Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/krb5@1.4.4-7etch1
Typedeb
Namespacedebian
Namekrb5
Version1.4.4-7etch1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.20.1-2+deb12u4
Latest_non_vulnerable_version1.20.1-2+deb12u4
Affected_by_vulnerabilities
0
url VCID-11jm-yxbs-1kfj
vulnerability_id VCID-11jm-yxbs-1kfj
summary The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a kinit operation with incorrect string case for the realm, related to the is_principal_in_realm, krb5_set_error_message, krb5_ldap_get_principal, and process_as_req functions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1527.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1527.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-1527
reference_id
reference_type
scores
0
value 0.02618
scoring_system epss
scoring_elements 0.85938
published_at 2026-06-04T12:55:00Z
1
value 0.02618
scoring_system epss
scoring_elements 0.8596
published_at 2026-06-05T12:55:00Z
2
value 0.02618
scoring_system epss
scoring_elements 0.85964
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-1527
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1527
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1527
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367
reference_id 646367
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=737711
reference_id 737711
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=737711
5
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
6
reference_url https://access.redhat.com/errata/RHSA-2011:1379
reference_id RHSA-2011:1379
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:1379
7
reference_url https://usn.ubuntu.com/1233-1/
reference_id USN-1233-1
reference_type
scores
url https://usn.ubuntu.com/1233-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
aliases CVE-2011-1527
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-11jm-yxbs-1kfj
1
url VCID-1nn6-mr7d-wyhk
vulnerability_id VCID-1nn6-mr7d-wyhk
summary The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated users to bypass a kadmin/* authorization check and obtain administrative access by leveraging access to a two-component principal with an initial "kadmind" substring, as demonstrated by a "ka/x" principal.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9422.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9422.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9422
reference_id
reference_type
scores
0
value 0.00794
scoring_system epss
scoring_elements 0.74304
published_at 2026-06-04T12:55:00Z
1
value 0.00794
scoring_system epss
scoring_elements 0.74337
published_at 2026-06-05T12:55:00Z
2
value 0.00794
scoring_system epss
scoring_elements 0.74342
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9422
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1179861
reference_id 1179861
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1179861
8
reference_url https://access.redhat.com/errata/RHSA-2015:0439
reference_id RHSA-2015:0439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0439
9
reference_url https://access.redhat.com/errata/RHSA-2015:0794
reference_id RHSA-2015:0794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0794
10
reference_url https://usn.ubuntu.com/2498-1/
reference_id USN-2498-1
reference_type
scores
url https://usn.ubuntu.com/2498-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
1
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19
aliases CVE-2014-9422
risk_score 1.1
exploitability 0.5
weighted_severity 2.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1nn6-mr7d-wyhk
2
url VCID-1sfq-jfju-2uh8
vulnerability_id VCID-1sfq-jfju-2uh8
summary Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5902.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5902.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-5902
reference_id
reference_type
scores
0
value 0.04002
scoring_system epss
scoring_elements 0.8864
published_at 2026-06-04T12:55:00Z
1
value 0.04002
scoring_system epss
scoring_elements 0.88657
published_at 2026-06-05T12:55:00Z
2
value 0.04002
scoring_system epss
scoring_elements 0.88658
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-5902
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5902
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=415341
reference_id 415341
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=415341
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454974
reference_id 454974
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454974
5
reference_url https://usn.ubuntu.com/924-1/
reference_id USN-924-1
reference_type
scores
url https://usn.ubuntu.com/924-1/
6
reference_url https://usn.ubuntu.com/940-1/
reference_id USN-940-1
reference_type
scores
url https://usn.ubuntu.com/940-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
purl pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sps-s2a3-wbad
3
vulnerability VCID-1u82-w13p-cfbk
4
vulnerability VCID-2674-wgen-1qbk
5
vulnerability VCID-2tn3-dfqx-5yc9
6
vulnerability VCID-3d22-kr2u-tuck
7
vulnerability VCID-3df1-58jr-e7gv
8
vulnerability VCID-3jcm-y59r-47a5
9
vulnerability VCID-3tas-mucv-aufk
10
vulnerability VCID-42rr-7ajf-eqg7
11
vulnerability VCID-4mm3-t6eu-4qde
12
vulnerability VCID-53pj-pwxv-qqhv
13
vulnerability VCID-596a-s3un-vbbc
14
vulnerability VCID-5jja-ssqm-skhu
15
vulnerability VCID-5thq-ff3f-h7f6
16
vulnerability VCID-6jnk-3rfw-nkh8
17
vulnerability VCID-7ey4-ge6f-9uct
18
vulnerability VCID-7wnb-bhuv-tycp
19
vulnerability VCID-8fxt-3wg4-dkbb
20
vulnerability VCID-9axv-m7xk-quax
21
vulnerability VCID-a4cc-w95t-8fh6
22
vulnerability VCID-at3s-18x4-n7e2
23
vulnerability VCID-b6a9-hnjx-c3gk
24
vulnerability VCID-bdmc-p544-bfg9
25
vulnerability VCID-bg27-2hv6-m7cx
26
vulnerability VCID-bkdg-dybz-t3fy
27
vulnerability VCID-bkqm-d2bp-f7fe
28
vulnerability VCID-c2t4-3vdu-wqf1
29
vulnerability VCID-c3qw-eazy-nyer
30
vulnerability VCID-c5ev-cgh8-3kda
31
vulnerability VCID-c5he-57zg-fybc
32
vulnerability VCID-d2qf-r6jd-r3c7
33
vulnerability VCID-d42v-zwu4-a3ge
34
vulnerability VCID-d53g-faqf-gfdp
35
vulnerability VCID-dbaq-qjd2-d7c9
36
vulnerability VCID-e1xu-a882-s3ga
37
vulnerability VCID-ekzs-tuvp-ybfq
38
vulnerability VCID-esm3-3qwz-cud2
39
vulnerability VCID-ezm2-e8zw-g7dg
40
vulnerability VCID-f343-u3jt-pkfy
41
vulnerability VCID-f72c-txrr-ukga
42
vulnerability VCID-fcy5-mv1a-n7dh
43
vulnerability VCID-fvfb-k9ar-93eu
44
vulnerability VCID-g9nw-c9d1-a3er
45
vulnerability VCID-h23e-nhyz-8uda
46
vulnerability VCID-hre7-pp7p-13fs
47
vulnerability VCID-husp-fm64-nfa9
48
vulnerability VCID-j145-f5mp-xkeq
49
vulnerability VCID-j6qa-q1h1-3uaq
50
vulnerability VCID-jbf6-vrjc-syg1
51
vulnerability VCID-jfhc-x8j6-yuab
52
vulnerability VCID-ksar-xuza-8kg7
53
vulnerability VCID-kszc-uv1w-syb1
54
vulnerability VCID-ktuq-s8bz-1qam
55
vulnerability VCID-kwy5-x7m9-4qgt
56
vulnerability VCID-mbrk-dkua-uyeq
57
vulnerability VCID-ny7t-pkm8-2fb4
58
vulnerability VCID-pbeh-n41k-s7au
59
vulnerability VCID-pj93-uzpy-3bg1
60
vulnerability VCID-pq2d-33kw-ayb7
61
vulnerability VCID-py4d-vrgu-5ueu
62
vulnerability VCID-rgc3-hzw1-3bcp
63
vulnerability VCID-s1hu-g4ns-5ydy
64
vulnerability VCID-sewn-mfcw-gygm
65
vulnerability VCID-t96y-1vd2-fqe3
66
vulnerability VCID-tg7a-etmk-6fea
67
vulnerability VCID-u4y9-vrsc-wbdy
68
vulnerability VCID-ukkj-tn8u-yuab
69
vulnerability VCID-v4b9-7gb8-7kf7
70
vulnerability VCID-vq2w-pgev-f7ha
71
vulnerability VCID-vuzh-e7pz-fqgt
72
vulnerability VCID-vxvk-vwan-ukak
73
vulnerability VCID-wc2t-bbf1-mua5
74
vulnerability VCID-xmhu-nkgw-kybr
75
vulnerability VCID-yejf-124s-hqgx
76
vulnerability VCID-yr93-awkm-v7ay
77
vulnerability VCID-yy22-6ztx-67d4
78
vulnerability VCID-zv6f-cpbv-a7b7
79
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
aliases CVE-2007-5902
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1sfq-jfju-2uh8
3
url VCID-1sps-s2a3-wbad
vulnerability_id VCID-1sps-s2a3-wbad
summary The prep_reprocess_req function in kdc/do_tgs_req.c in the cross-realm referral implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a ticket request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3295.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3295.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-3295
reference_id
reference_type
scores
0
value 0.02737
scoring_system epss
scoring_elements 0.86248
published_at 2026-06-04T12:55:00Z
1
value 0.02737
scoring_system epss
scoring_elements 0.8627
published_at 2026-06-05T12:55:00Z
2
value 0.02737
scoring_system epss
scoring_elements 0.86272
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-3295
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3295
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3295
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=545002
reference_id 545002
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=545002
4
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
5
reference_url https://usn.ubuntu.com/879-1/
reference_id USN-879-1
reference_type
scores
url https://usn.ubuntu.com/879-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2009-3295
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1sps-s2a3-wbad
4
url VCID-1u82-w13p-cfbk
vulnerability_id VCID-1u82-w13p-cfbk
summary The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via invalid ContextFlags data in the reqFlags field in a negTokenInit token.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0845.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0845.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0845
reference_id
reference_type
scores
0
value 0.19309
scoring_system epss
scoring_elements 0.95488
published_at 2026-06-04T12:55:00Z
1
value 0.19309
scoring_system epss
scoring_elements 0.95496
published_at 2026-06-05T12:55:00Z
2
value 0.19309
scoring_system epss
scoring_elements 0.95499
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0845
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0845
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0845
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=490634
reference_id 490634
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=490634
4
reference_url https://security.gentoo.org/glsa/200904-09
reference_id GLSA-200904-09
reference_type
scores
url https://security.gentoo.org/glsa/200904-09
5
reference_url https://access.redhat.com/errata/RHSA-2009:0408
reference_id RHSA-2009:0408
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:0408
6
reference_url https://usn.ubuntu.com/755-1/
reference_id USN-755-1
reference_type
scores
url https://usn.ubuntu.com/755-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2009-0845
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1u82-w13p-cfbk
5
url VCID-2674-wgen-1qbk
vulnerability_id VCID-2674-wgen-1qbk
summary Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via network traffic that appears to come from an intended acceptor, but specifies a security mechanism different from the one proposed by the initiator.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4343.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4343.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4343
reference_id
reference_type
scores
0
value 0.07384
scoring_system epss
scoring_elements 0.91864
published_at 2026-06-04T12:55:00Z
1
value 0.07384
scoring_system epss
scoring_elements 0.91876
published_at 2026-06-05T12:55:00Z
2
value 0.07384
scoring_system epss
scoring_elements 0.91877
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4343
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1121876
reference_id 1121876
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1121876
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755520
reference_id 755520
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755520
9
reference_url https://security.gentoo.org/glsa/201412-53
reference_id GLSA-201412-53
reference_type
scores
url https://security.gentoo.org/glsa/201412-53
10
reference_url https://access.redhat.com/errata/RHSA-2014:1389
reference_id RHSA-2014:1389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1389
11
reference_url https://access.redhat.com/errata/RHSA-2015:0439
reference_id RHSA-2015:0439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0439
12
reference_url https://usn.ubuntu.com/2310-1/
reference_id USN-2310-1
reference_type
scores
url https://usn.ubuntu.com/2310-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
1
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19
aliases CVE-2014-4343
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2674-wgen-1qbk
6
url VCID-2ca9-q5cr-guep
vulnerability_id VCID-2ca9-q5cr-guep
summary Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2443.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2443.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-2443
reference_id
reference_type
scores
0
value 0.32345
scoring_system epss
scoring_elements 0.96934
published_at 2026-06-04T12:55:00Z
1
value 0.32345
scoring_system epss
scoring_elements 0.96939
published_at 2026-06-05T12:55:00Z
2
value 0.32345
scoring_system epss
scoring_elements 0.96942
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-2443
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2443
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2443
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=245548
reference_id 245548
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=245548
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=430787
reference_id 430787
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=430787
5
reference_url https://security.gentoo.org/glsa/200707-11
reference_id GLSA-200707-11
reference_type
scores
url https://security.gentoo.org/glsa/200707-11
6
reference_url https://access.redhat.com/errata/RHSA-2007:0384
reference_id RHSA-2007:0384
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0384
7
reference_url https://access.redhat.com/errata/RHSA-2007:0562
reference_id RHSA-2007:0562
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0562
8
reference_url https://usn.ubuntu.com/477-1/
reference_id USN-477-1
reference_type
scores
url https://usn.ubuntu.com/477-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
purl pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sps-s2a3-wbad
3
vulnerability VCID-1u82-w13p-cfbk
4
vulnerability VCID-2674-wgen-1qbk
5
vulnerability VCID-2tn3-dfqx-5yc9
6
vulnerability VCID-3d22-kr2u-tuck
7
vulnerability VCID-3df1-58jr-e7gv
8
vulnerability VCID-3jcm-y59r-47a5
9
vulnerability VCID-3tas-mucv-aufk
10
vulnerability VCID-42rr-7ajf-eqg7
11
vulnerability VCID-4mm3-t6eu-4qde
12
vulnerability VCID-53pj-pwxv-qqhv
13
vulnerability VCID-596a-s3un-vbbc
14
vulnerability VCID-5jja-ssqm-skhu
15
vulnerability VCID-5thq-ff3f-h7f6
16
vulnerability VCID-6jnk-3rfw-nkh8
17
vulnerability VCID-7ey4-ge6f-9uct
18
vulnerability VCID-7wnb-bhuv-tycp
19
vulnerability VCID-8fxt-3wg4-dkbb
20
vulnerability VCID-9axv-m7xk-quax
21
vulnerability VCID-a4cc-w95t-8fh6
22
vulnerability VCID-at3s-18x4-n7e2
23
vulnerability VCID-b6a9-hnjx-c3gk
24
vulnerability VCID-bdmc-p544-bfg9
25
vulnerability VCID-bg27-2hv6-m7cx
26
vulnerability VCID-bkdg-dybz-t3fy
27
vulnerability VCID-bkqm-d2bp-f7fe
28
vulnerability VCID-c2t4-3vdu-wqf1
29
vulnerability VCID-c3qw-eazy-nyer
30
vulnerability VCID-c5ev-cgh8-3kda
31
vulnerability VCID-c5he-57zg-fybc
32
vulnerability VCID-d2qf-r6jd-r3c7
33
vulnerability VCID-d42v-zwu4-a3ge
34
vulnerability VCID-d53g-faqf-gfdp
35
vulnerability VCID-dbaq-qjd2-d7c9
36
vulnerability VCID-e1xu-a882-s3ga
37
vulnerability VCID-ekzs-tuvp-ybfq
38
vulnerability VCID-esm3-3qwz-cud2
39
vulnerability VCID-ezm2-e8zw-g7dg
40
vulnerability VCID-f343-u3jt-pkfy
41
vulnerability VCID-f72c-txrr-ukga
42
vulnerability VCID-fcy5-mv1a-n7dh
43
vulnerability VCID-fvfb-k9ar-93eu
44
vulnerability VCID-g9nw-c9d1-a3er
45
vulnerability VCID-h23e-nhyz-8uda
46
vulnerability VCID-hre7-pp7p-13fs
47
vulnerability VCID-husp-fm64-nfa9
48
vulnerability VCID-j145-f5mp-xkeq
49
vulnerability VCID-j6qa-q1h1-3uaq
50
vulnerability VCID-jbf6-vrjc-syg1
51
vulnerability VCID-jfhc-x8j6-yuab
52
vulnerability VCID-ksar-xuza-8kg7
53
vulnerability VCID-kszc-uv1w-syb1
54
vulnerability VCID-ktuq-s8bz-1qam
55
vulnerability VCID-kwy5-x7m9-4qgt
56
vulnerability VCID-mbrk-dkua-uyeq
57
vulnerability VCID-ny7t-pkm8-2fb4
58
vulnerability VCID-pbeh-n41k-s7au
59
vulnerability VCID-pj93-uzpy-3bg1
60
vulnerability VCID-pq2d-33kw-ayb7
61
vulnerability VCID-py4d-vrgu-5ueu
62
vulnerability VCID-rgc3-hzw1-3bcp
63
vulnerability VCID-s1hu-g4ns-5ydy
64
vulnerability VCID-sewn-mfcw-gygm
65
vulnerability VCID-t96y-1vd2-fqe3
66
vulnerability VCID-tg7a-etmk-6fea
67
vulnerability VCID-u4y9-vrsc-wbdy
68
vulnerability VCID-ukkj-tn8u-yuab
69
vulnerability VCID-v4b9-7gb8-7kf7
70
vulnerability VCID-vq2w-pgev-f7ha
71
vulnerability VCID-vuzh-e7pz-fqgt
72
vulnerability VCID-vxvk-vwan-ukak
73
vulnerability VCID-wc2t-bbf1-mua5
74
vulnerability VCID-xmhu-nkgw-kybr
75
vulnerability VCID-yejf-124s-hqgx
76
vulnerability VCID-yr93-awkm-v7ay
77
vulnerability VCID-yy22-6ztx-67d4
78
vulnerability VCID-zv6f-cpbv-a7b7
79
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
aliases CVE-2007-2443
risk_score 0.1
exploitability 0.5
weighted_severity 0.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2ca9-q5cr-guep
7
url VCID-2dct-5xex-6bhn
vulnerability_id VCID-2dct-5xex-6bhn
summary Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5971.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5971.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-5971
reference_id
reference_type
scores
0
value 0.0008
scoring_system epss
scoring_elements 0.2369
published_at 2026-06-04T12:55:00Z
1
value 0.0008
scoring_system epss
scoring_elements 0.23785
published_at 2026-06-05T12:55:00Z
2
value 0.0008
scoring_system epss
scoring_elements 0.2377
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-5971
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5971
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=415351
reference_id 415351
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=415351
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454974
reference_id 454974
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454974
5
reference_url https://security.gentoo.org/glsa/200803-31
reference_id GLSA-200803-31
reference_type
scores
url https://security.gentoo.org/glsa/200803-31
6
reference_url https://access.redhat.com/errata/RHSA-2008:0164
reference_id RHSA-2008:0164
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0164
7
reference_url https://access.redhat.com/errata/RHSA-2008:0180
reference_id RHSA-2008:0180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0180
8
reference_url https://usn.ubuntu.com/924-1/
reference_id USN-924-1
reference_type
scores
url https://usn.ubuntu.com/924-1/
9
reference_url https://usn.ubuntu.com/940-1/
reference_id USN-940-1
reference_type
scores
url https://usn.ubuntu.com/940-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
purl pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sps-s2a3-wbad
3
vulnerability VCID-1u82-w13p-cfbk
4
vulnerability VCID-2674-wgen-1qbk
5
vulnerability VCID-2tn3-dfqx-5yc9
6
vulnerability VCID-3d22-kr2u-tuck
7
vulnerability VCID-3df1-58jr-e7gv
8
vulnerability VCID-3jcm-y59r-47a5
9
vulnerability VCID-3tas-mucv-aufk
10
vulnerability VCID-42rr-7ajf-eqg7
11
vulnerability VCID-4mm3-t6eu-4qde
12
vulnerability VCID-53pj-pwxv-qqhv
13
vulnerability VCID-596a-s3un-vbbc
14
vulnerability VCID-5jja-ssqm-skhu
15
vulnerability VCID-5thq-ff3f-h7f6
16
vulnerability VCID-6jnk-3rfw-nkh8
17
vulnerability VCID-7ey4-ge6f-9uct
18
vulnerability VCID-7wnb-bhuv-tycp
19
vulnerability VCID-8fxt-3wg4-dkbb
20
vulnerability VCID-9axv-m7xk-quax
21
vulnerability VCID-a4cc-w95t-8fh6
22
vulnerability VCID-at3s-18x4-n7e2
23
vulnerability VCID-b6a9-hnjx-c3gk
24
vulnerability VCID-bdmc-p544-bfg9
25
vulnerability VCID-bg27-2hv6-m7cx
26
vulnerability VCID-bkdg-dybz-t3fy
27
vulnerability VCID-bkqm-d2bp-f7fe
28
vulnerability VCID-c2t4-3vdu-wqf1
29
vulnerability VCID-c3qw-eazy-nyer
30
vulnerability VCID-c5ev-cgh8-3kda
31
vulnerability VCID-c5he-57zg-fybc
32
vulnerability VCID-d2qf-r6jd-r3c7
33
vulnerability VCID-d42v-zwu4-a3ge
34
vulnerability VCID-d53g-faqf-gfdp
35
vulnerability VCID-dbaq-qjd2-d7c9
36
vulnerability VCID-e1xu-a882-s3ga
37
vulnerability VCID-ekzs-tuvp-ybfq
38
vulnerability VCID-esm3-3qwz-cud2
39
vulnerability VCID-ezm2-e8zw-g7dg
40
vulnerability VCID-f343-u3jt-pkfy
41
vulnerability VCID-f72c-txrr-ukga
42
vulnerability VCID-fcy5-mv1a-n7dh
43
vulnerability VCID-fvfb-k9ar-93eu
44
vulnerability VCID-g9nw-c9d1-a3er
45
vulnerability VCID-h23e-nhyz-8uda
46
vulnerability VCID-hre7-pp7p-13fs
47
vulnerability VCID-husp-fm64-nfa9
48
vulnerability VCID-j145-f5mp-xkeq
49
vulnerability VCID-j6qa-q1h1-3uaq
50
vulnerability VCID-jbf6-vrjc-syg1
51
vulnerability VCID-jfhc-x8j6-yuab
52
vulnerability VCID-ksar-xuza-8kg7
53
vulnerability VCID-kszc-uv1w-syb1
54
vulnerability VCID-ktuq-s8bz-1qam
55
vulnerability VCID-kwy5-x7m9-4qgt
56
vulnerability VCID-mbrk-dkua-uyeq
57
vulnerability VCID-ny7t-pkm8-2fb4
58
vulnerability VCID-pbeh-n41k-s7au
59
vulnerability VCID-pj93-uzpy-3bg1
60
vulnerability VCID-pq2d-33kw-ayb7
61
vulnerability VCID-py4d-vrgu-5ueu
62
vulnerability VCID-rgc3-hzw1-3bcp
63
vulnerability VCID-s1hu-g4ns-5ydy
64
vulnerability VCID-sewn-mfcw-gygm
65
vulnerability VCID-t96y-1vd2-fqe3
66
vulnerability VCID-tg7a-etmk-6fea
67
vulnerability VCID-u4y9-vrsc-wbdy
68
vulnerability VCID-ukkj-tn8u-yuab
69
vulnerability VCID-v4b9-7gb8-7kf7
70
vulnerability VCID-vq2w-pgev-f7ha
71
vulnerability VCID-vuzh-e7pz-fqgt
72
vulnerability VCID-vxvk-vwan-ukak
73
vulnerability VCID-wc2t-bbf1-mua5
74
vulnerability VCID-xmhu-nkgw-kybr
75
vulnerability VCID-yejf-124s-hqgx
76
vulnerability VCID-yr93-awkm-v7ay
77
vulnerability VCID-yy22-6ztx-67d4
78
vulnerability VCID-zv6f-cpbv-a7b7
79
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
