
reference_id	RHSA-2017:2789
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2789

reference_url	https://access.redhat.com/errata/RHSA-2017:2790
reference_id	RHSA-2017:2790
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2790

reference_url	https://access.redhat.com/errata/RHSA-2017:2791
reference_id	RHSA-2017:2791
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2791

reference_url	https://access.redhat.com/errata/RHSA-2017:2858
reference_id	RHSA-2017:2858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2858

reference_url	https://usn.ubuntu.com/3426-1/
reference_id	USN-3426-1
reference_type
scores
url	https://usn.ubuntu.com/3426-1/

reference_url	https://usn.ubuntu.com/3426-2/
reference_id	USN-3426-2
reference_type
scores
url	https://usn.ubuntu.com/3426-2/

fixed_packages

url pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9

purl pkg:deb/debian/samba@2:4.2.14%2Bdfsg-0%2Bdeb8u9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-6pd7-pxth-3faj

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8tyg-f73c-zuh3

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-94d3-5rgf-x3dh

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-apjj-ezss-a3hj

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-b9y4-s6nz-kkby

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-eaxm-5jgj-eqcg

vulnerability	VCID-egeg-4ds7-d3d1

vulnerability	VCID-enbr-g8ae-ubbc

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hbe8-zptv-f7dr

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m364-w7f6-aug7

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-n6xc-pvqq-9bgs

vulnerability	VCID-n9bw-bctz-pqfx

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-p4mk-1t9q-sbb3

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vedj-x1yz-3uec

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vtne-we7s-tuet

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-xvjy-amhr-z3d8

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-yt92-mfwy-z7er

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.2.14%252Bdfsg-0%252Bdeb8u9

url pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

purl pkg:deb/debian/samba@2:4.5.16%2Bdfsg-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1drk-e3vx-wbe8

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-26vq-jj49-byez

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-35qh-y7xf-nkdn

vulnerability	VCID-3ddh-cm8f-nuf2

vulnerability	VCID-44hn-cr8c-akft

vulnerability	VCID-53zv-2nms-e3da

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-5uh7-w6s9-47gr

vulnerability	VCID-688u-s2a3-8fha

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-92g2-se8k-ybh5

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-ddag-h7en-efed

vulnerability	VCID-dtxj-7cam-x3g9

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-e45f-ty2v-g7g8

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-jeut-pn1j-gfg6

vulnerability	VCID-jmm9-r3u7-zufe

vulnerability	VCID-jnby-fw2x-xyf4

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mktu-yt4c-tkfq

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-nazc-kauc-rqb6

vulnerability	VCID-nhvj-h5wu-xfgy

vulnerability	VCID-njb3-9hmh-s3cg

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-sg5x-7v6b-ffgk

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-tbhp-xkw4-hucg

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-vutz-f18f-z7a2

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

vulnerability	VCID-yxjb-u3xu-9kcc

vulnerability	VCID-zcfp-hhne-tuf2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.5.16%252Bdfsg-1%252Bdeb9u2

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2017-12163

risk_score 1.9

exploitability 0.5

weighted_severity 3.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nazc-kauc-rqb6

url VCID-nhvj-h5wu-xfgy

vulnerability_id VCID-nhvj-h5wu-xfgy

summary A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3870.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3870.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-3870

reference_id

reference_type

scores

value	0.0055
scoring_system	epss
scoring_elements	0.6834
published_at	2026-06-04T12:55:00Z

value	0.0055
scoring_system	epss
scoring_elements	0.68383
published_at	2026-06-09T12:55:00Z

value	0.0055
scoring_system	epss
scoring_elements	0.6839
published_at	2026-06-06T12:55:00Z

value	0.0055
scoring_system	epss
scoring_elements	0.68368
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-3870

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3870
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3870

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1689010
reference_id	1689010
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1689010

fixed_packages

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2019-3870

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nhvj-h5wu-xfgy

url VCID-njb3-9hmh-s3cg

vulnerability_id VCID-njb3-9hmh-s3cg

summary multiple issues

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16857.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16857.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16857

reference_id

reference_type

scores

value	0.0224
scoring_system	epss
scoring_elements	0.84863
published_at	2026-06-04T12:55:00Z

value	0.0224
scoring_system	epss
scoring_elements	0.84889
published_at	2026-06-09T12:55:00Z

value	0.0224
scoring_system	epss
scoring_elements	0.84885
published_at	2026-06-07T12:55:00Z

value	0.0224
scoring_system	epss
scoring_elements	0.84875
published_at	2026-06-08T12:55:00Z

value	0.0224
scoring_system	epss
scoring_elements	0.84886
published_at	2026-06-05T12:55:00Z

value	0.0224
scoring_system	epss
scoring_elements	0.84891
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16857