aliases CVE-2007-5971
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2dct-5xex-6bhn
8
url VCID-2pmt-wrh2-kqgp
vulnerability_id VCID-2pmt-wrh2-kqgp
summary Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store this key.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5972.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5972.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-5972
reference_id
reference_type
scores
0
value 0.01923
scoring_system epss
scoring_elements 0.83691
published_at 2026-06-04T12:55:00Z
1
value 0.01923
scoring_system epss
scoring_elements 0.83715
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-5972
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5972
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=415361
reference_id 415361
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=415361
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454974
reference_id 454974
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454974
5
reference_url https://usn.ubuntu.com/924-1/
reference_id USN-924-1
reference_type
scores
url https://usn.ubuntu.com/924-1/
6
reference_url https://usn.ubuntu.com/940-1/
reference_id USN-940-1
reference_type
scores
url https://usn.ubuntu.com/940-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
purl pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sps-s2a3-wbad
3
vulnerability VCID-1u82-w13p-cfbk
4
vulnerability VCID-2674-wgen-1qbk
5
vulnerability VCID-2tn3-dfqx-5yc9
6
vulnerability VCID-3d22-kr2u-tuck
7
vulnerability VCID-3df1-58jr-e7gv
8
vulnerability VCID-3jcm-y59r-47a5
9
vulnerability VCID-3tas-mucv-aufk
10
vulnerability VCID-42rr-7ajf-eqg7
11
vulnerability VCID-4mm3-t6eu-4qde
12
vulnerability VCID-53pj-pwxv-qqhv
13
vulnerability VCID-596a-s3un-vbbc
14
vulnerability VCID-5jja-ssqm-skhu
15
vulnerability VCID-5thq-ff3f-h7f6
16
vulnerability VCID-6jnk-3rfw-nkh8
17
vulnerability VCID-7ey4-ge6f-9uct
18
vulnerability VCID-7wnb-bhuv-tycp
19
vulnerability VCID-8fxt-3wg4-dkbb
20
vulnerability VCID-9axv-m7xk-quax
21
vulnerability VCID-a4cc-w95t-8fh6
22
vulnerability VCID-at3s-18x4-n7e2
23
vulnerability VCID-b6a9-hnjx-c3gk
24
vulnerability VCID-bdmc-p544-bfg9
25
vulnerability VCID-bg27-2hv6-m7cx
26
vulnerability VCID-bkdg-dybz-t3fy
27
vulnerability VCID-bkqm-d2bp-f7fe
28
vulnerability VCID-c2t4-3vdu-wqf1
29
vulnerability VCID-c3qw-eazy-nyer
30
vulnerability VCID-c5ev-cgh8-3kda
31
vulnerability VCID-c5he-57zg-fybc
32
vulnerability VCID-d2qf-r6jd-r3c7
33
vulnerability VCID-d42v-zwu4-a3ge
34
vulnerability VCID-d53g-faqf-gfdp
35
vulnerability VCID-dbaq-qjd2-d7c9
36
vulnerability VCID-e1xu-a882-s3ga
37
vulnerability VCID-ekzs-tuvp-ybfq
38
vulnerability VCID-esm3-3qwz-cud2
39
vulnerability VCID-ezm2-e8zw-g7dg
40
vulnerability VCID-f343-u3jt-pkfy
41
vulnerability VCID-f72c-txrr-ukga
42
vulnerability VCID-fcy5-mv1a-n7dh
43
vulnerability VCID-fvfb-k9ar-93eu
44
vulnerability VCID-g9nw-c9d1-a3er
45
vulnerability VCID-h23e-nhyz-8uda
46
vulnerability VCID-hre7-pp7p-13fs
47
vulnerability VCID-husp-fm64-nfa9
48
vulnerability VCID-j145-f5mp-xkeq
49
vulnerability VCID-j6qa-q1h1-3uaq
50
vulnerability VCID-jbf6-vrjc-syg1
51
vulnerability VCID-jfhc-x8j6-yuab
52
vulnerability VCID-ksar-xuza-8kg7
53
vulnerability VCID-kszc-uv1w-syb1
54
vulnerability VCID-ktuq-s8bz-1qam
55
vulnerability VCID-kwy5-x7m9-4qgt
56
vulnerability VCID-mbrk-dkua-uyeq
57
vulnerability VCID-ny7t-pkm8-2fb4
58
vulnerability VCID-pbeh-n41k-s7au
59
vulnerability VCID-pj93-uzpy-3bg1
60
vulnerability VCID-pq2d-33kw-ayb7
61
vulnerability VCID-py4d-vrgu-5ueu
62
vulnerability VCID-rgc3-hzw1-3bcp
63
vulnerability VCID-s1hu-g4ns-5ydy
64
vulnerability VCID-sewn-mfcw-gygm
65
vulnerability VCID-t96y-1vd2-fqe3
66
vulnerability VCID-tg7a-etmk-6fea
67
vulnerability VCID-u4y9-vrsc-wbdy
68
vulnerability VCID-ukkj-tn8u-yuab
69
vulnerability VCID-v4b9-7gb8-7kf7
70
vulnerability VCID-vq2w-pgev-f7ha
71
vulnerability VCID-vuzh-e7pz-fqgt
72
vulnerability VCID-vxvk-vwan-ukak
73
vulnerability VCID-wc2t-bbf1-mua5
74
vulnerability VCID-xmhu-nkgw-kybr
75
vulnerability VCID-yejf-124s-hqgx
76
vulnerability VCID-yr93-awkm-v7ay
77
vulnerability VCID-yy22-6ztx-67d4
78
vulnerability VCID-zv6f-cpbv-a7b7
79
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
aliases CVE-2007-5972
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2pmt-wrh2-kqgp
9
url VCID-2tn3-dfqx-5yc9
vulnerability_id VCID-2tn3-dfqx-5yc9
summary Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL principal name.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8631.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8631.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8631
reference_id
reference_type
scores
0
value 0.02635
scoring_system epss
scoring_elements 0.85985
published_at 2026-06-04T12:55:00Z
1
value 0.02635
scoring_system epss
scoring_elements 0.86006
published_at 2026-06-05T12:55:00Z
2
value 0.02635
scoring_system epss
scoring_elements 0.86009
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8631
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:N/A:C
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1302642
reference_id 1302642
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1302642
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813126
reference_id 813126
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813126
7
reference_url https://access.redhat.com/errata/RHSA-2016:0493
reference_id RHSA-2016:0493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0493
8
reference_url https://access.redhat.com/errata/RHSA-2016:0532
reference_id RHSA-2016:0532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0532
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
1
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4
2
url pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
purl pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-3tas-mucv-aufk
2
vulnerability VCID-4mm3-t6eu-4qde
3
vulnerability VCID-c5he-57zg-fybc
4
vulnerability VCID-ekzs-tuvp-ybfq
5
vulnerability VCID-husp-fm64-nfa9
6
vulnerability VCID-j6qa-q1h1-3uaq
7
vulnerability VCID-jfhc-x8j6-yuab
8
vulnerability VCID-kwy5-x7m9-4qgt
9
vulnerability VCID-pq2d-33kw-ayb7
10
vulnerability VCID-rgc3-hzw1-3bcp
11
vulnerability VCID-s1hu-g4ns-5ydy
12
vulnerability VCID-tg7a-etmk-6fea
13
vulnerability VCID-u4y9-vrsc-wbdy
14
vulnerability VCID-wc2t-bbf1-mua5
15
vulnerability VCID-xmhu-nkgw-kybr
16
vulnerability VCID-yejf-124s-hqgx
17
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1
aliases CVE-2015-8631
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2tn3-dfqx-5yc9
10
url VCID-2ud2-gzrr-8bb9
vulnerability_id VCID-2ud2-gzrr-8bb9
summary Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5901.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5901.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-5901
reference_id
reference_type
scores
0
value 0.00111
scoring_system epss
scoring_elements 0.2909
published_at 2026-06-04T12:55:00Z
1
value 0.00111
scoring_system epss
scoring_elements 0.29161
published_at 2026-06-05T12:55:00Z
2
value 0.00111
scoring_system epss
scoring_elements 0.29128
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-5901
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5901
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=415321
reference_id 415321
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=415321
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454974
reference_id 454974
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454974
5
reference_url https://security.gentoo.org/glsa/200803-31
reference_id GLSA-200803-31
reference_type
scores
url https://security.gentoo.org/glsa/200803-31
6
reference_url https://access.redhat.com/errata/RHSA-2008:0164
reference_id RHSA-2008:0164
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0164
7
reference_url https://usn.ubuntu.com/924-1/
reference_id USN-924-1
reference_type
scores
url https://usn.ubuntu.com/924-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
purl pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sps-s2a3-wbad
3
vulnerability VCID-1u82-w13p-cfbk
4
vulnerability VCID-2674-wgen-1qbk
5
vulnerability VCID-2tn3-dfqx-5yc9
6
vulnerability VCID-3d22-kr2u-tuck
7
vulnerability VCID-3df1-58jr-e7gv
8
vulnerability VCID-3jcm-y59r-47a5
9
vulnerability VCID-3tas-mucv-aufk
10
vulnerability VCID-42rr-7ajf-eqg7
11
vulnerability VCID-4mm3-t6eu-4qde
12
vulnerability VCID-53pj-pwxv-qqhv
13
vulnerability VCID-596a-s3un-vbbc
14
vulnerability VCID-5jja-ssqm-skhu
15
vulnerability VCID-5thq-ff3f-h7f6
16
vulnerability VCID-6jnk-3rfw-nkh8
17
vulnerability VCID-7ey4-ge6f-9uct
18
vulnerability VCID-7wnb-bhuv-tycp
19
vulnerability VCID-8fxt-3wg4-dkbb
20
vulnerability VCID-9axv-m7xk-quax
21
vulnerability VCID-a4cc-w95t-8fh6
22
vulnerability VCID-at3s-18x4-n7e2
23
vulnerability VCID-b6a9-hnjx-c3gk
24
vulnerability VCID-bdmc-p544-bfg9
25
vulnerability VCID-bg27-2hv6-m7cx
26
vulnerability VCID-bkdg-dybz-t3fy
27
vulnerability VCID-bkqm-d2bp-f7fe
28
vulnerability VCID-c2t4-3vdu-wqf1
29
vulnerability VCID-c3qw-eazy-nyer
30
vulnerability VCID-c5ev-cgh8-3kda
31
vulnerability VCID-c5he-57zg-fybc
32
vulnerability VCID-d2qf-r6jd-r3c7
33
vulnerability VCID-d42v-zwu4-a3ge
34
vulnerability VCID-d53g-faqf-gfdp
35
vulnerability VCID-dbaq-qjd2-d7c9
36
vulnerability VCID-e1xu-a882-s3ga
37
vulnerability VCID-ekzs-tuvp-ybfq
38
vulnerability VCID-esm3-3qwz-cud2
39
vulnerability VCID-ezm2-e8zw-g7dg
40
vulnerability VCID-f343-u3jt-pkfy
41
vulnerability VCID-f72c-txrr-ukga
42
vulnerability VCID-fcy5-mv1a-n7dh
43
vulnerability VCID-fvfb-k9ar-93eu
44
vulnerability VCID-g9nw-c9d1-a3er
45
vulnerability VCID-h23e-nhyz-8uda
46
vulnerability VCID-hre7-pp7p-13fs
47
vulnerability VCID-husp-fm64-nfa9
48
vulnerability VCID-j145-f5mp-xkeq
49
vulnerability VCID-j6qa-q1h1-3uaq
50
vulnerability VCID-jbf6-vrjc-syg1
51
vulnerability VCID-jfhc-x8j6-yuab
52
vulnerability VCID-ksar-xuza-8kg7
53
vulnerability VCID-kszc-uv1w-syb1
54
vulnerability VCID-ktuq-s8bz-1qam
55
vulnerability VCID-kwy5-x7m9-4qgt
56
vulnerability VCID-mbrk-dkua-uyeq
57
vulnerability VCID-ny7t-pkm8-2fb4
58
vulnerability VCID-pbeh-n41k-s7au
59
vulnerability VCID-pj93-uzpy-3bg1
60
vulnerability VCID-pq2d-33kw-ayb7
61
vulnerability VCID-py4d-vrgu-5ueu
62
vulnerability VCID-rgc3-hzw1-3bcp
63
vulnerability VCID-s1hu-g4ns-5ydy
64
vulnerability VCID-sewn-mfcw-gygm
65
vulnerability VCID-t96y-1vd2-fqe3
66
vulnerability VCID-tg7a-etmk-6fea
67
vulnerability VCID-u4y9-vrsc-wbdy
68
vulnerability VCID-ukkj-tn8u-yuab
69
vulnerability VCID-v4b9-7gb8-7kf7
70
vulnerability VCID-vq2w-pgev-f7ha
71
vulnerability VCID-vuzh-e7pz-fqgt
72
vulnerability VCID-vxvk-vwan-ukak
73
vulnerability VCID-wc2t-bbf1-mua5
74
vulnerability VCID-xmhu-nkgw-kybr
75
vulnerability VCID-yejf-124s-hqgx
76
vulnerability VCID-yr93-awkm-v7ay
77
vulnerability VCID-yy22-6ztx-67d4
78
vulnerability VCID-zv6f-cpbv-a7b7
79
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
aliases CVE-2007-5901
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2ud2-gzrr-8bb9
11
url VCID-3d22-kr2u-tuck
vulnerability_id VCID-3d22-kr2u-tuck
summary krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40355.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40355.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-40355
reference_id
reference_type
scores
0
value 0.00108
scoring_system epss
scoring_elements 0.28666
published_at 2026-06-06T12:55:00Z
1
value 0.00108
scoring_system epss
scoring_elements 0.28707
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-40355
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40355
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135317
reference_id 1135317
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135317
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2463370
reference_id 2463370
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2463370
6
reference_url https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f
reference_id 2e75f0d9362fb979f5fc92829431a590a130929f
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-28T12:53:15Z/
url https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f
7
reference_url https://web.mit.edu/kerberos/advisories/
reference_id advisories
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-28T12:53:15Z/
url https://web.mit.edu/kerberos/advisories/
8
reference_url https://cems.fun/2026/04/27/krb5-two-unauthenticated-network-vulnerabilities.html
reference_id krb5-two-unauthenticated-network-vulnerabilities.html
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-28T12:53:15Z/
url https://cems.fun/2026/04/27/krb5-two-unauthenticated-network-vulnerabilities.html
9
reference_url https://access.redhat.com/errata/RHSA-2026:12220
reference_id RHSA-2026:12220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12220
10
reference_url https://access.redhat.com/errata/RHSA-2026:16799
reference_id RHSA-2026:16799
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16799
11
reference_url https://access.redhat.com/errata/RHSA-2026:19145
reference_id RHSA-2026:19145
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19145
12
reference_url https://access.redhat.com/errata/RHSA-2026:19357
reference_id RHSA-2026:19357
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19357
13
reference_url https://access.redhat.com/errata/RHSA-2026:21275
reference_id RHSA-2026:21275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21275
14
reference_url https://access.redhat.com/errata/RHSA-2026:22634
reference_id RHSA-2026:22634
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22634
fixed_packages
0
url pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4
purl pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.20.1-2%252Bdeb12u4
aliases CVE-2026-40355
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3d22-kr2u-tuck
12
url VCID-3df1-58jr-e7gv
vulnerability_id VCID-3df1-58jr-e7gv
summary plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by creating a database entry for a keyless principal, as demonstrated by a kadmin "add_principal -nokey" or "purgekeys -all" command.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5354.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5354.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-5354
reference_id
reference_type
scores
0
value 0.0054
scoring_system epss
scoring_elements 0.67978
published_at 2026-06-04T12:55:00Z
1
value 0.0054
scoring_system epss
scoring_elements 0.68017
published_at 2026-06-05T12:55:00Z
2
value 0.0054
scoring_system epss
scoring_elements 0.68025
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-5354
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5354
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1174546
reference_id 1174546
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1174546
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773228
reference_id 773228
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773228
5
reference_url https://usn.ubuntu.com/2498-1/
reference_id USN-2498-1
reference_type
scores
url https://usn.ubuntu.com/2498-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19
aliases CVE-2014-5354
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3df1-58jr-e7gv
13
url VCID-3jcm-y59r-47a5
vulnerability_id VCID-3jcm-y59r-47a5
summary The process_tgs_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS request that triggers an error other than the KRB5_KDB_NOENTRY error.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1530.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1530.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-1530
reference_id
reference_type
scores
0
value 0.00934
scoring_system epss
scoring_elements 0.76529
published_at 2026-06-04T12:55:00Z
1
value 0.00934
scoring_system epss
scoring_elements 0.76559
published_at 2026-06-05T12:55:00Z
2
value 0.00934
scoring_system epss
scoring_elements 0.76564
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-1530
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1530
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1530
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=753748
reference_id 753748
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=753748
4
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
5
reference_url https://access.redhat.com/errata/RHSA-2011:1790
reference_id RHSA-2011:1790
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:1790
6
reference_url https://usn.ubuntu.com/1290-1/
reference_id USN-1290-1
reference_type
scores
url https://usn.ubuntu.com/1290-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
aliases CVE-2011-1530
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3jcm-y59r-47a5
14
url VCID-3tas-mucv-aufk
vulnerability_id VCID-3tas-mucv-aufk
summary An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5710.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5710.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5710
reference_id
reference_type
scores
0
value 0.00385
scoring_system epss
scoring_elements 0.60026
published_at 2026-06-04T12:55:00Z
1
value 0.00385
scoring_system epss
scoring_elements 0.60073
published_at 2026-06-05T12:55:00Z
2
value 0.00385
scoring_system epss
scoring_elements 0.60076
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5710
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5710
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1535575
reference_id 1535575
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1535575
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889685
reference_id 889685
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889685
fixed_packages
0
url pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
purl pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-ekzs-tuvp-ybfq
2
vulnerability VCID-husp-fm64-nfa9
3
vulnerability VCID-jfhc-x8j6-yuab
4
vulnerability VCID-kwy5-x7m9-4qgt
5
vulnerability VCID-pq2d-33kw-ayb7
6
vulnerability VCID-s1hu-g4ns-5ydy
7
vulnerability VCID-tg7a-etmk-6fea
8
vulnerability VCID-u4y9-vrsc-wbdy
9
vulnerability VCID-wc2t-bbf1-mua5
10
vulnerability VCID-xmhu-nkgw-kybr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4
aliases CVE-2018-5710
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3tas-mucv-aufk
15
url VCID-42rr-7ajf-eqg7
vulnerability_id VCID-42rr-7ajf-eqg7
summary The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5353.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5353.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-5353
reference_id
reference_type
scores
0
value 0.00548
scoring_system epss
scoring_elements 0.68272
published_at 2026-06-04T12:55:00Z
1
value 0.00548
scoring_system epss
scoring_elements 0.68313
published_at 2026-06-05T12:55:00Z
2
value 0.00548
scoring_system epss
scoring_elements 0.68321
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-5353
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5353
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5353
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1174543
reference_id 1174543
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1174543
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773226
reference_id 773226
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773226
5
reference_url https://access.redhat.com/errata/RHSA-2015:0439
reference_id RHSA-2015:0439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0439
6
reference_url https://access.redhat.com/errata/RHSA-2015:0794
reference_id RHSA-2015:0794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0794
7
reference_url https://usn.ubuntu.com/2498-1/
reference_id USN-2498-1
reference_type
scores
url https://usn.ubuntu.com/2498-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19
aliases CVE-2014-5353
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-42rr-7ajf-eqg7
16
url VCID-4mm3-t6eu-4qde
vulnerability_id VCID-4mm3-t6eu-4qde
summary A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20217.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20217.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20217
reference_id
reference_type
scores
0
value 0.02665
scoring_system epss
scoring_elements 0.86077
published_at 2026-06-04T12:55:00Z
1
value 0.02665
scoring_system epss
scoring_elements 0.86098
published_at 2026-06-05T12:55:00Z
2
value 0.02665
scoring_system epss
scoring_elements 0.86102
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20217
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1665296
reference_id 1665296
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1665296
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917387
reference_id 917387
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917387
6
reference_url https://usn.ubuntu.com/5828-1/
reference_id USN-5828-1
reference_type
scores
url https://usn.ubuntu.com/5828-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
purl pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-ekzs-tuvp-ybfq
2
vulnerability VCID-husp-fm64-nfa9
3
vulnerability VCID-jfhc-x8j6-yuab
4
vulnerability VCID-kwy5-x7m9-4qgt
5
vulnerability VCID-pq2d-33kw-ayb7
6
vulnerability VCID-s1hu-g4ns-5ydy
7
vulnerability VCID-tg7a-etmk-6fea
8
vulnerability VCID-u4y9-vrsc-wbdy
9
vulnerability VCID-wc2t-bbf1-mua5
10
vulnerability VCID-xmhu-nkgw-kybr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4
aliases CVE-2018-20217
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4mm3-t6eu-4qde
17
url VCID-53pj-pwxv-qqhv
vulnerability_id VCID-53pj-pwxv-qqhv
summary Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4862.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4862.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4862
reference_id
reference_type
scores
0
value 0.92585
scoring_system epss
scoring_elements 0.99755
published_at 2026-06-05T12:55:00Z
1
value 0.92585
scoring_system epss
scoring_elements 0.99756