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1649278
reference_id	1649278
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1649278

reference_url	https://security.archlinux.org/ASA-201811-22
reference_id	ASA-201811-22
reference_type
scores
url	https://security.archlinux.org/ASA-201811-22

reference_url

reference_id

AVG-823

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25717.json

reference_url	https://security.gentoo.org/glsa/202003-52
reference_id	GLSA-202003-52
reference_type
scores
url	https://security.gentoo.org/glsa/202003-52

fixed_packages

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

aliases CVE-2018-16857

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-njb3-9hmh-s3cg

url VCID-r7zv-4yyc-mqeu

vulnerability_id VCID-r7zv-4yyc-mqeu

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25717.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25717

reference_id

reference_type

scores

value	0.00517
scoring_system	epss
scoring_elements	0.67053
published_at	2026-06-04T12:55:00Z

value	0.00517
scoring_system	epss
scoring_elements	0.67085
published_at	2026-06-09T12:55:00Z

value	0.00517
scoring_system	epss
scoring_elements	0.67087
published_at	2026-06-07T12:55:00Z

value	0.00517
scoring_system	epss
scoring_elements	0.67069
published_at	2026-06-08T12:55:00Z

value	0.00517
scoring_system	epss
scoring_elements	0.67094
published_at	2026-06-05T12:55:00Z

value	0.00517
scoring_system	epss
scoring_elements	0.67102
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25717

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2019672
reference_id	2019672
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2019672

reference_url

reference_id

AVG-2538

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16852.json

reference_url	https://security.gentoo.org/glsa/202309-06
reference_id	GLSA-202309-06
reference_type
scores
url	https://security.gentoo.org/glsa/202309-06

reference_url	https://access.redhat.com/errata/RHSA-2021:4843
reference_id	RHSA-2021:4843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4843

reference_url	https://access.redhat.com/errata/RHSA-2021:4844
reference_id	RHSA-2021:4844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4844

reference_url	https://access.redhat.com/errata/RHSA-2021:5082
reference_id	RHSA-2021:5082
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5082

reference_url	https://access.redhat.com/errata/RHSA-2021:5192
reference_id	RHSA-2021:5192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5192

reference_url	https://access.redhat.com/errata/RHSA-2022:0008
reference_id	RHSA-2022:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0008

reference_url	https://access.redhat.com/errata/RHSA-2022:0074
reference_id	RHSA-2022:0074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0074

reference_url	https://access.redhat.com/errata/RHSA-2022:0133
reference_id	RHSA-2022:0133
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0133

reference_url	https://access.redhat.com/errata/RHSA-2022:0443
reference_id	RHSA-2022:0443
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0443

reference_url	https://usn.ubuntu.com/5142-1/
reference_id	USN-5142-1
reference_type
scores
url	https://usn.ubuntu.com/5142-1/

reference_url	https://usn.ubuntu.com/5174-1/
reference_id	USN-5174-1
reference_type
scores
url	https://usn.ubuntu.com/5174-1/

fixed_packages

url pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

purl pkg:deb/debian/samba@2:4.9.5%2Bdfsg-5%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzz-fu2r-rqgy