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4862
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=770325
reference_id 770325
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=770325
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/remote/18369.rb
reference_id CVE-2011-4862;OSVDB-78020
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/remote/18369.rb
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/18280.c
reference_id CVE-2011-4862;OSVDB-78020
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/18280.c
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/18368.rb
reference_id CVE-2011-4862;OSVDB-78020
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/18368.rb
7
reference_url https://security.gentoo.org/glsa/201201-14
reference_id GLSA-201201-14
reference_type
scores
url https://security.gentoo.org/glsa/201201-14
8
reference_url https://security.gentoo.org/glsa/201202-05
reference_id GLSA-201202-05
reference_type
scores
url https://security.gentoo.org/glsa/201202-05
9
reference_url https://access.redhat.com/errata/RHSA-2011:1851
reference_id RHSA-2011:1851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:1851
10
reference_url https://access.redhat.com/errata/RHSA-2011:1852
reference_id RHSA-2011:1852
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:1852
11
reference_url https://access.redhat.com/errata/RHSA-2011:1853
reference_id RHSA-2011:1853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:1853
12
reference_url https://access.redhat.com/errata/RHSA-2011:1854
reference_id RHSA-2011:1854
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:1854
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2011-4862
risk_score 1.6
exploitability 2.0
weighted_severity 0.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-53pj-pwxv-qqhv
18
url VCID-56jv-ftkh-e7bg
vulnerability_id VCID-56jv-ftkh-e7bg
summary Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0947.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0947.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-0947
reference_id
reference_type
scores
0
value 0.45097
scoring_system epss
scoring_elements 0.97659
published_at 2026-06-04T12:55:00Z
1
value 0.45097
scoring_system epss
scoring_elements 0.97663
published_at 2026-06-05T12:55:00Z
2
value 0.45097
scoring_system epss
scoring_elements 0.97665
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-0947
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=433596
reference_id 433596
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=433596
4
reference_url https://security.gentoo.org/glsa/200803-31
reference_id GLSA-200803-31
reference_type
scores
url https://security.gentoo.org/glsa/200803-31
5
reference_url https://access.redhat.com/errata/RHSA-2008:0164
reference_id RHSA-2008:0164
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0164
6
reference_url https://usn.ubuntu.com/587-1/
reference_id USN-587-1
reference_type
scores
url https://usn.ubuntu.com/587-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
purl pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sps-s2a3-wbad
3
vulnerability VCID-1u82-w13p-cfbk
4
vulnerability VCID-2674-wgen-1qbk
5
vulnerability VCID-2tn3-dfqx-5yc9
6
vulnerability VCID-3d22-kr2u-tuck
7
vulnerability VCID-3df1-58jr-e7gv
8
vulnerability VCID-3jcm-y59r-47a5
9
vulnerability VCID-3tas-mucv-aufk
10
vulnerability VCID-42rr-7ajf-eqg7
11
vulnerability VCID-4mm3-t6eu-4qde
12
vulnerability VCID-53pj-pwxv-qqhv
13
vulnerability VCID-596a-s3un-vbbc
14
vulnerability VCID-5jja-ssqm-skhu
15
vulnerability VCID-5thq-ff3f-h7f6
16
vulnerability VCID-6jnk-3rfw-nkh8
17
vulnerability VCID-7ey4-ge6f-9uct
18
vulnerability VCID-7wnb-bhuv-tycp
19
vulnerability VCID-8fxt-3wg4-dkbb
20
vulnerability VCID-9axv-m7xk-quax
21
vulnerability VCID-a4cc-w95t-8fh6
22
vulnerability VCID-at3s-18x4-n7e2
23
vulnerability VCID-b6a9-hnjx-c3gk
24
vulnerability VCID-bdmc-p544-bfg9
25
vulnerability VCID-bg27-2hv6-m7cx
26
vulnerability VCID-bkdg-dybz-t3fy
27
vulnerability VCID-bkqm-d2bp-f7fe
28
vulnerability VCID-c2t4-3vdu-wqf1
29
vulnerability VCID-c3qw-eazy-nyer
30
vulnerability VCID-c5ev-cgh8-3kda
31
vulnerability VCID-c5he-57zg-fybc
32
vulnerability VCID-d2qf-r6jd-r3c7
33
vulnerability VCID-d42v-zwu4-a3ge
34
vulnerability VCID-d53g-faqf-gfdp
35
vulnerability VCID-dbaq-qjd2-d7c9
36
vulnerability VCID-e1xu-a882-s3ga
37
vulnerability VCID-ekzs-tuvp-ybfq
38
vulnerability VCID-esm3-3qwz-cud2
39
vulnerability VCID-ezm2-e8zw-g7dg
40
vulnerability VCID-f343-u3jt-pkfy
41
vulnerability VCID-f72c-txrr-ukga
42
vulnerability VCID-fcy5-mv1a-n7dh
43
vulnerability VCID-fvfb-k9ar-93eu
44
vulnerability VCID-g9nw-c9d1-a3er
45
vulnerability VCID-h23e-nhyz-8uda
46
vulnerability VCID-hre7-pp7p-13fs
47
vulnerability VCID-husp-fm64-nfa9
48
vulnerability VCID-j145-f5mp-xkeq
49
vulnerability VCID-j6qa-q1h1-3uaq
50
vulnerability VCID-jbf6-vrjc-syg1
51
vulnerability VCID-jfhc-x8j6-yuab
52
vulnerability VCID-ksar-xuza-8kg7
53
vulnerability VCID-kszc-uv1w-syb1
54
vulnerability VCID-ktuq-s8bz-1qam
55
vulnerability VCID-kwy5-x7m9-4qgt
56
vulnerability VCID-mbrk-dkua-uyeq
57
vulnerability VCID-ny7t-pkm8-2fb4
58
vulnerability VCID-pbeh-n41k-s7au
59
vulnerability VCID-pj93-uzpy-3bg1
60
vulnerability VCID-pq2d-33kw-ayb7
61
vulnerability VCID-py4d-vrgu-5ueu
62
vulnerability VCID-rgc3-hzw1-3bcp
63
vulnerability VCID-s1hu-g4ns-5ydy
64
vulnerability VCID-sewn-mfcw-gygm
65
vulnerability VCID-t96y-1vd2-fqe3
66
vulnerability VCID-tg7a-etmk-6fea
67
vulnerability VCID-u4y9-vrsc-wbdy
68
vulnerability VCID-ukkj-tn8u-yuab
69
vulnerability VCID-v4b9-7gb8-7kf7
70
vulnerability VCID-vq2w-pgev-f7ha
71
vulnerability VCID-vuzh-e7pz-fqgt
72
vulnerability VCID-vxvk-vwan-ukak
73
vulnerability VCID-wc2t-bbf1-mua5
74
vulnerability VCID-xmhu-nkgw-kybr
75
vulnerability VCID-yejf-124s-hqgx
76
vulnerability VCID-yr93-awkm-v7ay
77
vulnerability VCID-yy22-6ztx-67d4
78
vulnerability VCID-zv6f-cpbv-a7b7
79
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
aliases CVE-2008-0947
risk_score 0.2
exploitability 0.5
weighted_severity 0.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-56jv-ftkh-e7bg
19
url VCID-596a-s3un-vbbc
vulnerability_id VCID-596a-s3un-vbbc
summary The auth_gssapi_unwrap_data function in lib/rpc/auth_gssapi_misc.c in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly handle partial XDR deserialization, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via malformed XDR data, as demonstrated by data sent to kadmind.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9421.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9421.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9421
reference_id
reference_type
scores
0
value 0.05356
scoring_system epss
scoring_elements 0.90245
published_at 2026-06-04T12:55:00Z
1
value 0.05356
scoring_system epss
scoring_elements 0.90261
published_at 2026-06-05T12:55:00Z
2
value 0.05356
scoring_system epss
scoring_elements 0.90259
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9421
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1179857
reference_id 1179857
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1179857
8
reference_url https://access.redhat.com/errata/RHSA-2015:0439
reference_id RHSA-2015:0439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0439
9
reference_url https://access.redhat.com/errata/RHSA-2015:0794
reference_id RHSA-2015:0794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0794
10
reference_url https://usn.ubuntu.com/2498-1/
reference_id USN-2498-1
reference_type
scores
url https://usn.ubuntu.com/2498-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
1
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19
aliases CVE-2014-9421
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-596a-s3un-vbbc
20
url VCID-5jja-ssqm-skhu
vulnerability_id VCID-5jja-ssqm-skhu
summary MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1323.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1323.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-1323
reference_id
reference_type
scores
0
value 0.04735
scoring_system epss
scoring_elements 0.89594
published_at 2026-06-04T12:55:00Z
1
value 0.04735
scoring_system epss
scoring_elements 0.89612
published_at 2026-06-05T12:55:00Z
2
value 0.04735
scoring_system epss
scoring_elements 0.89611
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-1323
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605553
reference_id 605553
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605553
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=648734
reference_id 648734
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=648734
5
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
6
reference_url https://access.redhat.com/errata/RHSA-2010:0925
reference_id RHSA-2010:0925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0925
7
reference_url https://access.redhat.com/errata/RHSA-2010:0926
reference_id RHSA-2010:0926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0926
8
reference_url https://usn.ubuntu.com/1030-1/
reference_id USN-1030-1
reference_type
scores
url https://usn.ubuntu.com/1030-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2010-1323
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5jja-ssqm-skhu
21
url VCID-5thq-ff3f-h7f6
vulnerability_id VCID-5thq-ff3f-h7f6
summary The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to cause a denial of service (daemon crash) and possibly obtain sensitive information via a crafted length value that triggers a buffer over-read.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0844.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0844.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0844
reference_id
reference_type
scores
0
value 0.03433
scoring_system epss
scoring_elements 0.8769
published_at 2026-06-04T12:55:00Z
1
value 0.03433
scoring_system epss
scoring_elements 0.87711
published_at 2026-06-05T12:55:00Z
2
value 0.03433
scoring_system epss
scoring_elements 0.87713
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0844
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0844
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0844
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=491033
reference_id 491033
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=491033
4
reference_url https://security.gentoo.org/glsa/200904-09
reference_id GLSA-200904-09
reference_type
scores
url https://security.gentoo.org/glsa/200904-09
5
reference_url https://access.redhat.com/errata/RHSA-2009:0408
reference_id RHSA-2009:0408
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:0408
6
reference_url https://usn.ubuntu.com/755-1/
reference_id USN-755-1
reference_type
scores
url https://usn.ubuntu.com/755-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2009-0844
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5thq-ff3f-h7f6
22
url VCID-66wn-48ee-8qd8
vulnerability_id VCID-66wn-48ee-8qd8
summary Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an "an invalid direction encoding".
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1216.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1216.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-1216
reference_id
reference_type
scores
0
value 0.25853
scoring_system epss
scoring_elements 0.96364
published_at 2026-06-04T12:55:00Z
1
value 0.25853
scoring_system epss
scoring_elements 0.96369
published_at 2026-06-05T12:55:00Z
2
value 0.25853
scoring_system epss
scoring_elements 0.96372
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-1216
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=231537
reference_id 231537
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=231537
4
reference_url https://security.gentoo.org/glsa/200704-02
reference_id GLSA-200704-02
reference_type
scores
url https://security.gentoo.org/glsa/200704-02
5
reference_url https://access.redhat.com/errata/RHSA-2007:0095
reference_id RHSA-2007:0095
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0095
6
reference_url https://usn.ubuntu.com/449-1/
reference_id USN-449-1
reference_type
scores
url https://usn.ubuntu.com/449-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
purl pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sps-s2a3-wbad
3
vulnerability VCID-1u82-w13p-cfbk
4
vulnerability VCID-2674-wgen-1qbk
5
vulnerability VCID-2tn3-dfqx-5yc9
6
vulnerability VCID-3d22-kr2u-tuck
7
vulnerability VCID-3df1-58jr-e7gv
8
vulnerability VCID-3jcm-y59r-47a5
9
vulnerability VCID-3tas-mucv-aufk
10
vulnerability VCID-42rr-7ajf-eqg7
11
vulnerability VCID-4mm3-t6eu-4qde
12
vulnerability VCID-53pj-pwxv-qqhv
13
vulnerability VCID-596a-s3un-vbbc
14
vulnerability VCID-5jja-ssqm-skhu
15
vulnerability VCID-5thq-ff3f-h7f6
16
vulnerability VCID-6jnk-3rfw-nkh8
17
vulnerability VCID-7ey4-ge6f-9uct
18
vulnerability VCID-7wnb-bhuv-tycp
19
vulnerability VCID-8fxt-3wg4-dkbb
20
vulnerability VCID-9axv-m7xk-quax
21
vulnerability VCID-a4cc-w95t-8fh6
22
vulnerability VCID-at3s-18x4-n7e2
23
vulnerability VCID-b6a9-hnjx-c3gk
24
vulnerability VCID-bdmc-p544-bfg9
25
vulnerability VCID-bg27-2hv6-m7cx
26
vulnerability VCID-bkdg-dybz-t3fy
27
vulnerability VCID-bkqm-d2bp-f7fe
28
vulnerability VCID-c2t4-3vdu-wqf1
29
vulnerability VCID-c3qw-eazy-nyer
30
vulnerability VCID-c5ev-cgh8-3kda
31
vulnerability VCID-c5he-57zg-fybc
32
vulnerability VCID-d2qf-r6jd-r3c7
33
vulnerability VCID-d42v-zwu4-a3ge
34
vulnerability VCID-d53g-faqf-gfdp
35
vulnerability VCID-dbaq-qjd2-d7c9
36
vulnerability VCID-e1xu-a882-s3ga
37
vulnerability VCID-ekzs-tuvp-ybfq
38
vulnerability VCID-esm3-3qwz-cud2
39
vulnerability VCID-ezm2-e8zw-g7dg
40
vulnerability VCID-f343-u3jt-pkfy
41
vulnerability VCID-f72c-txrr-ukga
42
vulnerability VCID-fcy5-mv1a-n7dh
43
vulnerability VCID-fvfb-k9ar-93eu
44
vulnerability VCID-g9nw-c9d1-a3er
45
vulnerability VCID-h23e-nhyz-8uda
46
vulnerability VCID-hre7-pp7p-13fs
47
vulnerability VCID-husp-fm64-nfa9
48
vulnerability VCID-j145-f5mp-xkeq
49
vulnerability VCID-j6qa-q1h1-3uaq
50
vulnerability VCID-jbf6-vrjc-syg1
51
vulnerability VCID-jfhc-x8j6-yuab
52
vulnerability VCID-ksar-xuza-8kg7
53
vulnerability VCID-kszc-uv1w-syb1
54
vulnerability VCID-ktuq-s8bz-1qam
55
vulnerability VCID-kwy5-x7m9-4qgt
56
vulnerability VCID-mbrk-dkua-uyeq
57
vulnerability VCID-ny7t-pkm8-2fb4
58
vulnerability VCID-pbeh-n41k-s7au
59
vulnerability VCID-pj93-uzpy-3bg1
60
vulnerability VCID-pq2d-33kw-ayb7
61
vulnerability VCID-py4d-vrgu-5ueu
62
vulnerability VCID-rgc3-hzw1-3bcp
63
vulnerability VCID-s1hu-g4ns-5ydy
64
vulnerability VCID-sewn-mfcw-gygm
65
vulnerability VCID-t96y-1vd2-fqe3
66
vulnerability VCID-tg7a-etmk-6fea
67
vulnerability VCID-u4y9-vrsc-wbdy
68
vulnerability VCID-ukkj-tn8u-yuab
69
vulnerability VCID-v4b9-7gb8-7kf7
70
vulnerability VCID-vq2w-pgev-f7ha
71
vulnerability VCID-vuzh-e7pz-fqgt
72
vulnerability VCID-vxvk-vwan-ukak
73
vulnerability VCID-wc2t-bbf1-mua5
74
vulnerability VCID-xmhu-nkgw-kybr
75
vulnerability VCID-yejf-124s-hqgx
76
vulnerability VCID-yr93-awkm-v7ay
77
vulnerability VCID-yy22-6ztx-67d4
78
vulnerability VCID-zv6f-cpbv-a7b7
79
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
aliases CVE-2007-1216
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-66wn-48ee-8qd8
23
url VCID-6jnk-3rfw-nkh8
vulnerability_id VCID-6jnk-3rfw-nkh8
summary MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' character, which allows remote attackers to (1) cause a denial of service (NULL pointer dereference) via a zero-byte version string or (2) cause a denial of service (out-of-bounds read) by omitting the '\0' character, related to appl/user_user/server.c and lib/krb5/krb/recvauth.c.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5355.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5355.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-5355
reference_id
reference_type
scores
0
value 0.08201
scoring_system epss
scoring_elements 0.92352
published_at 2026-06-04T12:55:00Z
1
value 0.08201
scoring_system epss
scoring_elements 0.92366
published_at 2026-06-05T12:55:00Z
2
value 0.08201
scoring_system epss
scoring_elements 0.92362
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-5355
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5355
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1193939
reference_id 1193939
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1193939
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778647
reference_id 778647
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778647
6
reference_url https://access.redhat.com/errata/RHSA-2015:0794
reference_id RHSA-2015:0794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0794
7
reference_url https://access.redhat.com/errata/RHSA-2015:2154
reference_id RHSA-2015:2154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2154
8
reference_url https://usn.ubuntu.com/2810-1/
reference_id USN-2810-1
reference_type
scores
url https://usn.ubuntu.com/2810-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19
aliases CVE-2014-5355
risk_score 1.2
exploitability 0.5
weighted_severity 2.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6jnk-3rfw-nkh8
24
url VCID-7azb-3ws6-mbh8
vulnerability_id VCID-7azb-3ws6-mbh8
summary Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2798.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2798.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-2798
reference_id
reference_type
scores
0
value 0.34892
scoring_system epss
scoring_elements 0.97112
published_at 2026-06-04T12:55:00Z
1
value 0.34892
scoring_system epss
scoring_elements 0.97116
published_at 2026-06-05T12:55:00Z
2
value 0.34892
scoring_system epss
scoring_elements 0.97117
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-2798
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2798
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=245549
reference_id 245549
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=245549
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=430785
reference_id 430785
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=430785
5
reference_url https://security.gentoo.org/glsa/200707-11
reference_id GLSA-200707-11
reference_type
scores
url https://security.gentoo.org/glsa/200707-11
6
reference_url https://access.redhat.com/errata/RHSA-2007:0384
reference_id RHSA-2007:0384
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0384
7
reference_url https://access.redhat.com/errata/RHSA-2007:0562
reference_id RHSA-2007:0562
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0562
8
reference_url https://usn.ubuntu.com/477-1/
reference_id USN-477-1
reference_type
scores
url https://usn.ubuntu.com/477-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
purl pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sps-s2a3-wbad
3
vulnerability VCID-1u82-w13p-cfbk
4
vulnerability VCID-2674-wgen-1qbk
5
vulnerability VCID-2tn3-dfqx-5yc9
6
vulnerability VCID-3d22-kr2u-tuck
7
vulnerability VCID-3df1-58jr-e7gv
8
vulnerability VCID-3jcm-y59r-47a5
9
vulnerability VCID-3tas-mucv-aufk
10
vulnerability VCID-42rr-7ajf-eqg7
11
vulnerability VCID-4mm3-t6eu-4qde
12
vulnerability VCID-53pj-pwxv-qqhv
13
vulnerability VCID-596a-s3un-vbbc
14
vulnerability VCID-5jja-ssqm-skhu
15
vulnerability VCID-5thq-ff3f-h7f6
16
vulnerability VCID-6jnk-3rfw-nkh8
17
vulnerability VCID-7ey4-ge6f-9uct
18
vulnerability VCID-7wnb-bhuv-tycp
19
vulnerability VCID-8fxt-3wg4-dkbb
20
vulnerability VCID-9axv-m7xk-quax
21
vulnerability VCID-a4cc-w95t-8fh6
22
vulnerability VCID-at3s-18x4-n7e2
23
vulnerability VCID-b6a9-hnjx-c3gk
24
vulnerability VCID-bdmc-p544-bfg9
25
vulnerability VCID-bg27-2hv6-m7cx
26
vulnerability VCID-bkdg-dybz-t3fy
27
vulnerability VCID-bkqm-d2bp-f7fe
28
vulnerability VCID-c2t4-3vdu-wqf1
29
vulnerability VCID-c3qw-eazy-nyer
30
vulnerability VCID-c5ev-cgh8-3kda
31
vulnerability VCID-c5he-57zg-fybc
32
vulnerability VCID-d2qf-r6jd-r3c7
33
vulnerability VCID-d42v-zwu4-a3ge
34
vulnerability VCID-d53g-faqf-gfdp
35
vulnerability VCID-dbaq-qjd2-d7c9
36
vulnerability VCID-e1xu-a882-s3ga
37
vulnerability VCID-ekzs-tuvp-ybfq
38
vulnerability VCID-esm3-3qwz-cud2
39
vulnerability VCID-ezm2-e8zw-g7dg
40
vulnerability VCID-f343-u3jt-pkfy
41
vulnerability VCID-f72c-txrr-ukga
42
vulnerability VCID-fcy5-mv1a-n7dh
43
vulnerability VCID-fvfb-k9ar-93eu
44
vulnerability VCID-g9nw-c9d1-a3er
45
vulnerability VCID-h23e-nhyz-8uda
46
vulnerability VCID-hre7-pp7p-13fs
47
vulnerability VCID-husp-fm64-nfa9
48
vulnerability VCID-j145-f5mp-xkeq
49
vulnerability VCID-j6qa-q1h1-3uaq
50
vulnerability VCID-jbf6-vrjc-syg1
51
vulnerability VCID-jfhc-x8j6-yuab
52
vulnerability VCID-ksar-xuza-8kg7
53
vulnerability VCID-kszc-uv1w-syb1
54
vulnerability VCID-ktuq-s8bz-1qam
55
vulnerability VCID-kwy5-x7m9-4qgt
56
vulnerability VCID-mbrk-dkua-uyeq
57
vulnerability VCID-ny7t-pkm8-2fb4
58
vulnerability VCID-pbeh-n41k-s7au
59
vulnerability VCID-pj93-uzpy-3bg1
60
vulnerability VCID-pq2d-33kw-ayb7
61
vulnerability VCID-py4d-vrgu-5ueu
62
vulnerability VCID-rgc3-hzw1-3bcp
63
vulnerability VCID-s1hu-g4ns-5ydy
64
vulnerability VCID-sewn-mfcw-gygm
65
vulnerability VCID-t96y-1vd2-fqe3
66
vulnerability VCID-tg7a-etmk-6fea
67
vulnerability VCID-u4y9-vrsc-wbdy
68
vulnerability VCID-ukkj-tn8u-yuab
69
vulnerability VCID-v4b9-7gb8-7kf7
70
vulnerability VCID-vq2w-pgev-f7ha
71
vulnerability VCID-vuzh-e7pz-fqgt
72
vulnerability VCID-vxvk-vwan-ukak
73
vulnerability VCID-wc2t-bbf1-mua5
74
vulnerability VCID-xmhu-nkgw-kybr
75
vulnerability VCID-yejf-124s-hqgx
76
vulnerability VCID-yr93-awkm-v7ay
77
vulnerability VCID-yy22-6ztx-67d4
78
vulnerability VCID-zv6f-cpbv-a7b7
79
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
aliases CVE-2007-2798
risk_score 0.1
exploitability 0.5
weighted_severity 0.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7azb-3ws6-mbh8
25
url VCID-7ey4-ge6f-9uct
vulnerability_id VCID-7ey4-ge6f-9uct
summary The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, aka a "KrbFastReq forgery issue."
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4021.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4021.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-4021
reference_id
reference_type
scores
0
value 0.0047
scoring_system epss
scoring_elements 0.64922
published_at 2026-06-04T12:55:00Z
1
value 0.0047
scoring_system epss
scoring_elements 0.64965
published_at 2026-06-05T12:55:00Z
2
value 0.0047
scoring_system epss
scoring_elements 0.64975
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-4021
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4021
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4021
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=648736
reference_id 648736
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=648736
4
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
5
reference_url https://usn.ubuntu.com/1030-1/
reference_id USN-1030-1
reference_type
scores
url https://usn.ubuntu.com/1030-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2010-4021
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ey4-ge6f-9uct
26
url VCID-7wnb-bhuv-tycp
vulnerability_id VCID-7wnb-bhuv-tycp
summary schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-2443.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-2443.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-2443
reference_id
reference_type
scores
0
value 0.15013
scoring_system epss
scoring_elements 0.94695
published_at 2026-06-04T12:55:00Z
1
value 0.15013
scoring_system epss
scoring_elements 0.94704
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-2443
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708267
reference_id 708267
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708267
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=962531
reference_id 962531
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=962531
5
reference_url https://security.gentoo.org/glsa/201312-12
reference_id GLSA-201312-12
reference_type
scores
url https://security.gentoo.org/glsa/201312-12
6
reference_url https://access.redhat.com/errata/RHSA-2013:0942
reference_id RHSA-2013:0942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0942
7
reference_url https://usn.ubuntu.com/2810-1/
reference_id USN-2810-1
reference_type
scores
url https://usn.ubuntu.com/2810-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
1
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19
aliases CVE-2002-2443
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7wnb-bhuv-tycp
27
url VCID-7wvx-d25a-dkfc
vulnerability_id VCID-7wvx-d25a-dkfc
summary The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4000.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4000.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-4000
reference_id
reference_type
scores
0
value 0.24528
scoring_system epss
scoring_elements 0.96222
published_at 2026-06-04T12:55:00Z
1
value 0.24528
scoring_system epss
scoring_elements 0.96227
published_at 2026-06-05T12:55:00Z
2
value 0.24528
scoring_system epss
scoring_elements 0.96229
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-4000
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4000
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4000
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=250976
reference_id 250976
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=250976
4
reference_url https://security.gentoo.org/glsa/200709-01
reference_id GLSA-200709-01
reference_type
scores
url https://security.gentoo.org/glsa/200709-01
5
reference_url https://access.redhat.com/errata/RHSA-2007:0858
reference_id RHSA-2007:0858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0858
fixed_packages
0
url pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
purl pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sps-s2a3-wbad
3
vulnerability VCID-1u82-w13p-cfbk
4
vulnerability VCID-2674-wgen-1qbk
5
vulnerability VCID-2tn3-dfqx-5yc9
6
vulnerability VCID-3d22-kr2u-tuck
7
vulnerability VCID-3df1-58jr-e7gv
8
vulnerability VCID-3jcm-y59r-47a5
9
vulnerability VCID-3tas-mucv-aufk
10
vulnerability VCID-42rr-7ajf-eqg7
11
vulnerability VCID-4mm3-t6eu-4qde
12
vulnerability VCID-53pj-pwxv-qqhv
13
vulnerability VCID-596a-s3un-vbbc
14
vulnerability VCID-5jja-ssqm-skhu
15
vulnerability VCID-5thq-ff3f-h7f6
16
vulnerability VCID-6jnk-3rfw-nkh8
17
vulnerability VCID-7ey4-ge6f-9uct
18
vulnerability VCID-7wnb-bhuv-tycp
19
vulnerability VCID-8fxt-3wg4-dkbb
20
vulnerability VCID-9axv-m7xk-quax
21
vulnerability VCID-a4cc-w95t-8fh6
22
vulnerability VCID-at3s-18x4-n7e2
23
vulnerability VCID-b6a9-hnjx-c3gk
24
vulnerability VCID-bdmc-p544-bfg9
25
vulnerability VCID-bg27-2hv6-m7cx
26
vulnerability VCID-bkdg-dybz-t3fy
27
vulnerability VCID-bkqm-d2bp-f7fe
28
vulnerability VCID-c2t4-3vdu-wqf1
29
vulnerability VCID-c3qw-eazy-nyer
30
vulnerability VCID-c5ev-cgh8-3kda
31
vulnerability VCID-c5he-57zg-fybc
32
vulnerability VCID-d2qf-r6jd-r3c7
33
vulnerability VCID-d42v-zwu4-a3ge
34
vulnerability VCID-d53g-faqf-gfdp
35
vulnerability VCID-dbaq-qjd2-d7c9
36
vulnerability VCID-e1xu-a882-s3ga
37
vulnerability VCID-ekzs-tuvp-ybfq
38
vulnerability VCID-esm3-3qwz-cud2
39
vulnerability VCID-ezm2-e8zw-g7dg
40
vulnerability VCID-f343-u3jt-pkfy
41
vulnerability VCID-f72c-txrr-ukga
42
vulnerability VCID-fcy5-mv1a-n7dh
43
vulnerability VCID-fvfb-k9ar-93eu
44
vulnerability VCID-g9nw-c9d1-a3er
45
vulnerability VCID-h23e-nhyz-8uda
46
vulnerability VCID-hre7-pp7p-13fs
47
vulnerability VCID-husp-fm64-nfa9
48
vulnerability VCID-j145-f5mp-xkeq
49
vulnerability VCID-j6qa-q1h1-3uaq
50
vulnerability VCID-jbf6-vrjc-syg1
51
vulnerability VCID-jfhc-x8j6-yuab
52
vulnerability VCID-ksar-xuza-8kg7
53
vulnerability VCID-kszc-uv1w-syb1
54
vulnerability VCID-ktuq-s8bz-1qam
55
vulnerability VCID-kwy5-x7m9-4qgt
56
vulnerability VCID-mbrk-dkua-uyeq
57
vulnerability VCID-ny7t-pkm8-2fb4
58
vulnerability VCID-pbeh-n41k-s7au
59
vulnerability VCID-pj93-uzpy-3bg1
60
vulnerability VCID-pq2d-33kw-ayb7
61
vulnerability VCID-py4d-vrgu-5ueu
62
vulnerability VCID-rgc3-hzw1-3bcp
63
vulnerability VCID-s1hu-g4ns-5ydy
64
vulnerability VCID-sewn-mfcw-gygm
65
vulnerability VCID-t96y-1vd2-fqe3
66
vulnerability VCID-tg7a-etmk-6fea
67
vulnerability VCID-u4y9-vrsc-wbdy
68
vulnerability VCID-ukkj-tn8u-yuab
69
vulnerability VCID-v4b9-7gb8-7kf7
70
vulnerability VCID-vq2w-pgev-f7ha
71
vulnerability VCID-vuzh-e7pz-fqgt
72
vulnerability VCID-vxvk-vwan-ukak
73
vulnerability VCID-wc2t-bbf1-mua5
74
vulnerability VCID-xmhu-nkgw-kybr
75
vulnerability VCID-yejf-124s-hqgx
76
vulnerability VCID-yr93-awkm-v7ay
77
vulnerability VCID-yy22-6ztx-67d4
78
vulnerability VCID-zv6f-cpbv-a7b7
79
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
aliases CVE-2007-4000
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7wvx-d25a-dkfc
28
url VCID-7yu5-qag8-23cf
vulnerability_id VCID-7yu5-qag8-23cf
summary Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third-party applications that use krb5, allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long string in an RPC message.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3999.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3999.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-3999
reference_id
reference_type
scores
0
value 0.47845
scoring_system epss
scoring_elements 0.97773
published_at 2026-06-05T12:55:00Z
1
value 0.47845
scoring_system epss
scoring_elements 0.97775
published_at 2026-06-06T12:55:00Z
2
value 0.48434
scoring_system epss
scoring_elements 0.97802
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-3999
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3999
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3999
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=250973
reference_id 250973
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=250973
4
reference_url https://security.gentoo.org/glsa/200709-01
reference_id GLSA-200709-01
reference_type
scores
url https://security.gentoo.org/glsa/200709-01
5
reference_url https://security.gentoo.org/glsa/200710-01
reference_id GLSA-200710-01
reference_type
scores
url https://security.gentoo.org/glsa/200710-01
6
reference_url https://access.redhat.com/errata/RHSA-2007:0858
reference_id RHSA-2007:0858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0858
7
reference_url https://access.redhat.com/errata/RHSA-2007:0913
reference_id RHSA-2007:0913
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0913
8
reference_url https://access.redhat.com/errata/RHSA-2007:0951
reference_id RHSA-2007:0951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0951
9
reference_url https://usn.ubuntu.com/511-1/
reference_id USN-511-1
reference_type
scores
url https://usn.ubuntu.com/511-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
purl pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sps-s2a3-wbad
3
vulnerability VCID-1u82-w13p-cfbk
4
vulnerability VCID-2674-wgen-1qbk
5
vulnerability VCID-2tn3-dfqx-5yc9
6
vulnerability VCID-3d22-kr2u-tuck
7
vulnerability VCID-3df1-58jr-e7gv
8
vulnerability VCID-3jcm-y59r-47a5
9
vulnerability VCID-3tas-mucv-aufk
10
vulnerability VCID-42rr-7ajf-eqg7
11
vulnerability VCID-4mm3-t6eu-4qde
12
vulnerability VCID-53pj-pwxv-qqhv
13
vulnerability VCID-596a-s3un-vbbc
14
vulnerability VCID-5jja-ssqm-skhu
15
vulnerability VCID-5thq-ff3f-h7f6
16
vulnerability VCID-6jnk-3rfw-nkh8
17
vulnerability VCID-7ey4-ge6f-9uct
18
vulnerability VCID-7wnb-bhuv-tycp
19
vulnerability VCID-8fxt-3wg4-dkbb
20
vulnerability VCID-9axv-m7xk-quax
21
vulnerability VCID-a4cc-w95t-8fh6
22
vulnerability VCID-at3s-18x4-n7e2
23
vulnerability VCID-b6a9-hnjx-c3gk
24
vulnerability VCID-bdmc-p544-bfg9
25
vulnerability VCID-bg27-2hv6-m7cx
26
vulnerability VCID-bkdg-dybz-t3fy
27
vulnerability VCID-bkqm-d2bp-f7fe
28
vulnerability VCID-c2t4-3vdu-wqf1
29
vulnerability VCID-c3qw-eazy-nyer
30
vulnerability VCID-c5ev-cgh8-3kda
31
vulnerability VCID-c5he-57zg-fybc
32
vulnerability VCID-d2qf-r6jd-r3c7
33
vulnerability VCID-d42v-zwu4-a3ge
34
vulnerability VCID-d53g-faqf-gfdp
35
vulnerability VCID-dbaq-qjd2-d7c9
36
vulnerability VCID-e1xu-a882-s3ga
37
vulnerability VCID-ekzs-tuvp-ybfq
38
vulnerability VCID-esm3-3qwz-cud2
39
vulnerability VCID-ezm2-e8zw-g7dg
40
vulnerability VCID-f343-u3jt-pkfy
41
vulnerability VCID-f72c-txrr-ukga
42
vulnerability VCID-fcy5-mv1a-n7dh
43
vulnerability VCID-fvfb-k9ar-93eu
44
vulnerability VCID-g9nw-c9d1-a3er
45
vulnerability VCID-h23e-nhyz-8uda
46
vulnerability VCID-hre7-pp7p-13fs
47
vulnerability VCID-husp-fm64-nfa9
48
vulnerability VCID-j145-f5mp-xkeq
49
vulnerability VCID-j6qa-q1h1-3uaq
50
vulnerability VCID-jbf6-vrjc-syg1
51
vulnerability VCID-jfhc-x8j6-yuab
52
vulnerability VCID-ksar-xuza-8kg7
53
vulnerability VCID-kszc-uv1w-syb1
54
vulnerability VCID-ktuq-s8bz-1qam
55
vulnerability VCID-kwy5-x7m9-4qgt
56
vulnerability VCID-mbrk-dkua-uyeq
57
vulnerability VCID-ny7t-pkm8-2fb4
58
vulnerability VCID-pbeh-n41k-s7au
59
vulnerability VCID-pj93-uzpy-3bg1
60
vulnerability VCID-pq2d-33kw-ayb7
61
vulnerability VCID-py4d-vrgu-5ueu
62
vulnerability VCID-rgc3-hzw1-3bcp
63
vulnerability VCID-s1hu-g4ns-5ydy
64
vulnerability VCID-sewn-mfcw-gygm
65
vulnerability VCID-t96y-1vd2-fqe3
66
vulnerability VCID-tg7a-etmk-6fea
67
vulnerability VCID-u4y9-vrsc-wbdy
68
vulnerability VCID-ukkj-tn8u-yuab
69
vulnerability VCID-v4b9-7gb8-7kf7
70
vulnerability VCID-vq2w-pgev-f7ha
71
vulnerability VCID-vuzh-e7pz-fqgt
72
vulnerability VCID-vxvk-vwan-ukak
73
vulnerability VCID-wc2t-bbf1-mua5
74
vulnerability VCID-xmhu-nkgw-kybr
75
vulnerability VCID-yejf-124s-hqgx
76
vulnerability VCID-yr93-awkm-v7ay
77
vulnerability VCID-yy22-6ztx-67d4
78
vulnerability VCID-zv6f-cpbv-a7b7
79
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
aliases CVE-2007-3999
risk_score 0.2
exploitability 0.5
weighted_severity 0.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7yu5-qag8-23cf
29
url VCID-8fxt-3wg4-dkbb
vulnerability_id VCID-8fxt-3wg4-dkbb
summary The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger certain process_as_req errors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1529.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1529.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-1529
reference_id
reference_type
scores
0
value 0.02376
scoring_system epss
scoring_elements 0.85263
published_at 2026-06-04T12:55:00Z
1
value 0.02376
scoring_system epss
scoring_elements 0.85287
published_at 2026-06-05T12:55:00Z
2
value 0.02376
scoring_system epss
scoring_elements 0.85292
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-1529
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1529
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1529
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367
reference_id 646367
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=737711
reference_id 737711
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=737711
5
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
6
reference_url https://access.redhat.com/errata/RHSA-2011:1379
reference_id RHSA-2011:1379
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:1379
7
reference_url https://usn.ubuntu.com/1233-1/
reference_id USN-1233-1
reference_type
scores
url https://usn.ubuntu.com/1233-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
aliases CVE-2011-1529
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8fxt-3wg4-dkbb
30
url VCID-9axv-m7xk-quax
vulnerability_id VCID-9axv-m7xk-quax
summary Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4212.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4212.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-4212
reference_id
reference_type
scores
0
value 0.16485
scoring_system epss
scoring_elements 0.95019
published_at 2026-06-04T12:55:00Z
1
value 0.16485
scoring_system epss
scoring_elements 0.95028
published_at 2026-06-05T12:55:00Z
2
value 0.16485
scoring_system epss
scoring_elements 0.95029
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-4212
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4212
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4212
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=545015
reference_id 545015
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=545015
4
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
5
reference_url https://access.redhat.com/errata/RHSA-2010:0029
reference_id RHSA-2010:0029
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0029
6
reference_url https://usn.ubuntu.com/881-1/
reference_id USN-881-1
reference_type
scores
url https://usn.ubuntu.com/881-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2009-4212
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9axv-m7xk-quax
31
url VCID-a4cc-w95t-8fh6
vulnerability_id VCID-a4cc-w95t-8fh6
summary Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0629.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0629.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-0629
reference_id
reference_type
scores
0
value 0.02284
scoring_system epss
scoring_elements 0.84991
published_at 2026-06-04T12:55:00Z
1
value 0.02284
scoring_system epss
scoring_elements 0.85015
published_at 2026-06-05T12:55:00Z
2
value 0.02284
scoring_system epss
scoring_elements 0.85019
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-0629
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0629
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0629
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=576011
reference_id 576011
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=576011
4
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
5
reference_url https://access.redhat.com/errata/RHSA-2010:0343
reference_id RHSA-2010:0343
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0343
6
reference_url https://usn.ubuntu.com/924-1/
reference_id USN-924-1
reference_type
scores
url https://usn.ubuntu.com/924-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2010-0629
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a4cc-w95t-8fh6
32
url VCID-at3s-18x4-n7e2
vulnerability_id VCID-at3s-18x4-n7e2
summary server/server_stubs.c in the kadmin protocol implementation in MIT Kerberos 5 (aka krb5) 1.10 before 1.10.1 does not properly restrict access to (1) SET_STRING and (2) GET_STRINGS operations, which might allow remote authenticated administrators to modify or read string attributes by leveraging the global list privilege.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1012.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1012.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1012
reference_id
reference_type
scores
0
value 0.00238
scoring_system epss
scoring_elements 0.47041
published_at 2026-06-04T12:55:00Z
1
value 0.00238
scoring_system epss
scoring_elements 0.47106
published_at 2026-06-05T12:55:00Z
2
value 0.00238
scoring_system epss
scoring_elements 0.47109
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1012
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1012
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1012
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670918
reference_id 670918
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670918
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=796438
reference_id 796438
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=796438
5
reference_url https://usn.ubuntu.com/1520-1/
reference_id USN-1520-1
reference_type
scores
url https://usn.ubuntu.com/1520-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
aliases CVE-2012-1012
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-at3s-18x4-n7e2
33
url VCID-b6a9-hnjx-c3gk
vulnerability_id VCID-b6a9-hnjx-c3gk
summary The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an intended preauthentication requirement by providing (1) zero bytes of data or (2) an arbitrary realm name, related to plugins/preauth/otp/main.c and plugins/preauth/pkinit/pkinit_srv.c.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2694.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2694.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-2694
reference_id
reference_type
scores
0
value 0.0089
scoring_system epss
scoring_elements 0.75903
published_at 2026-06-04T12:55:00Z
1
value 0.0089
scoring_system epss
scoring_elements 0.75929
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-2694
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2694
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2694
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1216133
reference_id 1216133
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1216133
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783557
reference_id 783557
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783557
5
reference_url https://access.redhat.com/errata/RHSA-2015:2154
reference_id RHSA-2015:2154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2154
6
reference_url https://usn.ubuntu.com/2810-1/
reference_id USN-2810-1
reference_type
scores
url https://usn.ubuntu.com/2810-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
purl pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-3tas-mucv-aufk
2
vulnerability VCID-4mm3-t6eu-4qde
3
vulnerability VCID-c5he-57zg-fybc
4
vulnerability VCID-ekzs-tuvp-ybfq
5
vulnerability VCID-husp-fm64-nfa9
6
vulnerability VCID-j6qa-q1h1-3uaq
7
vulnerability VCID-jfhc-x8j6-yuab
8
vulnerability VCID-kwy5-x7m9-4qgt
9
vulnerability VCID-pq2d-33kw-ayb7
10
vulnerability VCID-rgc3-hzw1-3bcp
11
vulnerability VCID-s1hu-g4ns-5ydy
12
vulnerability VCID-tg7a-etmk-6fea
13
vulnerability VCID-u4y9-vrsc-wbdy
14
vulnerability VCID-wc2t-bbf1-mua5
15
vulnerability VCID-xmhu-nkgw-kybr
16
vulnerability VCID-yejf-124s-hqgx
17
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1
aliases CVE-2015-2694
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b6a9-hnjx-c3gk
34
url VCID-bdmc-p544-bfg9
vulnerability_id VCID-bdmc-p544-bfg9
summary do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of service (daemon crash) via a TGS-REQ request that triggers an attempted cross-realm referral for a host-based service principal.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1417.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1417.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1417
reference_id
reference_type
scores
0
value 0.00543
scoring_system epss
scoring_elements 0.68062
published_at 2026-06-04T12:55:00Z
1
value 0.00543
scoring_system epss
scoring_elements 0.68101
published_at 2026-06-05T12:55:00Z
2
value 0.00543
scoring_system epss
scoring_elements 0.68109
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1417
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1417
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1417
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1030743
reference_id 1030743
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1030743
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730085
reference_id 730085
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730085
5
reference_url https://security.gentoo.org/glsa/201312-12
reference_id GLSA-201312-12
reference_type
scores
url https://security.gentoo.org/glsa/201312-12
fixed_packages
0
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19
aliases CVE-2013-1417
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bdmc-p544-bfg9
35
url VCID-bg27-2hv6-m7cx
vulnerability_id VCID-bg27-2hv6-m7cx
summary The krb5_db2_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4, when the db2 (aka Berkeley DB) back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, a different vulnerability than CVE-2011-1528.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4151.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4151.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4151
reference_id
reference_type
scores
0
value 0.01205
scoring_system epss
scoring_elements 0.79281
published_at 2026-06-04T12:55:00Z
1
value 0.01205
scoring_system epss
scoring_elements 0.79308
published_at 2026-06-05T12:55:00Z
2
value 0.01205
scoring_system epss
scoring_elements 0.79313
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4151
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4151
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4151
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367
reference_id 646367
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=737711
reference_id 737711
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=737711
5
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
aliases CVE-2011-4151
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bg27-2hv6-m7cx
36
url VCID-bkdg-dybz-t3fy
vulnerability_id VCID-bkdg-dybz-t3fy
summary The do_standalone function in the MIT krb5 KDC database propagation daemon (kpropd) in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode, does not properly handle when a worker child process "exits abnormally," which allows remote attackers to cause a denial of service (listening process termination, no new connections, and lack of updates in slave KVC) via unspecified vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4022.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4022.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-4022
reference_id
reference_type
scores
0
value 0.08988
scoring_system epss
scoring_elements 0.92761
published_at 2026-06-04T12:55:00Z
1
value 0.08988
scoring_system epss
scoring_elements 0.92774
published_at 2026-06-05T12:55:00Z
2
value 0.08988
scoring_system epss
scoring_elements 0.92769
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-4022
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4022
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4022
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=664009
reference_id 664009
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=664009
4
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
5
reference_url https://access.redhat.com/errata/RHSA-2011:0200
reference_id RHSA-2011:0200
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0200
6
reference_url https://usn.ubuntu.com/1062-1/
reference_id USN-1062-1
reference_type
scores
url https://usn.ubuntu.com/1062-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
aliases CVE-2010-4022
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bkdg-dybz-t3fy
37
url VCID-bkqm-d2bp-f7fe
vulnerability_id VCID-bkqm-d2bp-f7fe
summary The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1416.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1416.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1416
reference_id
reference_type
scores
0
value 0.02274
scoring_system epss
scoring_elements 0.84961
published_at 2026-06-04T12:55:00Z
1
value 0.02274
scoring_system epss
scoring_elements 0.84985
published_at 2026-06-05T12:55:00Z
2
value 0.02274
scoring_system epss
scoring_elements 0.84989
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1416
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1416
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1416
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704775
reference_id 704775
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704775
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=949984
reference_id 949984
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=949984
6
reference_url https://security.gentoo.org/glsa/201312-12
reference_id GLSA-201312-12
reference_type
scores
url https://security.gentoo.org/glsa/201312-12
7
reference_url https://access.redhat.com/errata/RHSA-2013:0748
reference_id RHSA-2013:0748
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0748
8
reference_url https://usn.ubuntu.com/2310-1/
reference_id USN-2310-1
reference_type
scores
url https://usn.ubuntu.com/2310-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
aliases CVE-2013-1416
risk_score 1.0
exploitability 0.5
weighted_severity 2.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bkqm-d2bp-f7fe
38
url VCID-c2t4-3vdu-wqf1
vulnerability_id VCID-c2t4-3vdu-wqf1
summary Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0488.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0488.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-0488
reference_id
reference_type
scores
0
value 0.11677
scoring_system epss
scoring_elements 0.93808
published_at 2026-06-04T12:55:00Z
1
value 0.11677
scoring_system epss
scoring_elements 0.93817
published_at 2026-06-05T12:55:00Z
2
value 0.11677
scoring_system epss
scoring_elements 0.93816
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-0488
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0488
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0488
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617531
reference_id 1617531