vulnerability	VCID-2f2r-y1tw-pyeq

vulnerability	VCID-5e5h-6dg4-ryd4

vulnerability	VCID-5tub-1spq-b7c7

vulnerability	VCID-76dk-atu1-ebbm

vulnerability	VCID-7q6r-9cgn-5kfp

vulnerability	VCID-8yhb-ghew-b3bw

vulnerability	VCID-8ztz-2n8a-gqbm

vulnerability	VCID-95dq-xd5m-judz

vulnerability	VCID-9bk5-pgap-1khn

vulnerability	VCID-aza7-wkqb-m7h1

vulnerability	VCID-b843-h976-aqhr

vulnerability	VCID-bykg-wucu-duay

vulnerability	VCID-d4jx-h2cx-kbf3

vulnerability	VCID-dzyk-akhc-t7d2

vulnerability	VCID-f93g-v8t6-wyf3

vulnerability	VCID-gg9p-kzw8-23bq

vulnerability	VCID-hkb3-h17f-bbfc

vulnerability	VCID-ksss-h1p9-mbaz

vulnerability	VCID-kwqt-87ga-1bbn

vulnerability	VCID-m1qp-m1d3-nbgw

vulnerability	VCID-m8f3-3jf6-2bdy

vulnerability	VCID-mxk6-6rwy-hfa3

vulnerability	VCID-np9m-wq3n-j7cq

vulnerability	VCID-prhs-c1gk-97hj

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-q5hu-u9th-33e7

vulnerability	VCID-qn5w-t24w-xye5

vulnerability	VCID-qsns-qxxn-1ygq

vulnerability	VCID-qtcs-hz4a-97fy

vulnerability	VCID-r3n1-q8uv-cfbb

vulnerability	VCID-r7zv-4yyc-mqeu

vulnerability	VCID-rmda-jcc9-2bam

vulnerability	VCID-rsz9-y661-qfce

vulnerability	VCID-ss54-ft8h-rufv

vulnerability	VCID-ssh4-ukvg-5fej

vulnerability	VCID-t35b-ur7m-vqeu

vulnerability	VCID-u4fr-s35u-8khu

vulnerability	VCID-uwmy-xe5s-yubn

vulnerability	VCID-uyuw-v56z-93ez

vulnerability	VCID-vrxh-bq3q-xudq

vulnerability	VCID-wc26-trz1-u7fv

vulnerability	VCID-y3rv-fdkr-qyd2

vulnerability	VCID-ytdy-akzb-a7e1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.9.5%252Bdfsg-5%252Bdeb10u3

url pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

purl pkg:deb/debian/samba@2:4.13.13%2Bdfsg-1~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5tc4-e6tj-3qfa

vulnerability	VCID-7n9k-74nf-ayah

vulnerability	VCID-7rsk-suge-a7b4

vulnerability	VCID-8jp7-e281-tqha

vulnerability	VCID-8yq8-wp1b-p7gt

vulnerability	VCID-9cv8-xnmm-cyh8

vulnerability	VCID-9kyr-nxjs-xkaw

vulnerability	VCID-afjh-h9hy-u7dz

vulnerability	VCID-atg1-qx5q-hfdu

vulnerability	VCID-bkse-muh9-t7a8

vulnerability	VCID-e2b4-vjgq-sbdq

vulnerability	VCID-fb3p-pr3k-wbhj

vulnerability	VCID-fj5p-xkmp-vken

vulnerability	VCID-gec9-c1be-dkba

vulnerability	VCID-gx57-3mtp-hqdh

vulnerability	VCID-hxfw-6htj-wkhg

vulnerability	VCID-j1a6-7vhx-sbh7

vulnerability	VCID-j358-djx5-8qdw

vulnerability	VCID-mnnu-hrtz-uyeg

vulnerability	VCID-mtrk-m8jm-gyfg

vulnerability	VCID-pzrp-6xtn-37db

vulnerability	VCID-t156-69p4-s7gu

vulnerability	VCID-usyw-3jt1-xyez

vulnerability	VCID-wc2t-bbf1-mua5

vulnerability	VCID-x9ky-gfg3-hfen

vulnerability	VCID-xmpf-4zxw-dybe

vulnerability	VCID-xt8n-4rnc-b7fs

vulnerability	VCID-zx6s-p6p1-z7ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/samba@2:4.13.13%252Bdfsg-1~deb11u6

aliases CVE-2020-25717

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r7zv-4yyc-mqeu

url VCID-sg5x-7v6b-ffgk

vulnerability_id VCID-sg5x-7v6b-ffgk

summary multiple issues

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16852.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16852

reference_id

reference_type

scores

value	0.02897
scoring_system	epss
scoring_elements	0.86592
published_at	2026-06-04T12:55:00Z

value	0.02897
scoring_system	epss
scoring_elements	0.86612
published_at	2026-06-09T12:55:00Z

value	0.02897
scoring_system	epss
scoring_elements	0.8661
published_at	2026-06-07T12:55:00Z

value	0.02897
scoring_system	epss
scoring_elements	0.866
published_at	2026-06-08T12:55:00Z

value	0.02897
scoring_system	epss
scoring_elements	0.86615
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16852

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1646386
reference_id	1646386
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1646386

reference_url	https://security.archlinux.org/ASA-201811-22
reference_id	ASA-201811-22
reference_type
scores
url	https://security.archlinux.org/ASA-201811-22

reference_url

reference_id

AVG-823

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url