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617531
4
reference_url https://access.redhat.com/errata/RHSA-2005:504
reference_id RHSA-2005:504
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:504
5
reference_url https://access.redhat.com/errata/RHSA-2005:562
reference_id RHSA-2005:562
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:562
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2005-0488
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c2t4-3vdu-wqf1
39
url VCID-c3qw-eazy-nyer
vulnerability_id VCID-c3qw-eazy-nyer
summary Double free vulnerability in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x before 1.8.2 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a request associated with (1) renewal or (2) validation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1320.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1320.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-1320
reference_id
reference_type
scores
0
value 0.22068
scoring_system epss
scoring_elements 0.95892
published_at 2026-06-04T12:55:00Z
1
value 0.22068
scoring_system epss
scoring_elements 0.95896
published_at 2026-06-05T12:55:00Z
2
value 0.22068
scoring_system epss
scoring_elements 0.95899
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-1320
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1320
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1320
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577490
reference_id 577490
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577490
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=581922
reference_id 581922
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=581922
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33855.txt
reference_id CVE-2010-1320;OSVDB-63975
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33855.txt
6
reference_url https://www.securityfocus.com/bid/39599/info
reference_id CVE-2010-1320;OSVDB-63975
reference_type exploit
scores
url https://www.securityfocus.com/bid/39599/info
7
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
8
reference_url https://usn.ubuntu.com/940-1/
reference_id USN-940-1
reference_type
scores
url https://usn.ubuntu.com/940-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2010-1320
risk_score 0.4
exploitability 2.0
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c3qw-eazy-nyer
40
url VCID-c5ev-cgh8-3kda
vulnerability_id VCID-c5ev-cgh8-3kda
summary MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which might allow remote authenticated users to forge a (1) AD-SIGNEDPATH or (2) AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the small key space that results from certain one-byte stream-cipher operations.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4020.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4020.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-4020
reference_id
reference_type
scores
0
value 0.00535
scoring_system epss
scoring_elements 0.67786
published_at 2026-06-04T12:55:00Z
1
value 0.00535
scoring_system epss
scoring_elements 0.67826
published_at 2026-06-05T12:55:00Z
2
value 0.00535
scoring_system epss
scoring_elements 0.67833
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-4020
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4020
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4020
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605553
reference_id 605553
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605553
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=648735
reference_id 648735
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=648735
5
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
6
reference_url https://access.redhat.com/errata/RHSA-2010:0925
reference_id RHSA-2010:0925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0925
7
reference_url https://usn.ubuntu.com/1030-1/
reference_id USN-1030-1
reference_type
scores
url https://usn.ubuntu.com/1030-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2010-4020
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c5ev-cgh8-3kda
41
url VCID-c5he-57zg-fybc
vulnerability_id VCID-c5he-57zg-fybc
summary MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5729.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5729.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5729
reference_id
reference_type
scores
0
value 0.00076
scoring_system epss
scoring_elements 0.22938
published_at 2026-06-04T12:55:00Z
1
value 0.00076
scoring_system epss
scoring_elements 0.2302
published_at 2026-06-05T12:55:00Z
2
value 0.00076
scoring_system epss
scoring_elements 0.23006
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5729
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5729
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5729
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1551083
reference_id 1551083
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1551083
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869
reference_id 891869
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869
6
reference_url https://security.archlinux.org/ASA-201806-3
reference_id ASA-201806-3
reference_type
scores
url https://security.archlinux.org/ASA-201806-3
7
reference_url https://security.archlinux.org/AVG-586
reference_id AVG-586
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-586
8
reference_url https://access.redhat.com/errata/RHSA-2018:3071
reference_id RHSA-2018:3071
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3071
fixed_packages
0
url pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
purl pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-ekzs-tuvp-ybfq
2
vulnerability VCID-husp-fm64-nfa9
3
vulnerability VCID-jfhc-x8j6-yuab
4
vulnerability VCID-kwy5-x7m9-4qgt
5
vulnerability VCID-pq2d-33kw-ayb7
6
vulnerability VCID-s1hu-g4ns-5ydy
7
vulnerability VCID-tg7a-etmk-6fea
8
vulnerability VCID-u4y9-vrsc-wbdy
9
vulnerability VCID-wc2t-bbf1-mua5
10
vulnerability VCID-xmhu-nkgw-kybr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4
aliases CVE-2018-5729
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c5he-57zg-fybc
42
url VCID-ce17-bbd4-tyc1
vulnerability_id VCID-ce17-bbd4-tyc1
summary The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2442.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2442.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-2442
reference_id
reference_type
scores
0
value 0.42571
scoring_system epss
scoring_elements 0.97537
published_at 2026-06-04T12:55:00Z
1
value 0.42571
scoring_system epss
scoring_elements 0.97542
published_at 2026-06-05T12:55:00Z
2
value 0.42571
scoring_system epss
scoring_elements 0.97544
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-2442
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2442
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2442
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=245547
reference_id 245547
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=245547
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=430787
reference_id 430787
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=430787
5
reference_url https://security.gentoo.org/glsa/200707-11
reference_id GLSA-200707-11
reference_type
scores
url https://security.gentoo.org/glsa/200707-11
6
reference_url https://access.redhat.com/errata/RHSA-2007:0384
reference_id RHSA-2007:0384
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0384
7
reference_url https://access.redhat.com/errata/RHSA-2007:0562
reference_id RHSA-2007:0562
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0562
8
reference_url https://usn.ubuntu.com/477-1/
reference_id USN-477-1
reference_type
scores
url https://usn.ubuntu.com/477-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
purl pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sps-s2a3-wbad
3
vulnerability VCID-1u82-w13p-cfbk
4
vulnerability VCID-2674-wgen-1qbk
5
vulnerability VCID-2tn3-dfqx-5yc9
6
vulnerability VCID-3d22-kr2u-tuck
7
vulnerability VCID-3df1-58jr-e7gv
8
vulnerability VCID-3jcm-y59r-47a5
9
vulnerability VCID-3tas-mucv-aufk
10
vulnerability VCID-42rr-7ajf-eqg7
11
vulnerability VCID-4mm3-t6eu-4qde
12
vulnerability VCID-53pj-pwxv-qqhv
13
vulnerability VCID-596a-s3un-vbbc
14
vulnerability VCID-5jja-ssqm-skhu
15
vulnerability VCID-5thq-ff3f-h7f6
16
vulnerability VCID-6jnk-3rfw-nkh8
17
vulnerability VCID-7ey4-ge6f-9uct
18
vulnerability VCID-7wnb-bhuv-tycp
19
vulnerability VCID-8fxt-3wg4-dkbb
20
vulnerability VCID-9axv-m7xk-quax
21
vulnerability VCID-a4cc-w95t-8fh6
22
vulnerability VCID-at3s-18x4-n7e2
23
vulnerability VCID-b6a9-hnjx-c3gk
24
vulnerability VCID-bdmc-p544-bfg9
25
vulnerability VCID-bg27-2hv6-m7cx
26
vulnerability VCID-bkdg-dybz-t3fy
27
vulnerability VCID-bkqm-d2bp-f7fe
28
vulnerability VCID-c2t4-3vdu-wqf1
29
vulnerability VCID-c3qw-eazy-nyer
30
vulnerability VCID-c5ev-cgh8-3kda
31
vulnerability VCID-c5he-57zg-fybc
32
vulnerability VCID-d2qf-r6jd-r3c7
33
vulnerability VCID-d42v-zwu4-a3ge
34
vulnerability VCID-d53g-faqf-gfdp
35
vulnerability VCID-dbaq-qjd2-d7c9
36
vulnerability VCID-e1xu-a882-s3ga
37
vulnerability VCID-ekzs-tuvp-ybfq
38
vulnerability VCID-esm3-3qwz-cud2
39
vulnerability VCID-ezm2-e8zw-g7dg
40
vulnerability VCID-f343-u3jt-pkfy
41
vulnerability VCID-f72c-txrr-ukga
42
vulnerability VCID-fcy5-mv1a-n7dh
43
vulnerability VCID-fvfb-k9ar-93eu
44
vulnerability VCID-g9nw-c9d1-a3er
45
vulnerability VCID-h23e-nhyz-8uda
46
vulnerability VCID-hre7-pp7p-13fs
47
vulnerability VCID-husp-fm64-nfa9
48
vulnerability VCID-j145-f5mp-xkeq
49
vulnerability VCID-j6qa-q1h1-3uaq
50
vulnerability VCID-jbf6-vrjc-syg1
51
vulnerability VCID-jfhc-x8j6-yuab
52
vulnerability VCID-ksar-xuza-8kg7
53
vulnerability VCID-kszc-uv1w-syb1
54
vulnerability VCID-ktuq-s8bz-1qam
55
vulnerability VCID-kwy5-x7m9-4qgt
56
vulnerability VCID-mbrk-dkua-uyeq
57
vulnerability VCID-ny7t-pkm8-2fb4
58
vulnerability VCID-pbeh-n41k-s7au
59
vulnerability VCID-pj93-uzpy-3bg1
60
vulnerability VCID-pq2d-33kw-ayb7
61
vulnerability VCID-py4d-vrgu-5ueu
62
vulnerability VCID-rgc3-hzw1-3bcp
63
vulnerability VCID-s1hu-g4ns-5ydy
64
vulnerability VCID-sewn-mfcw-gygm
65
vulnerability VCID-t96y-1vd2-fqe3
66
vulnerability VCID-tg7a-etmk-6fea
67
vulnerability VCID-u4y9-vrsc-wbdy
68
vulnerability VCID-ukkj-tn8u-yuab
69
vulnerability VCID-v4b9-7gb8-7kf7
70
vulnerability VCID-vq2w-pgev-f7ha
71
vulnerability VCID-vuzh-e7pz-fqgt
72
vulnerability VCID-vxvk-vwan-ukak
73
vulnerability VCID-wc2t-bbf1-mua5
74
vulnerability VCID-xmhu-nkgw-kybr
75
vulnerability VCID-yejf-124s-hqgx
76
vulnerability VCID-yr93-awkm-v7ay
77
vulnerability VCID-yy22-6ztx-67d4
78
vulnerability VCID-zv6f-cpbv-a7b7
79
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
aliases CVE-2007-2442
risk_score 0.2
exploitability 0.5
weighted_severity 0.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ce17-bbd4-tyc1
43
url VCID-d2qf-r6jd-r3c7
vulnerability_id VCID-d2qf-r6jd-r3c7
summary The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0847.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0847.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0847
reference_id
reference_type
scores
0
value 0.20287
scoring_system epss
scoring_elements 0.95633
published_at 2026-06-04T12:55:00Z
1
value 0.20287
scoring_system epss
scoring_elements 0.95639
published_at 2026-06-05T12:55:00Z
2
value 0.20287
scoring_system epss
scoring_elements 0.95643
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0847
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0847
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0847
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=491034
reference_id 491034
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=491034
4
reference_url https://security.gentoo.org/glsa/200904-09
reference_id GLSA-200904-09
reference_type
scores
url https://security.gentoo.org/glsa/200904-09
5
reference_url https://usn.ubuntu.com/755-1/
reference_id USN-755-1
reference_type
scores
url https://usn.ubuntu.com/755-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2009-0847
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d2qf-r6jd-r3c7
44
url VCID-d42v-zwu4-a3ge
vulnerability_id VCID-d42v-zwu4-a3ge
summary Double free vulnerability in the prepare_error_as function in do_as_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 through 1.9, when the PKINIT feature is enabled, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via an e_data field containing typed data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0284.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0284.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-0284
reference_id
reference_type
scores
0
value 0.2264
scoring_system epss
scoring_elements 0.9596
published_at 2026-06-04T12:55:00Z
1
value 0.2264
scoring_system epss
scoring_elements 0.95964
published_at 2026-06-05T12:55:00Z
2
value 0.2264
scoring_system epss
scoring_elements 0.95968
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-0284
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0284
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0284
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618517
reference_id 618517
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618517
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=674325
reference_id 674325
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=674325
5
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
6
reference_url https://access.redhat.com/errata/RHSA-2011:0356
reference_id RHSA-2011:0356
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0356
7
reference_url https://usn.ubuntu.com/1088-1/
reference_id USN-1088-1
reference_type
scores
url https://usn.ubuntu.com/1088-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
aliases CVE-2011-0284
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d42v-zwu4-a3ge
45
url VCID-d53g-faqf-gfdp
vulnerability_id VCID-d53g-faqf-gfdp
summary The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum before verifying that the key type is appropriate for a checksum, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free, heap memory corruption, and daemon crash) via a crafted AS-REQ request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1015.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1015.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1015
reference_id
reference_type
scores
0
value 0.01234
scoring_system epss
scoring_elements 0.79537
published_at 2026-06-04T12:55:00Z
1
value 0.01234
scoring_system epss
scoring_elements 0.79563
published_at 2026-06-05T12:55:00Z
2
value 0.01234
scoring_system epss
scoring_elements 0.79569
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1015
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1015
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1015
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683429
reference_id 683429
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683429
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=838012
reference_id 838012
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=838012
6
reference_url https://security.gentoo.org/glsa/201312-12
reference_id GLSA-201312-12
reference_type
scores
url https://security.gentoo.org/glsa/201312-12
7
reference_url https://access.redhat.com/errata/RHSA-2012:1131
reference_id RHSA-2012:1131
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1131
8
reference_url https://usn.ubuntu.com/1520-1/
reference_id USN-1520-1
reference_type
scores
url https://usn.ubuntu.com/1520-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
aliases CVE-2012-1015
risk_score 1.2
exploitability 0.5
weighted_severity 2.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d53g-faqf-gfdp
46
url VCID-dbaq-qjd2-d7c9
vulnerability_id VCID-dbaq-qjd2-d7c9
summary The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attackers to obtain sensitive information from process heap memory by sniffing the network for data in a handle field.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9423.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9423.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9423
reference_id
reference_type
scores
0
value 0.01537
scoring_system epss
scoring_elements 0.81674
published_at 2026-06-04T12:55:00Z
1
value 0.01537
scoring_system epss
scoring_elements 0.81705
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9423
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1179863
reference_id 1179863
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1179863
8
reference_url https://access.redhat.com/errata/RHSA-2015:0439
reference_id RHSA-2015:0439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0439
9
reference_url https://usn.ubuntu.com/2498-1/
reference_id USN-2498-1
reference_type
scores
url https://usn.ubuntu.com/2498-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
1
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19
aliases CVE-2014-9423
risk_score 1.2
exploitability 0.5
weighted_severity 2.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dbaq-qjd2-d7c9
47
url VCID-e1xu-a882-s3ga
vulnerability_id VCID-e1xu-a882-s3ga
summary The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect client data structure, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an S4U2Self request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3120.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3120.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3120
reference_id
reference_type
scores
0
value 0.0432
scoring_system epss
scoring_elements 0.89087
published_at 2026-06-04T12:55:00Z
1
value 0.0432
scoring_system epss
scoring_elements 0.89104
published_at 2026-06-05T12:55:00Z
2
value 0.0432
scoring_system epss
scoring_elements 0.89105
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3120
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3120
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3120
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:S/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1361050
reference_id 1361050
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1361050
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832572
reference_id 832572
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832572
6
reference_url https://access.redhat.com/errata/RHSA-2016:2591
reference_id RHSA-2016:2591
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2591
fixed_packages
0
url pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
purl pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-3tas-mucv-aufk
2
vulnerability VCID-4mm3-t6eu-4qde
3
vulnerability VCID-c5he-57zg-fybc
4
vulnerability VCID-ekzs-tuvp-ybfq
5
vulnerability VCID-husp-fm64-nfa9
6
vulnerability VCID-j6qa-q1h1-3uaq
7
vulnerability VCID-jfhc-x8j6-yuab
8
vulnerability VCID-kwy5-x7m9-4qgt
9
vulnerability VCID-pq2d-33kw-ayb7
10
vulnerability VCID-rgc3-hzw1-3bcp
11
vulnerability VCID-s1hu-g4ns-5ydy
12
vulnerability VCID-tg7a-etmk-6fea
13
vulnerability VCID-u4y9-vrsc-wbdy
14
vulnerability VCID-wc2t-bbf1-mua5
15
vulnerability VCID-xmhu-nkgw-kybr
16
vulnerability VCID-yejf-124s-hqgx
17
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1
aliases CVE-2016-3120
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e1xu-a882-s3ga
48
url VCID-ekzs-tuvp-ybfq
vulnerability_id VCID-ekzs-tuvp-ybfq
summary ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36222.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36222.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-36222
reference_id
reference_type
scores
0
value 0.06615
scoring_system epss
scoring_elements 0.91351
published_at 2026-06-04T12:55:00Z
1
value 0.06615
scoring_system epss
scoring_elements 0.91364
published_at 2026-06-05T12:55:00Z
2
value 0.06615
scoring_system epss
scoring_elements 0.91366
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-36222
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1983720
reference_id 1983720
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1983720
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991365
reference_id 991365
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991365
6
reference_url https://security.archlinux.org/AVG-2173
reference_id AVG-2173
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2173
7
reference_url https://security.gentoo.org/glsa/202405-11
reference_id GLSA-202405-11
reference_type
scores
url https://security.gentoo.org/glsa/202405-11
8
reference_url https://access.redhat.com/errata/RHSA-2021:3576
reference_id RHSA-2021:3576
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3576
9
reference_url https://usn.ubuntu.com/5959-1/
reference_id USN-5959-1
reference_type
scores
url https://usn.ubuntu.com/5959-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
purl pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-ekzs-tuvp-ybfq
2
vulnerability VCID-husp-fm64-nfa9
3
vulnerability VCID-jfhc-x8j6-yuab
4
vulnerability VCID-kwy5-x7m9-4qgt
5
vulnerability VCID-pq2d-33kw-ayb7
6
vulnerability VCID-s1hu-g4ns-5ydy
7
vulnerability VCID-tg7a-etmk-6fea
8
vulnerability VCID-u4y9-vrsc-wbdy
9
vulnerability VCID-wc2t-bbf1-mua5
10
vulnerability VCID-xmhu-nkgw-kybr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4
1
url pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5
purl pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-pq2d-33kw-ayb7
2
vulnerability VCID-s1hu-g4ns-5ydy
3
vulnerability VCID-u4y9-vrsc-wbdy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5
aliases CVE-2021-36222
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ekzs-tuvp-ybfq
49
url VCID-esm3-3qwz-cud2
vulnerability_id VCID-esm3-3qwz-cud2
summary The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1418.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1418.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1418
reference_id
reference_type
scores
0
value 0.07674
scoring_system epss
scoring_elements 0.92046
published_at 2026-06-04T12:55:00Z
1
value 0.07674
scoring_system epss
scoring_elements 0.92058
published_at 2026-06-05T12:55:00Z
2
value 0.07674
scoring_system epss
scoring_elements 0.92056
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1418
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1418
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1418
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1026942
reference_id 1026942
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1026942
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728845
reference_id 728845
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728845
5
reference_url https://security.gentoo.org/glsa/201312-12
reference_id GLSA-201312-12
reference_type
scores
url https://security.gentoo.org/glsa/201312-12
6
reference_url https://access.redhat.com/errata/RHSA-2014:1245
reference_id RHSA-2014:1245
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1245
7
reference_url https://access.redhat.com/errata/RHSA-2014:1389
reference_id RHSA-2014:1389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1389
8
reference_url https://usn.ubuntu.com/2310-1/
reference_id USN-2310-1
reference_type
scores
url https://usn.ubuntu.com/2310-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19
aliases CVE-2013-1418
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-esm3-3qwz-cud2
50
url VCID-ezm2-e8zw-g7dg
vulnerability_id VCID-ezm2-e8zw-g7dg
summary The pkinit_server_return_padata function in plugins/preauth/pkinit/pkinit_srv.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 attempts to find an agility KDF identifier in inappropriate circumstances, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted Draft 9 request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1016.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1016.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1016
reference_id
reference_type
scores
0
value 0.00643
scoring_system epss
scoring_elements 0.71018
published_at 2026-06-04T12:55:00Z
1
value 0.00643
scoring_system epss
scoring_elements 0.7106
published_at 2026-06-05T12:55:00Z
2
value 0.00643
scoring_system epss
scoring_elements 0.71067
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1016
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1016
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1016
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702633
reference_id 702633
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702633
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=917840
reference_id 917840
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=917840
5
reference_url https://access.redhat.com/errata/RHSA-2013:0656
reference_id RHSA-2013:0656
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0656
6
reference_url https://usn.ubuntu.com/2310-1/
reference_id USN-2310-1
reference_type
scores
url https://usn.ubuntu.com/2310-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
aliases CVE-2012-1016
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ezm2-e8zw-g7dg
51
url VCID-f343-u3jt-pkfy
vulnerability_id VCID-f343-u3jt-pkfy
summary MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4341.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4341.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4341
reference_id
reference_type
scores
0
value 0.14451
scoring_system epss
scoring_elements 0.94559
published_at 2026-06-04T12:55:00Z
1
value 0.14451
scoring_system epss
scoring_elements 0.94567
published_at 2026-06-05T12:55:00Z
2
value 0.14451
scoring_system epss
scoring_elements 0.94569
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4341
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1116180
reference_id 1116180
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1116180
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753624
reference_id 753624
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753624
10
reference_url https://security.gentoo.org/glsa/201412-53
reference_id GLSA-201412-53
reference_type
scores
url https://security.gentoo.org/glsa/201412-53
11
reference_url https://access.redhat.com/errata/RHSA-2014:1245
reference_id RHSA-2014:1245
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1245
12
reference_url https://access.redhat.com/errata/RHSA-2014:1389
reference_id RHSA-2014:1389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1389
13
reference_url https://access.redhat.com/errata/RHSA-2015:0439
reference_id RHSA-2015:0439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0439
14
reference_url https://usn.ubuntu.com/2310-1/
reference_id USN-2310-1
reference_type
scores
url https://usn.ubuntu.com/2310-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
1
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19
aliases CVE-2014-4341
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f343-u3jt-pkfy
52
url VCID-f72c-txrr-ukga
vulnerability_id VCID-f72c-txrr-ukga
summary The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid packet that triggers incorrect preparation of an error token.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0628.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0628.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-0628
reference_id
reference_type
scores
0
value 0.00925
scoring_system epss
scoring_elements 0.76405
published_at 2026-06-04T12:55:00Z
1
value 0.00925
scoring_system epss
scoring_elements 0.76433
published_at 2026-06-05T12:55:00Z
2
value 0.00925
scoring_system epss
scoring_elements 0.76434
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-0628
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0628
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0628
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=566258
reference_id 566258
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=566258
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575740
reference_id 575740
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575740
5
reference_url https://usn.ubuntu.com/916-1/
reference_id USN-916-1
reference_type
scores
url https://usn.ubuntu.com/916-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2010-0628
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f72c-txrr-ukga
53
url VCID-fcy5-mv1a-n7dh
vulnerability_id VCID-fcy5-mv1a-n7dh
summary The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2697.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2697.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-2697
reference_id
reference_type
scores
0
value 0.05447
scoring_system epss
scoring_elements 0.90342
published_at 2026-06-04T12:55:00Z
1
value 0.05447
scoring_system epss
scoring_elements 0.90357
published_at 2026-06-05T12:55:00Z
2
value 0.05447
scoring_system epss
scoring_elements 0.90356
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-2697
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:N/A:C
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1275863
reference_id 1275863
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1275863
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803088
reference_id 803088
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803088
8
reference_url https://security.gentoo.org/glsa/201611-14
reference_id GLSA-201611-14
reference_type
scores
url https://security.gentoo.org/glsa/201611-14
9
reference_url https://usn.ubuntu.com/2810-1/
reference_id USN-2810-1
reference_type
scores
url https://usn.ubuntu.com/2810-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
1
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4
2
url pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
purl pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-3tas-mucv-aufk
2
vulnerability VCID-4mm3-t6eu-4qde
3
vulnerability VCID-c5he-57zg-fybc
4
vulnerability VCID-ekzs-tuvp-ybfq
5
vulnerability VCID-husp-fm64-nfa9
6
vulnerability VCID-j6qa-q1h1-3uaq
7
vulnerability VCID-jfhc-x8j6-yuab
8
vulnerability VCID-kwy5-x7m9-4qgt
9
vulnerability VCID-pq2d-33kw-ayb7
10
vulnerability VCID-rgc3-hzw1-3bcp
11
vulnerability VCID-s1hu-g4ns-5ydy
12
vulnerability VCID-tg7a-etmk-6fea
13
vulnerability VCID-u4y9-vrsc-wbdy
14
vulnerability VCID-wc2t-bbf1-mua5
15
vulnerability VCID-xmhu-nkgw-kybr
16
vulnerability VCID-yejf-124s-hqgx
17
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1
aliases CVE-2015-2697
risk_score 1.7
exploitability 0.5
weighted_severity 3.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fcy5-mv1a-n7dh
54
url VCID-fvfb-k9ar-93eu
vulnerability_id VCID-fvfb-k9ar-93eu
summary The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functions in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by specifying KADM5_POLICY with a NULL policy name.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8630.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8630.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8630
reference_id
reference_type
scores
0
value 0.03623
scoring_system epss
scoring_elements 0.88014
published_at 2026-06-04T12:55:00Z
1
value 0.03623
scoring_system epss
scoring_elements 0.88034
published_at 2026-06-05T12:55:00Z
2
value 0.03623
scoring_system epss
scoring_elements 0.88038
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8630
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8630
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8630
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:S/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1302632
reference_id 1302632
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1302632
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813127
reference_id 813127
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813127
6
reference_url https://access.redhat.com/errata/RHSA-2016:0532
reference_id RHSA-2016:0532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0532
fixed_packages
0
url pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
purl pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-3tas-mucv-aufk
2
vulnerability VCID-4mm3-t6eu-4qde
3
vulnerability VCID-c5he-57zg-fybc
4
vulnerability VCID-ekzs-tuvp-ybfq
5
vulnerability VCID-husp-fm64-nfa9
6
vulnerability VCID-j6qa-q1h1-3uaq
7
vulnerability VCID-jfhc-x8j6-yuab
8
vulnerability VCID-kwy5-x7m9-4qgt
9
vulnerability VCID-pq2d-33kw-ayb7
10
vulnerability VCID-rgc3-hzw1-3bcp
11
vulnerability VCID-s1hu-g4ns-5ydy
12
vulnerability VCID-tg7a-etmk-6fea
13
vulnerability VCID-u4y9-vrsc-wbdy
14
vulnerability VCID-wc2t-bbf1-mua5
15
vulnerability VCID-xmhu-nkgw-kybr
16
vulnerability VCID-yejf-124s-hqgx
17
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1
aliases CVE-2015-8630
risk_score 0.6
exploitability 0.5
weighted_severity 1.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fvfb-k9ar-93eu
55
url VCID-g9nw-c9d1-a3er
vulnerability_id VCID-g9nw-c9d1-a3er
summary The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid (1) AS-REQ or (2) TGS-REQ request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0283.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0283.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-0283
reference_id
reference_type
scores
0
value 0.03728
scoring_system epss
scoring_elements 0.88194
published_at 2026-06-04T12:55:00Z
1
value 0.03728
scoring_system epss
scoring_elements 0.88214
published_at 2026-06-05T12:55:00Z
2
value 0.03728
scoring_system epss
scoring_elements 0.88217
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-0283
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0283
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0283
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=556680
reference_id 556680
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=556680
4
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
5
reference_url https://usn.ubuntu.com/916-1/
reference_id USN-916-1
reference_type
scores
url https://usn.ubuntu.com/916-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2010-0283
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g9nw-c9d1-a3er
56
url VCID-h23e-nhyz-8uda
vulnerability_id VCID-h23e-nhyz-8uda
summary The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request to modify a principal.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3119.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3119.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3119
reference_id
reference_type
scores
0
value 0.10203
scoring_system epss
scoring_elements 0.93271
published_at 2026-06-04T12:55:00Z
1
value 0.10203
scoring_system epss
scoring_elements 0.93283
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3119
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3119
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3119
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1319616
reference_id 1319616
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1319616
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819468
reference_id 819468
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819468
5
reference_url https://access.redhat.com/errata/RHSA-2016:2591
reference_id RHSA-2016:2591
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2591
fixed_packages
0
url pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
purl pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-3tas-mucv-aufk
2
vulnerability VCID-4mm3-t6eu-4qde
3
vulnerability VCID-c5he-57zg-fybc
4
vulnerability VCID-ekzs-tuvp-ybfq
5
vulnerability VCID-husp-fm64-nfa9
6
vulnerability VCID-j6qa-q1h1-3uaq
7
vulnerability VCID-jfhc-x8j6-yuab
8
vulnerability VCID-kwy5-x7m9-4qgt
9
vulnerability VCID-pq2d-33kw-ayb7
10
vulnerability VCID-rgc3-hzw1-3bcp
11
vulnerability VCID-s1hu-g4ns-5ydy
12
vulnerability VCID-tg7a-etmk-6fea
13
vulnerability VCID-u4y9-vrsc-wbdy
14
vulnerability VCID-wc2t-bbf1-mua5
15
vulnerability VCID-xmhu-nkgw-kybr
16
vulnerability VCID-yejf-124s-hqgx
17
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1
aliases CVE-2016-3119
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h23e-nhyz-8uda
57
url VCID-hre7-pp7p-13fs
vulnerability_id VCID-hre7-pp7p-13fs
summary The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_crypto_openssl.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 and 1.11.x before 1.11.1 does not properly handle errors during extraction of fields from an X.509 certificate, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed KRB5_PADATA_PK_AS_REQ AS-REQ request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1415.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1415.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1415
reference_id
reference_type
scores
0
value 0.01588
scoring_system epss
scoring_elements 0.81961
published_at 2026-06-04T12:55:00Z
1
value 0.01588
scoring_system epss
scoring_elements 0.81994
published_at 2026-06-05T12:55:00Z
2
value 0.01588
scoring_system epss
scoring_elements 0.81995
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1415
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1415
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1415
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=914749
reference_id 914749
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=914749
4
reference_url https://access.redhat.com/errata/RHSA-2013:0656
reference_id RHSA-2013:0656
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0656
5
reference_url https://usn.ubuntu.com/2310-1/
reference_id USN-2310-1
reference_type
scores
url https://usn.ubuntu.com/2310-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
aliases CVE-2013-1415
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hre7-pp7p-13fs
58
url VCID-husp-fm64-nfa9
vulnerability_id VCID-husp-fm64-nfa9
summary denial of service
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37750.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37750.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-37750
reference_id
reference_type
scores
0
value 0.00716
scoring_system epss
scoring_elements 0.72752
published_at 2026-06-04T12:55:00Z
1
value 0.00716
scoring_system epss
scoring_elements 0.72791
published_at 2026-06-05T12:55:00Z
2
value 0.00716
scoring_system epss
scoring_elements 0.72799
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-37750
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1996834
reference_id 1996834
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1996834
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992607
reference_id 992607
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992607
6
reference_url https://security.archlinux.org/AVG-2312
reference_id AVG-2312
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2312
7
reference_url https://security.gentoo.org/glsa/202405-11
reference_id GLSA-202405-11
reference_type
scores
url https://security.gentoo.org/glsa/202405-11
8
reference_url https://access.redhat.com/errata/RHSA-2021:3576
reference_id RHSA-2021:3576
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3576
9
reference_url https://access.redhat.com/errata/RHSA-2021:4788
reference_id RHSA-2021:4788
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4788
10
reference_url https://usn.ubuntu.com/5959-1/
reference_id USN-5959-1
reference_type
scores
url https://usn.ubuntu.com/5959-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5
purl pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-pq2d-33kw-ayb7
2
vulnerability VCID-s1hu-g4ns-5ydy
3
vulnerability VCID-u4y9-vrsc-wbdy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5
aliases CVE-2021-37750
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-husp-fm64-nfa9
59
url VCID-j145-f5mp-xkeq
vulnerability_id VCID-j145-f5mp-xkeq
summary The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty continuation token at a certain point during a SPNEGO negotiation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4344.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4344.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4344
reference_id
reference_type
scores
0
value 0.0527
scoring_system epss
scoring_elements 0.90169
published_at 2026-06-04T12:55:00Z
1
value 0.0527
scoring_system epss
scoring_elements 0.90185
published_at 2026-06-05T12:55:00Z
2
value 0.0527
scoring_system epss
scoring_elements 0.90183
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4344
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1121877
reference_id 1121877
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1121877
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755521
reference_id 755521
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755521
9
reference_url https://access.redhat.com/errata/RHSA-2014:1245
reference_id RHSA-2014:1245
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1245
10
reference_url https://access.redhat.com/errata/RHSA-2014:1389
reference_id RHSA-2014:1389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1389
11
reference_url https://access.redhat.com/errata/RHSA-2015:0439
reference_id RHSA-2015:0439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0439
12
reference_url https://usn.ubuntu.com/2310-1/
reference_id USN-2310-1
reference_type
scores
url https://usn.ubuntu.com/2310-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
1
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19
aliases CVE-2014-4344
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j145-f5mp-xkeq
60
url VCID-j6qa-q1h1-3uaq
vulnerability_id VCID-j6qa-q1h1-3uaq
summary MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5730.json
reference_id
reference_type
scores
0
value 3.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5730.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5730
reference_id
reference_type
scores
0
value 0.00576
scoring_system epss
scoring_elements 0.69169
published_at 2026-06-04T12:55:00Z
1
value 0.00576
scoring_system epss
scoring_elements 0.69208
published_at 2026-06-05T12:55:00Z
2
value 0.00576
scoring_system epss
scoring_elements 0.69217
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5730
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5730
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5730
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1551082
reference_id 1551082
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1551082
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869
reference_id 891869
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869
6
reference_url https://security.archlinux.org/ASA-201806-3
reference_id ASA-201806-3
reference_type
scores
url https://security.archlinux.org/ASA-201806-3
7
reference_url https://security.archlinux.org/AVG-586
reference_id AVG-586
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-586
8
reference_url https://access.redhat.com/errata/RHSA-2018:3071
reference_id RHSA-2018:3071
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3071
fixed_packages
0
url pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
purl pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-ekzs-tuvp-ybfq
2
vulnerability VCID-husp-fm64-nfa9
3
vulnerability VCID-jfhc-x8j6-yuab
4
vulnerability VCID-kwy5-x7m9-4qgt
5
vulnerability VCID-pq2d-33kw-ayb7
6
vulnerability VCID-s1hu-g4ns-5ydy
7
vulnerability VCID-tg7a-etmk-6fea
8
vulnerability VCID-u4y9-vrsc-wbdy
9
vulnerability VCID-wc2t-bbf1-mua5
10
vulnerability VCID-xmhu-nkgw-kybr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4
aliases CVE-2018-5730
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j6qa-q1h1-3uaq
61
url VCID-jbf6-vrjc-syg1
vulnerability_id VCID-jbf6-vrjc-syg1
summary The process_as_req function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x before 1.10.3 does not initialize a certain structure member, which allows remote attackers to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a malformed AS-REQ request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1014.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1014.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1014
reference_id
reference_type
scores
0
value 0.04152
scoring_system epss
scoring_elements 0.88861
published_at 2026-06-04T12:55:00Z
1
value 0.04152
scoring_system epss
scoring_elements 0.88878
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1014
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1014
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1014
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683429
reference_id 683429
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683429
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=838014
reference_id 838014
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=838014
6
reference_url https://security.gentoo.org/glsa/201312-12
reference_id GLSA-201312-12
reference_type
scores
url https://security.gentoo.org/glsa/201312-12
7
reference_url https://usn.ubuntu.com/1520-1/
reference_id USN-1520-1
reference_type
scores
url https://usn.ubuntu.com/1520-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
aliases CVE-2012-1014
risk_score 1.0
exploitability 0.5
weighted_severity 2.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jbf6-vrjc-syg1
62
url VCID-jbkg-zyb4-ybdc
vulnerability_id VCID-jbkg-zyb4-ybdc
summary The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0956.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0956.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-0956
reference_id
reference_type
scores
0
value 0.25754
scoring_system epss
scoring_elements 0.96353
published_at 2026-06-04T12:55:00Z
1
value 0.25754
scoring_system epss
scoring_elements 0.96358
published_at 2026-06-05T12:55:00Z
2
value 0.25754
scoring_system epss
scoring_elements 0.96362
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-0956
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=229782
reference_id 229782
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=229782
4
reference_url https://security.gentoo.org/glsa/200704-02
reference_id GLSA-200704-02
reference_type
scores
url https://security.gentoo.org/glsa/200704-02
5
reference_url https://access.redhat.com/errata/RHSA-2007:0095
reference_id RHSA-2007:0095
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0095
6
reference_url https://usn.ubuntu.com/449-1/
reference_id USN-449-1
reference_type
scores
url https://usn.ubuntu.com/449-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
purl pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sps-s2a3-wbad
3
vulnerability VCID-1u82-w13p-cfbk
4
vulnerability VCID-2674-wgen-1qbk
5
vulnerability VCID-2tn3-dfqx-5yc9
6
vulnerability VCID-3d22-kr2u-tuck
7
vulnerability VCID-3df1-58jr-e7gv
8
vulnerability VCID-3jcm-y59r-47a5
9
vulnerability VCID-3tas-mucv-aufk
10
vulnerability VCID-42rr-7ajf-eqg7
11
vulnerability VCID-4mm3-t6eu-4qde
12
vulnerability VCID-53pj-pwxv-qqhv
13
vulnerability VCID-596a-s3un-vbbc
14
vulnerability VCID-5jja-ssqm-skhu
15
vulnerability VCID-5thq-ff3f-h7f6
16
vulnerability VCID-6jnk-3rfw-nkh8
17
vulnerability VCID-7ey4-ge6f-9uct
18
vulnerability VCID-7wnb-bhuv-tycp
19
vulnerability VCID-8fxt-3wg4-dkbb
20
vulnerability VCID-9axv-m7xk-quax
21
vulnerability VCID-a4cc-w95t-8fh6
22
vulnerability VCID-at3s-18x4-n7e2
23
vulnerability VCID-b6a9-hnjx-c3gk
24
vulnerability VCID-bdmc-p544-bfg9
25
vulnerability VCID-bg27-2hv6-m7cx
26
vulnerability VCID-bkdg-dybz-t3fy
27
vulnerability VCID-bkqm-d2bp-f7fe
28
vulnerability VCID-c2t4-3vdu-wqf1
29
vulnerability VCID-c3qw-eazy-nyer
30
vulnerability VCID-c5ev-cgh8-3kda
31
vulnerability VCID-c5he-57zg-fybc
32
vulnerability VCID-d2qf-r6jd-r3c7
33
vulnerability VCID-d42v-zwu4-a3ge
34
vulnerability VCID-d53g-faqf-gfdp
35
vulnerability VCID-dbaq-qjd2-d7c9
36
vulnerability VCID-e1xu-a882-s3ga
37
vulnerability VCID-ekzs-tuvp-ybfq
38
vulnerability VCID-esm3-3qwz-cud2
39
vulnerability VCID-ezm2-e8zw-g7dg
40
vulnerability VCID-f343-u3jt-pkfy
41
vulnerability VCID-f72c-txrr-ukga
42
vulnerability VCID-fcy5-mv1a-n7dh
43
vulnerability VCID-fvfb-k9ar-93eu
44
vulnerability VCID-g9nw-c9d1-a3er
45
vulnerability VCID-h23e-nhyz-8uda
46
vulnerability VCID-hre7-pp7p-13fs
47
vulnerability VCID-husp-fm64-nfa9
48
vulnerability VCID-j145-f5mp-xkeq
49
vulnerability VCID-j6qa-q1h1-3uaq
50
vulnerability VCID-jbf6-vrjc-syg1
51
vulnerability VCID-jfhc-x8j6-yuab
52
vulnerability VCID-ksar-xuza-8kg7
53
vulnerability VCID-kszc-uv1w-syb1
54
vulnerability VCID-ktuq-s8bz-1qam
55
vulnerability VCID-kwy5-x7m9-4qgt
56
vulnerability VCID-mbrk-dkua-uyeq
57
vulnerability VCID-ny7t-pkm8-2fb4
58
vulnerability VCID-pbeh-n41k-s7au
59
vulnerability VCID-pj93-uzpy-3bg1
60
vulnerability VCID-pq2d-33kw-ayb7
61
vulnerability VCID-py4d-vrgu-5ueu
62
vulnerability VCID-rgc3-hzw1-3bcp
63
vulnerability VCID-s1hu-g4ns-5ydy
64
vulnerability VCID-sewn-mfcw-gygm
65
vulnerability VCID-t96y-1vd2-fqe3
66
vulnerability VCID-tg7a-etmk-6fea
67
vulnerability VCID-u4y9-vrsc-wbdy
68
vulnerability VCID-ukkj-tn8u-yuab
69
vulnerability VCID-v4b9-7gb8-7kf7
70
vulnerability VCID-vq2w-pgev-f7ha
71
vulnerability VCID-vuzh-e7pz-fqgt
72
vulnerability VCID-vxvk-vwan-ukak
73
vulnerability VCID-wc2t-bbf1-mua5
74
vulnerability VCID-xmhu-nkgw-kybr
75
vulnerability VCID-yejf-124s-hqgx
76
vulnerability VCID-yr93-awkm-v7ay
77
vulnerability VCID-yy22-6ztx-67d4
78
vulnerability VCID-zv6f-cpbv-a7b7
79
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
aliases CVE-2007-0956
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jbkg-zyb4-ybdc
63
url VCID-jfhc-x8j6-yuab
vulnerability_id VCID-jfhc-x8j6-yuab
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37370.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37370.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-37370
reference_id
reference_type
scores
0
value 0.00545
scoring_system epss
scoring_elements 0.68171
published_at 2026-06-06T12:55:00Z
1
value 0.00545
scoring_system epss
scoring_elements 0.68162
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-37370
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2294677
reference_id 2294677
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2294677
6
reference_url https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef
reference_id 55fbf435edbe2e92dd8101669b1ce7144bc96fef
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-01T15:25:49Z/
url https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef
7
reference_url https://web.mit.edu/kerberos/www/advisories/
reference_id advisories
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-01T15:25:49Z/
url https://web.mit.edu/kerberos/www/advisories/
8
reference_url https://security.archlinux.org/AVG-2856
reference_id AVG-2856
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2856
9
reference_url https://access.redhat.com/errata/RHSA-2024:10135
reference_id RHSA-2024:10135
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10135
10
reference_url https://access.redhat.com/errata/RHSA-2024:11109
reference_id RHSA-2024:11109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11109
11
reference_url https://access.redhat.com/errata/RHSA-2024:4734
reference_id RHSA-2024:4734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4734
12
reference_url https://access.redhat.com/errata/RHSA-2024:4743
reference_id RHSA-2024:4743
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4743
13
reference_url https://access.redhat.com/errata/RHSA-2024:5076
reference_id RHSA-2024:5076
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5076
14
reference_url https://access.redhat.com/errata/RHSA-2024:5312
reference_id RHSA-2024:5312
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5312
15
reference_url https://access.redhat.com/errata/RHSA-2024:5316
reference_id RHSA-2024:5316
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5316
16
reference_url https://access.redhat.com/errata/RHSA-2024:5625
reference_id RHSA-2024:5625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5625
17
reference_url https://access.redhat.com/errata/RHSA-2024:5630
reference_id RHSA-2024:5630
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5630
18
reference_url https://access.redhat.com/errata/RHSA-2024:5643
reference_id RHSA-2024:5643
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5643
19
reference_url https://access.redhat.com/errata/RHSA-2024:5884
reference_id RHSA-2024:5884
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5884
20
reference_url https://access.redhat.com/errata/RHSA-2024:6166
reference_id RHSA-2024:6166
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6166
21
reference_url https://access.redhat.com/errata/RHSA-2024:7213
reference_id RHSA-2024:7213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7213
22
reference_url https://access.redhat.com/errata/RHSA-2024:7374
reference_id RHSA-2024:7374
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7374
23
reference_url https://usn.ubuntu.com/6947-1/
reference_id USN-6947-1
reference_type
scores
url https://usn.ubuntu.com/6947-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5
purl pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-pq2d-33kw-ayb7
2
vulnerability VCID-s1hu-g4ns-5ydy
3
vulnerability VCID-u4y9-vrsc-wbdy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5
aliases CVE-2024-37370
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jfhc-x8j6-yuab
64
url VCID-ksar-xuza-8kg7
vulnerability_id VCID-ksar-xuza-8kg7
summary The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0281.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0281.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-0281
reference_id
reference_type
scores
0
value 0.10754
scoring_system epss
scoring_elements 0.93472
published_at 2026-06-04T12:55:00Z
1
value 0.10754
scoring_system epss
scoring_elements 0.93483
published_at 2026-06-05T12:55:00Z
2
value 0.10754
scoring_system epss
scoring_elements 0.93484
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-0281
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0281
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=668719
reference_id 668719
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=668719
4
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
5
reference_url https://access.redhat.com/errata/RHSA-2011:0199
reference_id RHSA-2011:0199
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0199
6
reference_url https://access.redhat.com/errata/RHSA-2011:0200
reference_id RHSA-2011:0200
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0200
7
reference_url https://usn.ubuntu.com/1062-1/
reference_id USN-1062-1
reference_type
scores
url https://usn.ubuntu.com/1062-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
aliases CVE-2011-0281
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ksar-xuza-8kg7
65
url VCID-kszc-uv1w-syb1
vulnerability_id VCID-kszc-uv1w-syb1
summary The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remote attackers to cause a denial of service (daemon crash), or possibly obtain sensitive information, spoof authorization, or execute arbitrary code, via a TGS request that triggers an uninitialized pointer dereference, as demonstrated by a request from a Windows Active Directory client.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1322.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1322.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-1322
reference_id
reference_type
scores
0
value 0.01463
scoring_system epss
scoring_elements 0.8121
published_at 2026-06-04T12:55:00Z
1
value 0.01463
scoring_system epss
scoring_elements 0.81238
published_at 2026-06-05T12:55:00Z
2
value 0.01463
scoring_system epss
scoring_elements 0.81241
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-1322
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1322
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1322
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599237
reference_id 599237
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599237
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=636335
reference_id 636335
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=636335
5
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
6
reference_url https://access.redhat.com/errata/RHSA-2010:0863
reference_id RHSA-2010:0863
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0863
7
reference_url https://usn.ubuntu.com/999-1/
reference_id USN-999-1
reference_type
scores
url https://usn.ubuntu.com/999-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2010-1322
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kszc-uv1w-syb1
66
url VCID-ktuq-s8bz-1qam
vulnerability_id VCID-ktuq-s8bz-1qam
summary The process_chpw_request function in schpw.c in the password-changing functionality in kadmind in MIT Kerberos 5 (aka krb5) 1.7 through 1.9 frees an invalid pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted request that triggers an error condition.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0285.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0285.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-0285
reference_id
reference_type
scores
0
value 0.54024
scoring_system epss
scoring_elements 0.98055
published_at 2026-06-04T12:55:00Z
1
value 0.54024
scoring_system epss
scoring_elements 0.98057
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-0285
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0285
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0285
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622681
reference_id 622681
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622681
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=696334
reference_id 696334
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=696334
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35606.txt
reference_id CVE-2011-0285;OSVDB-71789
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35606.txt
6
reference_url https://www.securityfocus.com/bid/47310/info
reference_id CVE-2011-0285;OSVDB-71789
reference_type exploit
scores
url https://www.securityfocus.com/bid/47310/info
7
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
8
reference_url https://access.redhat.com/errata/RHSA-2011:0447
reference_id RHSA-2011:0447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0447
9
reference_url https://usn.ubuntu.com/1116-1/
reference_id USN-1116-1
reference_type
scores
url https://usn.ubuntu.com/1116-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
aliases CVE-2011-0285
risk_score 1.0
exploitability 2.0
weighted_severity 0.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ktuq-s8bz-1qam
67
url VCID-kwy5-x7m9-4qgt
vulnerability_id VCID-kwy5-x7m9-4qgt
summary MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28196.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28196.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-28196
reference_id
reference_type
scores
0
value 0.00955
scoring_system epss
scoring_elements 0.76818
published_at 2026-06-06T12:55:00Z
1
value 0.00955
scoring_system epss
scoring_elements 0.76779
published_at 2026-06-04T12:55:00Z
2
value 0.00955
scoring_system epss
scoring_elements 0.76812
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-28196
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28196
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28196
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1901041
reference_id 1901041
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1901041
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45KKOZQWIIIW5C45PJVGQ32AXBSYNBE7/
reference_id 45KKOZQWIIIW5C45PJVGQ32AXBSYNBE7
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45KKOZQWIIIW5C45PJVGQ32AXBSYNBE7/
6
reference_url https://github.com/krb5/krb5/commit/57415dda6cf04e73ffc3723be518eddfae599bfd
reference_id 57415dda6cf04e73ffc3723be518eddfae599bfd
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/
url https://github.com/krb5/krb5/commit/57415dda6cf04e73ffc3723be518eddfae599bfd
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/73IGOG6CZAVMVNS4GGRMOLOZ7B6QVA7F/
reference_id 73IGOG6CZAVMVNS4GGRMOLOZ7B6QVA7F
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/73IGOG6CZAVMVNS4GGRMOLOZ7B6QVA7F/
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973880
reference_id 973880
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973880
9
reference_url https://www.debian.org/security/2020/dsa-4795
reference_id dsa-4795
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/
url https://www.debian.org/security/2020/dsa-4795
10
reference_url https://security.gentoo.org/glsa/202011-17
reference_id GLSA-202011-17
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/
url https://security.gentoo.org/glsa/202011-17
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPH2V3WSQTELROZK3GFCPQDOFLKIZ6H5/
reference_id KPH2V3WSQTELROZK3GFCPQDOFLKIZ6H5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPH2V3WSQTELROZK3GFCPQDOFLKIZ6H5/
12
reference_url https://lists.debian.org/debian-lts-announce/2020/11/msg00011.html
reference_id msg00011.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/
url https://lists.debian.org/debian-lts-announce/2020/11/msg00011.html
13
reference_url https://security.netapp.com/advisory/ntap-20201202-0001/
reference_id ntap-20201202-0001
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/
url https://security.netapp.com/advisory/ntap-20201202-0001/
14
reference_url https://security.netapp.com/advisory/ntap-20210513-0002/
reference_id ntap-20210513-0002
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/
url https://security.netapp.com/advisory/ntap-20210513-0002/
15
reference_url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
reference_id r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/
url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
reference_id rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:14:50Z/
url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
17
reference_url https://access.redhat.com/errata/RHSA-2021:1593
reference_id RHSA-2021:1593
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1593
18
reference_url https://access.redhat.com/errata/RHSA-2021:2239
reference_id RHSA-2021:2239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2239
19
reference_url https://usn.ubuntu.com/4635-1/
reference_id USN-4635-1
reference_type
scores
url https://usn.ubuntu.com/4635-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
purl pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-ekzs-tuvp-ybfq
2
vulnerability VCID-husp-fm64-nfa9
3
vulnerability VCID-jfhc-x8j6-yuab
4
vulnerability VCID-kwy5-x7m9-4qgt
5
vulnerability VCID-pq2d-33kw-ayb7
6
vulnerability VCID-s1hu-g4ns-5ydy
7
vulnerability VCID-tg7a-etmk-6fea
8
vulnerability VCID-u4y9-vrsc-wbdy
9
vulnerability VCID-wc2t-bbf1-mua5
10
vulnerability VCID-xmhu-nkgw-kybr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4
1
url pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5
purl pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-pq2d-33kw-ayb7
2
vulnerability VCID-s1hu-g4ns-5ydy
3
vulnerability VCID-u4y9-vrsc-wbdy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5
aliases CVE-2020-28196
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kwy5-x7m9-4qgt
68
url VCID-m9pf-r95d-4qbx
vulnerability_id VCID-m9pf-r95d-4qbx
summary The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0063.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0063.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-0063
reference_id
reference_type
scores
0
value 0.04904
scoring_system epss
scoring_elements 0.89779
published_at 2026-06-04T12:55:00Z
1
value 0.04904
scoring_system epss
scoring_elements 0.89795
published_at 2026-06-05T12:55:00Z
2
value 0.04904
scoring_system epss
scoring_elements 0.89797
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-0063
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=432621
reference_id 432621
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=432621
4
reference_url https://security.gentoo.org/glsa/200803-31
reference_id GLSA-200803-31
reference_type
scores
url https://security.gentoo.org/glsa/200803-31
5
reference_url https://access.redhat.com/errata/RHSA-2008:0164
reference_id RHSA-2008:0164
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0164
6
reference_url https://access.redhat.com/errata/RHSA-2008:0180
reference_id RHSA-2008:0180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0180
7
reference_url https://access.redhat.com/errata/RHSA-2008:0181
reference_id RHSA-2008:0181
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0181
8
reference_url https://access.redhat.com/errata/RHSA-2008:0182
reference_id RHSA-2008:0182
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0182
9
reference_url https://usn.ubuntu.com/587-1/
reference_id USN-587-1
reference_type
scores
url https://usn.ubuntu.com/587-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
purl pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sps-s2a3-wbad
3
vulnerability VCID-1u82-w13p-cfbk
4
vulnerability VCID-2674-wgen-1qbk
5
vulnerability VCID-2tn3-dfqx-5yc9
6
vulnerability VCID-3d22-kr2u-tuck
7
vulnerability VCID-3df1-58jr-e7gv
8
vulnerability VCID-3jcm-y59r-47a5
9
vulnerability VCID-3tas-mucv-aufk
10
vulnerability VCID-42rr-7ajf-eqg7
11
vulnerability VCID-4mm3-t6eu-4qde
12
vulnerability VCID-53pj-pwxv-qqhv
13
vulnerability VCID-596a-s3un-vbbc
14
vulnerability VCID-5jja-ssqm-skhu
15
vulnerability VCID-5thq-ff3f-h7f6
16
vulnerability VCID-6jnk-3rfw-nkh8
17
vulnerability VCID-7ey4-ge6f-9uct
18
vulnerability VCID-7wnb-bhuv-tycp
19
vulnerability VCID-8fxt-3wg4-dkbb
20
vulnerability VCID-9axv-m7xk-quax
21
vulnerability VCID-a4cc-w95t-8fh6
22
vulnerability VCID-at3s-18x4-n7e2
23
vulnerability VCID-b6a9-hnjx-c3gk
24
vulnerability VCID-bdmc-p544-bfg9
25
vulnerability VCID-bg27-2hv6-m7cx
26
vulnerability VCID-bkdg-dybz-t3fy
27
vulnerability VCID-bkqm-d2bp-f7fe
28
vulnerability VCID-c2t4-3vdu-wqf1
29
vulnerability VCID-c3qw-eazy-nyer
30
vulnerability VCID-c5ev-cgh8-3kda
31
vulnerability VCID-c5he-57zg-fybc
32
vulnerability VCID-d2qf-r6jd-r3c7
33
vulnerability VCID-d42v-zwu4-a3ge
34
vulnerability VCID-d53g-faqf-gfdp
35
vulnerability VCID-dbaq-qjd2-d7c9
36
vulnerability VCID-e1xu-a882-s3ga
37
vulnerability VCID-ekzs-tuvp-ybfq
38
vulnerability VCID-esm3-3qwz-cud2
39
vulnerability VCID-ezm2-e8zw-g7dg
40
vulnerability VCID-f343-u3jt-pkfy
41
vulnerability VCID-f72c-txrr-ukga
42
vulnerability VCID-fcy5-mv1a-n7dh
43
vulnerability VCID-fvfb-k9ar-93eu
44
vulnerability VCID-g9nw-c9d1-a3er
45
vulnerability VCID-h23e-nhyz-8uda
46
vulnerability VCID-hre7-pp7p-13fs
47
vulnerability VCID-husp-fm64-nfa9
48
vulnerability VCID-j145-f5mp-xkeq
49
vulnerability VCID-j6qa-q1h1-3uaq
50
vulnerability VCID-jbf6-vrjc-syg1
51
vulnerability VCID-jfhc-x8j6-yuab
52
vulnerability VCID-ksar-xuza-8kg7
53
vulnerability VCID-kszc-uv1w-syb1
54
vulnerability VCID-ktuq-s8bz-1qam
55
vulnerability VCID-kwy5-x7m9-4qgt
56
vulnerability VCID-mbrk-dkua-uyeq
57
vulnerability VCID-ny7t-pkm8-2fb4
58
vulnerability VCID-pbeh-n41k-s7au
59
vulnerability VCID-pj93-uzpy-3bg1
60
vulnerability VCID-pq2d-33kw-ayb7
61
vulnerability VCID-py4d-vrgu-5ueu
62
vulnerability VCID-rgc3-hzw1-3bcp
63
vulnerability VCID-s1hu-g4ns-5ydy
64
vulnerability VCID-sewn-mfcw-gygm
65
vulnerability VCID-t96y-1vd2-fqe3
66
vulnerability VCID-tg7a-etmk-6fea
67
vulnerability VCID-u4y9-vrsc-wbdy
68
vulnerability VCID-ukkj-tn8u-yuab
69
vulnerability VCID-v4b9-7gb8-7kf7
70
vulnerability VCID-vq2w-pgev-f7ha
71
vulnerability VCID-vuzh-e7pz-fqgt
72
vulnerability VCID-vxvk-vwan-ukak
73
vulnerability VCID-wc2t-bbf1-mua5
74
vulnerability VCID-xmhu-nkgw-kybr
75
vulnerability VCID-yejf-124s-hqgx
76
vulnerability VCID-yr93-awkm-v7ay
77
vulnerability VCID-yy22-6ztx-67d4
78
vulnerability VCID-zv6f-cpbv-a7b7
79
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
aliases CVE-2008-0063
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m9pf-r95d-4qbx
69
url VCID-mbrk-dkua-uyeq
vulnerability_id VCID-mbrk-dkua-uyeq
summary The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) 1.14 pre-release 2015-09-14 improperly accesses a certain pointer, which allows remote authenticated users to cause a denial of service (memory corruption) or possibly have unspecified other impact by interacting with an application that calls the gss_export_sec_context function. NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-2696.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2698.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2698.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-2698
reference_id
reference_type
scores
0
value 0.00867
scoring_system epss
scoring_elements 0.75505
published_at 2026-06-04T12:55:00Z
1
value 0.00867
scoring_system epss
scoring_elements 0.75534
published_at 2026-06-05T12:55:00Z
2
value 0.00867
scoring_system epss
scoring_elements 0.75537
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-2698
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2698
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2698
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1278951
reference_id 1278951
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1278951
4
reference_url https://usn.ubuntu.com/2810-1/
reference_id USN-2810-1
reference_type
scores
url https://usn.ubuntu.com/2810-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
purl pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-3tas-mucv-aufk
2
vulnerability VCID-4mm3-t6eu-4qde
3
vulnerability VCID-c5he-57zg-fybc
4
vulnerability VCID-ekzs-tuvp-ybfq
5
vulnerability VCID-husp-fm64-nfa9
6
vulnerability VCID-j6qa-q1h1-3uaq
7
vulnerability VCID-jfhc-x8j6-yuab
8
vulnerability VCID-kwy5-x7m9-4qgt
9
vulnerability VCID-pq2d-33kw-ayb7
10
vulnerability VCID-rgc3-hzw1-3bcp
11
vulnerability VCID-s1hu-g4ns-5ydy
12
vulnerability VCID-tg7a-etmk-6fea
13
vulnerability VCID-u4y9-vrsc-wbdy
14
vulnerability VCID-wc2t-bbf1-mua5
15
vulnerability VCID-xmhu-nkgw-kybr
16
vulnerability VCID-yejf-124s-hqgx
17
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1
aliases CVE-2015-2698
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mbrk-dkua-uyeq
70
url VCID-ny7t-pkm8-2fb4
vulnerability_id VCID-ny7t-pkm8-2fb4
summary The check_1_6_dummy function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x, and 1.10.x before 1.10.2 allows remote authenticated administrators to cause a denial of service (NULL pointer dereference and daemon crash) via a KRB5_KDB_DISALLOW_ALL_TIX create request that lacks a password.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1013.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1013.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1013
reference_id
reference_type
scores
0
value 0.01042
scoring_system epss
scoring_elements 0.77794
published_at 2026-06-04T12:55:00Z
1
value 0.01042
scoring_system epss
scoring_elements 0.77821
published_at 2026-06-05T12:55:00Z
2
value 0.01042
scoring_system epss
scoring_elements 0.77828
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1013
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1013
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1013
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687647
reference_id 687647
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687647
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=827517
reference_id 827517
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=827517
5
reference_url https://access.redhat.com/errata/RHSA-2012:1131
reference_id RHSA-2012:1131
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1131
6
reference_url https://usn.ubuntu.com/1520-1/
reference_id USN-1520-1
reference_type
scores
url https://usn.ubuntu.com/1520-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
aliases CVE-2012-1013
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ny7t-pkm8-2fb4
71
url VCID-pbeh-n41k-s7au
vulnerability_id VCID-pbeh-n41k-s7au
summary MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum, (2) an unkeyed PAC checksum, or (3) a KrbFastArmoredReq checksum based on an RC4 key.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1324.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1324.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-1324
reference_id
reference_type
scores
0
value 0.03499
scoring_system epss
scoring_elements 0.87818
published_at 2026-06-04T12:55:00Z
1
value 0.03499
scoring_system epss
scoring_elements 0.87839
published_at 2026-06-05T12:55:00Z
2
value 0.03499
scoring_system epss
scoring_elements 0.87841
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-1324
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1324
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1324
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605553
reference_id 605553
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605553
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=648674
reference_id 648674
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=648674
5
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
6
reference_url https://access.redhat.com/errata/RHSA-2010:0925
reference_id RHSA-2010:0925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0925
7
reference_url https://usn.ubuntu.com/1030-1/
reference_id USN-1030-1
reference_type
scores
url https://usn.ubuntu.com/1030-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2010-1324
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pbeh-n41k-s7au
72
url VCID-phbg-1ygq-9qb6
vulnerability_id VCID-phbg-1ygq-9qb6
summary The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 (krb5) does not initialize the length variable when auth_type has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misidentifies the conditions under which the uninitialized variable is used. NOTE: the vendor disputes this issue, stating " The 'length' variable is only uninitialized if 'auth_type' is neither the 'KERBEROS_V4' nor 'GSSAPI'; this condition cannot occur in the unmodified source code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5894.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5894.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-5894
reference_id
reference_type
scores
0
value 0.02774
scoring_system epss
scoring_elements 0.86319
published_at 2026-06-04T12:55:00Z
1
value 0.02774
scoring_system epss
scoring_elements 0.86341
published_at 2026-06-05T12:55:00Z
2
value 0.02774
scoring_system epss
scoring_elements 0.86343
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-5894
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5894
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=415311
reference_id 415311
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=415311
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454974
reference_id 454974
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454974
fixed_packages
0
url pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
purl pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sps-s2a3-wbad
3
vulnerability VCID-1u82-w13p-cfbk
4
vulnerability VCID-2674-wgen-1qbk
5
vulnerability VCID-2tn3-dfqx-5yc9
6
vulnerability VCID-3d22-kr2u-tuck
7
vulnerability VCID-3df1-58jr-e7gv
8
vulnerability VCID-3jcm-y59r-47a5
9
vulnerability VCID-3tas-mucv-aufk
10
vulnerability VCID-42rr-7ajf-eqg7
11
vulnerability VCID-4mm3-t6eu-4qde
12
vulnerability VCID-53pj-pwxv-qqhv
13
vulnerability VCID-596a-s3un-vbbc
14
vulnerability VCID-5jja-ssqm-skhu
15
vulnerability VCID-5thq-ff3f-h7f6
16
vulnerability VCID-6jnk-3rfw-nkh8
17
vulnerability VCID-7ey4-ge6f-9uct
18
vulnerability VCID-7wnb-bhuv-tycp
19
vulnerability VCID-8fxt-3wg4-dkbb
20
vulnerability VCID-9axv-m7xk-quax
21
vulnerability VCID-a4cc-w95t-8fh6
22
vulnerability VCID-at3s-18x4-n7e2
23
vulnerability VCID-b6a9-hnjx-c3gk
24
vulnerability VCID-bdmc-p544-bfg9
25
vulnerability VCID-bg27-2hv6-m7cx
26
vulnerability VCID-bkdg-dybz-t3fy
27
vulnerability VCID-bkqm-d2bp-f7fe
28
vulnerability VCID-c2t4-3vdu-wqf1
29
vulnerability VCID-c3qw-eazy-nyer
30
vulnerability VCID-c5ev-cgh8-3kda
31
vulnerability VCID-c5he-57zg-fybc
32
vulnerability VCID-d2qf-r6jd-r3c7
33
vulnerability VCID-d42v-zwu4-a3ge
34
vulnerability VCID-d53g-faqf-gfdp
35
vulnerability VCID-dbaq-qjd2-d7c9
36
vulnerability VCID-e1xu-a882-s3ga
37
vulnerability VCID-ekzs-tuvp-ybfq
38
vulnerability VCID-esm3-3qwz-cud2
39
vulnerability VCID-ezm2-e8zw-g7dg
40
vulnerability VCID-f343-u3jt-pkfy
41
vulnerability VCID-f72c-txrr-ukga
42
vulnerability VCID-fcy5-mv1a-n7dh
43
vulnerability VCID-fvfb-k9ar-93eu
44
vulnerability VCID-g9nw-c9d1-a3er
45
vulnerability VCID-h23e-nhyz-8uda
46
vulnerability VCID-hre7-pp7p-13fs
47
vulnerability VCID-husp-fm64-nfa9
48
vulnerability VCID-j145-f5mp-xkeq
49
vulnerability VCID-j6qa-q1h1-3uaq
50
vulnerability VCID-jbf6-vrjc-syg1
51
vulnerability VCID-jfhc-x8j6-yuab
52
vulnerability VCID-ksar-xuza-8kg7
53
vulnerability VCID-kszc-uv1w-syb1
54
vulnerability VCID-ktuq-s8bz-1qam
55
vulnerability VCID-kwy5-x7m9-4qgt
56
vulnerability VCID-mbrk-dkua-uyeq
57
vulnerability VCID-ny7t-pkm8-2fb4
58
vulnerability VCID-pbeh-n41k-s7au
59
vulnerability VCID-pj93-uzpy-3bg1
60
vulnerability VCID-pq2d-33kw-ayb7
61
vulnerability VCID-py4d-vrgu-5ueu
62
vulnerability VCID-rgc3-hzw1-3bcp
63
vulnerability VCID-s1hu-g4ns-5ydy
64
vulnerability VCID-sewn-mfcw-gygm
65
vulnerability VCID-t96y-1vd2-fqe3
66
vulnerability VCID-tg7a-etmk-6fea
67
vulnerability VCID-u4y9-vrsc-wbdy
68
vulnerability VCID-ukkj-tn8u-yuab
69
vulnerability VCID-v4b9-7gb8-7kf7
70
vulnerability VCID-vq2w-pgev-f7ha
71
vulnerability VCID-vuzh-e7pz-fqgt
72
vulnerability VCID-vxvk-vwan-ukak
73
vulnerability VCID-wc2t-bbf1-mua5
74
vulnerability VCID-xmhu-nkgw-kybr
75
vulnerability VCID-yejf-124s-hqgx
76
vulnerability VCID-yr93-awkm-v7ay
77
vulnerability VCID-yy22-6ztx-67d4
78
vulnerability VCID-zv6f-cpbv-a7b7
79
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
aliases CVE-2007-5894
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-phbg-1ygq-9qb6
73
url VCID-pj93-uzpy-3bg1
vulnerability_id VCID-pj93-uzpy-3bg1
summary lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2696.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2696.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-2696
reference_id
reference_type
scores
0
value 0.10768
scoring_system epss
scoring_elements 0.93477
published_at 2026-06-04T12:55:00Z
1
value 0.10768
scoring_system epss
scoring_elements 0.93488
published_at 2026-06-05T12:55:00Z
2
value 0.10768
scoring_system epss
scoring_elements 0.93489
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-2696
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:C
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1275869
reference_id 1275869
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1275869
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803084
reference_id 803084
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803084
8
reference_url https://security.gentoo.org/glsa/201611-14
reference_id GLSA-201611-14
reference_type
scores
url https://security.gentoo.org/glsa/201611-14
9
reference_url https://usn.ubuntu.com/2810-1/
reference_id USN-2810-1
reference_type
scores
url https://usn.ubuntu.com/2810-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
1
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4
2
url pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
purl pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-3tas-mucv-aufk
2
vulnerability VCID-4mm3-t6eu-4qde
3
vulnerability VCID-c5he-57zg-fybc
4
vulnerability VCID-ekzs-tuvp-ybfq
5
vulnerability VCID-husp-fm64-nfa9
6
vulnerability VCID-j6qa-q1h1-3uaq
7
vulnerability VCID-jfhc-x8j6-yuab
8
vulnerability VCID-kwy5-x7m9-4qgt
9
vulnerability VCID-pq2d-33kw-ayb7
10
vulnerability VCID-rgc3-hzw1-3bcp
11
vulnerability VCID-s1hu-g4ns-5ydy
12
vulnerability VCID-tg7a-etmk-6fea
13
vulnerability VCID-u4y9-vrsc-wbdy
14
vulnerability VCID-wc2t-bbf1-mua5
15
vulnerability VCID-xmhu-nkgw-kybr
16
vulnerability VCID-yejf-124s-hqgx
17
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1
aliases CVE-2015-2696
risk_score 1.8
exploitability 0.5
weighted_severity 3.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pj93-uzpy-3bg1
74
url VCID-pq2d-33kw-ayb7
vulnerability_id VCID-pq2d-33kw-ayb7
summary A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3576.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-3576.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-3576
reference_id
reference_type
scores
0
value 0.00252
scoring_system epss
scoring_elements 0.48824
published_at 2026-06-05T12:55:00Z
1
value 0.00252
scoring_system epss
scoring_elements 0.48832
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-3576
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3576
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3576
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103525
reference_id 1103525
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103525
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2359465
reference_id 2359465
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2359465
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9
reference_id cpe:/a:redhat:discovery:2::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id cpe:/a:redhat:openshift:4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_id cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_id cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_id cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
reference_id cpe:/o:redhat:rhel_eus:9.4::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_id cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos
reference_id cpe:/o:redhat:rhel_tus:8.8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos
28
reference_url https://access.redhat.com/security/cve/CVE-2025-3576
reference_id CVE-2025-3576
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/
url https://access.redhat.com/security/cve/CVE-2025-3576
29
reference_url https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html
reference_id krb5-1.22.html
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/
url https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html
30
reference_url https://access.redhat.com/errata/RHSA-2025:11487
reference_id RHSA-2025:11487
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/
url https://access.redhat.com/errata/RHSA-2025:11487
31
reference_url https://access.redhat.com/errata/RHSA-2025:13664
reference_id RHSA-2025:13664
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/
url https://access.redhat.com/errata/RHSA-2025:13664
32
reference_url https://access.redhat.com/errata/RHSA-2025:13777
reference_id RHSA-2025:13777
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/
url https://access.redhat.com/errata/RHSA-2025:13777
33
reference_url https://access.redhat.com/errata/RHSA-2025:15000
reference_id RHSA-2025:15000
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/
url https://access.redhat.com/errata/RHSA-2025:15000
34
reference_url https://access.redhat.com/errata/RHSA-2025:15001
reference_id RHSA-2025:15001
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/
url https://access.redhat.com/errata/RHSA-2025:15001
35
reference_url https://access.redhat.com/errata/RHSA-2025:15002
reference_id RHSA-2025:15002
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/
url https://access.redhat.com/errata/RHSA-2025:15002
36
reference_url https://access.redhat.com/errata/RHSA-2025:15003
reference_id RHSA-2025:15003
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/
url https://access.redhat.com/errata/RHSA-2025:15003
37
reference_url https://access.redhat.com/errata/RHSA-2025:15004
reference_id RHSA-2025:15004
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/
url https://access.redhat.com/errata/RHSA-2025:15004
38
reference_url https://access.redhat.com/errata/RHSA-2025:8411
reference_id RHSA-2025:8411
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/
url https://access.redhat.com/errata/RHSA-2025:8411
39
reference_url https://access.redhat.com/errata/RHSA-2025:9418
reference_id RHSA-2025:9418
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/
url https://access.redhat.com/errata/RHSA-2025:9418
40
reference_url https://access.redhat.com/errata/RHSA-2025:9430
reference_id RHSA-2025:9430
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:11:53Z/
url https://access.redhat.com/errata/RHSA-2025:9430
41
reference_url https://usn.ubuntu.com/7542-1/
reference_id USN-7542-1
reference_type
scores
url https://usn.ubuntu.com/7542-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4
purl pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.20.1-2%252Bdeb12u4
aliases CVE-2025-3576
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pq2d-33kw-ayb7
75
url VCID-py4d-vrgu-5ueu
vulnerability_id VCID-py4d-vrgu-5ueu
summary lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2695.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2695.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-2695
reference_id
reference_type
scores
0
value 0.04582
scoring_system epss
scoring_elements 0.89406
published_at 2026-06-04T12:55:00Z
1
value 0.04582
scoring_system epss
scoring_elements 0.89424
published_at 2026-06-05T12:55:00Z
2
value 0.04582
scoring_system epss
scoring_elements 0.89423
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-2695
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:C
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1275871
reference_id 1275871
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1275871
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803083
reference_id 803083
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803083
8
reference_url https://security.gentoo.org/glsa/201611-14
reference_id GLSA-201611-14
reference_type
scores
url https://security.gentoo.org/glsa/201611-14
9
reference_url https://usn.ubuntu.com/2810-1/
reference_id USN-2810-1
reference_type
scores
url https://usn.ubuntu.com/2810-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
1
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4
2
url pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
purl pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-3tas-mucv-aufk
2
vulnerability VCID-4mm3-t6eu-4qde
3
vulnerability VCID-c5he-57zg-fybc
4
vulnerability VCID-ekzs-tuvp-ybfq
5
vulnerability VCID-husp-fm64-nfa9
6
vulnerability VCID-j6qa-q1h1-3uaq
7
vulnerability VCID-jfhc-x8j6-yuab
8
vulnerability VCID-kwy5-x7m9-4qgt
9
vulnerability VCID-pq2d-33kw-ayb7
10
vulnerability VCID-rgc3-hzw1-3bcp
11
vulnerability VCID-s1hu-g4ns-5ydy
12
vulnerability VCID-tg7a-etmk-6fea
13
vulnerability VCID-u4y9-vrsc-wbdy
14
vulnerability VCID-wc2t-bbf1-mua5
15
vulnerability VCID-xmhu-nkgw-kybr
16
vulnerability VCID-yejf-124s-hqgx
17
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1
aliases CVE-2015-2695
risk_score 1.8
exploitability 0.5
weighted_severity 3.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-py4d-vrgu-5ueu
76
url VCID-rgc3-hzw1-3bcp
vulnerability_id VCID-rgc3-hzw1-3bcp
summary arbitrary code execution
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11462.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11462.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-11462
reference_id
reference_type
scores
0
value 0.01055
scoring_system epss
scoring_elements 0.77958
published_at 2026-06-05T12:55:00Z
1
value 0.01055
scoring_system epss
scoring_elements 0.77965
published_at 2026-06-06T12:55:00Z
2
value 0.01055
scoring_system epss
scoring_elements 0.77931
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-11462
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11462
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11462
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:P/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1488873
reference_id 1488873
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1488873
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873563
reference_id 873563
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873563
6
reference_url https://security.archlinux.org/ASA-201710-8
reference_id ASA-201710-8
reference_type
scores
url https://security.archlinux.org/ASA-201710-8
7
reference_url https://security.archlinux.org/ASA-201710-9
reference_id ASA-201710-9
reference_type
scores
url https://security.archlinux.org/ASA-201710-9
8
reference_url https://security.archlinux.org/AVG-414
reference_id AVG-414
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-414
9
reference_url https://security.archlinux.org/AVG-415
reference_id AVG-415
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-415
fixed_packages
0
url pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
purl pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-ekzs-tuvp-ybfq
2
vulnerability VCID-husp-fm64-nfa9
3
vulnerability VCID-jfhc-x8j6-yuab
4
vulnerability VCID-kwy5-x7m9-4qgt
5
vulnerability VCID-pq2d-33kw-ayb7
6
vulnerability VCID-s1hu-g4ns-5ydy
7
vulnerability VCID-tg7a-etmk-6fea
8
vulnerability VCID-u4y9-vrsc-wbdy
9
vulnerability VCID-wc2t-bbf1-mua5
10
vulnerability VCID-xmhu-nkgw-kybr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4
aliases CVE-2017-11462
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rgc3-hzw1-3bcp
77
url VCID-s1hu-g4ns-5ydy
vulnerability_id VCID-s1hu-g4ns-5ydy
summary In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24528.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24528.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-24528
reference_id
reference_type
scores
0
value 0.00206
scoring_system epss
scoring_elements 0.42956
published_at 2026-06-06T12:55:00Z
1
value 0.00206
scoring_system epss
scoring_elements 0.42945
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-24528
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24528
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24528
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094730
reference_id 1094730
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094730
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2342796
reference_id 2342796
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2342796
6
reference_url https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0
reference_id 78ceba024b64d49612375be4a12d1c066b0bfbd0
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-16T17:39:31Z/
url https://github.com/krb5/krb5/commit/78ceba024b64d49612375be4a12d1c066b0bfbd0
7
reference_url https://github.com/krb5/krb5/compare/krb5-1.21.3-final...krb5-1.22-final
reference_id krb5-1.21.3-final...krb5-1.22-final
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-16T17:39:31Z/
url https://github.com/krb5/krb5/compare/krb5-1.21.3-final...krb5-1.22-final
8
reference_url https://access.redhat.com/errata/RHSA-2025:1352
reference_id RHSA-2025:1352
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1352
9
reference_url https://access.redhat.com/errata/RHSA-2025:2722
reference_id RHSA-2025:2722
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:2722
10
reference_url https://access.redhat.com/errata/RHSA-2025:2789
reference_id RHSA-2025:2789
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:2789
11
reference_url https://access.redhat.com/errata/RHSA-2025:7067
reference_id RHSA-2025:7067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7067
12
reference_url https://access.redhat.com/errata/RHSA-2025:8385
reference_id RHSA-2025:8385
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8385
13
reference_url https://usn.ubuntu.com/7314-1/
reference_id USN-7314-1
reference_type
scores
url https://usn.ubuntu.com/7314-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4
purl pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.20.1-2%252Bdeb12u4
aliases CVE-2025-24528
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s1hu-g4ns-5ydy
78
url VCID-sewn-mfcw-gygm
vulnerability_id VCID-sewn-mfcw-gygm
summary The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0846.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0846.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0846
reference_id
reference_type
scores
0
value 0.50005
scoring_system epss
scoring_elements 0.97873
published_at 2026-06-04T12:55:00Z
1
value 0.50005
scoring_system epss
scoring_elements 0.97876
published_at 2026-06-05T12:55:00Z
2
value 0.50005
scoring_system epss
scoring_elements 0.97878
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0846
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0846
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0846
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=491036
reference_id 491036
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=491036
4
reference_url https://security.gentoo.org/glsa/200904-09
reference_id GLSA-200904-09
reference_type
scores
url https://security.gentoo.org/glsa/200904-09
5
reference_url https://access.redhat.com/errata/RHSA-2009:0408
reference_id RHSA-2009:0408
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:0408
6
reference_url https://access.redhat.com/errata/RHSA-2009:0409
reference_id RHSA-2009:0409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:0409
7
reference_url https://access.redhat.com/errata/RHSA-2009:0410
reference_id RHSA-2009:0410
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:0410
8
reference_url https://usn.ubuntu.com/755-1/
reference_id USN-755-1
reference_type
scores
url https://usn.ubuntu.com/755-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2009-0846
risk_score 0.2
exploitability 0.5
weighted_severity 0.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sewn-mfcw-gygm
79
url VCID-t96y-1vd2-fqe3
vulnerability_id VCID-t96y-1vd2-fqe3
summary Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause a denial of service (buffer overflow) or possibly execute arbitrary code via a series of "cpw -keepold" commands.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4345.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4345.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4345
reference_id
reference_type
scores
0
value 0.11304
scoring_system epss
scoring_elements 0.93669
published_at 2026-06-04T12:55:00Z
1
value 0.11304
scoring_system epss
scoring_elements 0.93679
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4345
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1128157
reference_id 1128157
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1128157
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757416
reference_id 757416
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757416
10
reference_url https://security.gentoo.org/glsa/201412-53
reference_id GLSA-201412-53
reference_type
scores
url https://security.gentoo.org/glsa/201412-53
11
reference_url https://access.redhat.com/errata/RHSA-2014:1255
reference_id RHSA-2014:1255
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1255
12
reference_url https://access.redhat.com/errata/RHSA-2014:1389
reference_id RHSA-2014:1389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1389
13
reference_url https://access.redhat.com/errata/RHSA-2015:0439
reference_id RHSA-2015:0439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0439
14
reference_url https://usn.ubuntu.com/2310-1/
reference_id USN-2310-1
reference_type
scores
url https://usn.ubuntu.com/2310-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
1
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19
aliases CVE-2014-4345
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t96y-1vd2-fqe3
80
url VCID-tg7a-etmk-6fea
vulnerability_id VCID-tg7a-etmk-6fea
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37371.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-37371.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-37371
reference_id
reference_type
scores
0
value 0.02606
scoring_system epss
scoring_elements 0.85933
published_at 2026-06-06T12:55:00Z
1
value 0.02606
scoring_system epss
scoring_elements 0.8593
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-37371
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37370
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37371
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2294676
reference_id 2294676
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2294676
6
reference_url https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef
reference_id 55fbf435edbe2e92dd8101669b1ce7144bc96fef
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:31:33Z/
url https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef
7
reference_url https://web.mit.edu/kerberos/www/advisories/
reference_id advisories
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:31:33Z/
url https://web.mit.edu/kerberos/www/advisories/
8
reference_url https://security.archlinux.org/AVG-2856
reference_id AVG-2856
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2856
9
reference_url https://access.redhat.com/errata/RHSA-2024:10135
reference_id RHSA-2024:10135
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10135
10
reference_url https://access.redhat.com/errata/RHSA-2024:11109
reference_id RHSA-2024:11109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11109
11
reference_url https://access.redhat.com/errata/RHSA-2024:4734
reference_id RHSA-2024:4734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4734
12
reference_url https://access.redhat.com/errata/RHSA-2024:4743
reference_id RHSA-2024:4743
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4743
13
reference_url https://access.redhat.com/errata/RHSA-2024:5076
reference_id RHSA-2024:5076
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5076
14
reference_url https://access.redhat.com/errata/RHSA-2024:5312
reference_id RHSA-2024:5312
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5312
15
reference_url https://access.redhat.com/errata/RHSA-2024:5316
reference_id RHSA-2024:5316
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5316
16
reference_url https://access.redhat.com/errata/RHSA-2024:5625
reference_id RHSA-2024:5625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5625
17
reference_url https://access.redhat.com/errata/RHSA-2024:5630
reference_id RHSA-2024:5630
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5630
18
reference_url https://access.redhat.com/errata/RHSA-2024:5643
reference_id RHSA-2024:5643
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5643
19
reference_url https://access.redhat.com/errata/RHSA-2024:5884
reference_id RHSA-2024:5884
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5884
20
reference_url https://access.redhat.com/errata/RHSA-2024:6166
reference_id RHSA-2024:6166
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6166
21
reference_url https://access.redhat.com/errata/RHSA-2024:7213
reference_id RHSA-2024:7213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7213
22
reference_url https://access.redhat.com/errata/RHSA-2024:7374
reference_id RHSA-2024:7374
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7374
23
reference_url https://access.redhat.com/errata/RHSA-2025:1671
reference_id RHSA-2025:1671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1671
24
reference_url https://access.redhat.com/errata/RHSA-2025:1673
reference_id RHSA-2025:1673
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1673
25
reference_url https://usn.ubuntu.com/6947-1/
reference_id USN-6947-1
reference_type
scores
url https://usn.ubuntu.com/6947-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5
purl pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-pq2d-33kw-ayb7
2
vulnerability VCID-s1hu-g4ns-5ydy
3
vulnerability VCID-u4y9-vrsc-wbdy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5
aliases CVE-2024-37371
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tg7a-etmk-6fea
81
url VCID-u4y9-vrsc-wbdy
vulnerability_id VCID-u4y9-vrsc-wbdy
summary krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40356.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40356.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-40356
reference_id
reference_type
scores
0
value 0.00108
scoring_system epss
scoring_elements 0.28625
published_at 2026-06-06T12:55:00Z
1
value 0.00108
scoring_system epss
scoring_elements 0.28666
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-40356
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40356
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40356
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135317
reference_id 1135317
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135317
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2463368
reference_id 2463368
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2463368
6
reference_url https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f
reference_id 2e75f0d9362fb979f5fc92829431a590a130929f
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-28T13:10:05Z/
url https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f
7
reference_url https://web.mit.edu/kerberos/advisories/
reference_id advisories
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-28T13:10:05Z/
url https://web.mit.edu/kerberos/advisories/
8
reference_url https://cems.fun/2026/04/27/krb5-two-unauthenticated-network-vulnerabilities.html
reference_id krb5-two-unauthenticated-network-vulnerabilities.html
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-28T13:10:05Z/
url https://cems.fun/2026/04/27/krb5-two-unauthenticated-network-vulnerabilities.html
9
reference_url https://access.redhat.com/errata/RHSA-2026:12220
reference_id RHSA-2026:12220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12220
10
reference_url https://access.redhat.com/errata/RHSA-2026:16799
reference_id RHSA-2026:16799
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16799
11
reference_url https://access.redhat.com/errata/RHSA-2026:19145
reference_id RHSA-2026:19145
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19145
12
reference_url https://access.redhat.com/errata/RHSA-2026:19357
reference_id RHSA-2026:19357
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19357
13
reference_url https://access.redhat.com/errata/RHSA-2026:21275
reference_id RHSA-2026:21275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21275
14
reference_url https://access.redhat.com/errata/RHSA-2026:22634
reference_id RHSA-2026:22634
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22634
fixed_packages
0
url pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4
purl pkg:deb/debian/krb5@1.20.1-2%2Bdeb12u4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.20.1-2%252Bdeb12u4
aliases CVE-2026-40356
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u4y9-vrsc-wbdy
82
url VCID-ukkj-tn8u-yuab
vulnerability_id VCID-ukkj-tn8u-yuab
summary The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8629.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8629.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8629
reference_id
reference_type
scores
0
value 0.02043
scoring_system epss
scoring_elements 0.8416
published_at 2026-06-04T12:55:00Z
1
value 0.02043
scoring_system epss
scoring_elements 0.84183
published_at 2026-06-05T12:55:00Z
2
value 0.02043
scoring_system epss
scoring_elements 0.84186
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8629
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:S/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1302617
reference_id 1302617
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1302617
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813296
reference_id 813296
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813296
7
reference_url https://access.redhat.com/errata/RHSA-2016:0493
reference_id RHSA-2016:0493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0493
8
reference_url https://access.redhat.com/errata/RHSA-2016:0532
reference_id RHSA-2016:0532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0532
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
1
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19%252Bdeb8u4
2
url pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
purl pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-3tas-mucv-aufk
2
vulnerability VCID-4mm3-t6eu-4qde
3
vulnerability VCID-c5he-57zg-fybc
4
vulnerability VCID-ekzs-tuvp-ybfq
5
vulnerability VCID-husp-fm64-nfa9
6
vulnerability VCID-j6qa-q1h1-3uaq
7
vulnerability VCID-jfhc-x8j6-yuab
8
vulnerability VCID-kwy5-x7m9-4qgt
9
vulnerability VCID-pq2d-33kw-ayb7
10
vulnerability VCID-rgc3-hzw1-3bcp
11
vulnerability VCID-s1hu-g4ns-5ydy
12
vulnerability VCID-tg7a-etmk-6fea
13
vulnerability VCID-u4y9-vrsc-wbdy
14
vulnerability VCID-wc2t-bbf1-mua5
15
vulnerability VCID-xmhu-nkgw-kybr
16
vulnerability VCID-yejf-124s-hqgx
17
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1
aliases CVE-2015-8629
risk_score 0.6
exploitability 0.5
weighted_severity 1.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ukkj-tn8u-yuab
83
url VCID-v4b9-7gb8-7kf7
vulnerability_id VCID-v4b9-7gb8-7kf7
summary The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5351.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5351.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-5351
reference_id
reference_type
scores
0
value 0.00348
scoring_system epss
scoring_elements 0.57614
published_at 2026-06-04T12:55:00Z
1
value 0.00348
scoring_system epss
scoring_elements 0.57666
published_at 2026-06-05T12:55:00Z
2
value 0.00348
scoring_system epss
scoring_elements 0.57674
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-5351
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5351
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1145425
reference_id 1145425
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1145425
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762479
reference_id 762479
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762479
5
reference_url https://security.gentoo.org/glsa/201412-53
reference_id GLSA-201412-53
reference_type
scores
url https://security.gentoo.org/glsa/201412-53
6
reference_url https://usn.ubuntu.com/2498-1/
reference_id USN-2498-1
reference_type
scores
url https://usn.ubuntu.com/2498-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19
aliases CVE-2014-5351
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v4b9-7gb8-7kf7
84
url VCID-vq2w-pgev-f7ha
vulnerability_id VCID-vq2w-pgev-f7ha
summary The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly maintain security-context handles, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via crafted GSSAPI traffic, as demonstrated by traffic to kadmind.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5352.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5352.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-5352
reference_id
reference_type
scores
0
value 0.05407
scoring_system epss
scoring_elements 0.90302
published_at 2026-06-04T12:55:00Z
1
value 0.05407
scoring_system epss
scoring_elements 0.90317
published_at 2026-06-05T12:55:00Z
2
value 0.05407
scoring_system epss
scoring_elements 0.90316
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-5352
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1179856
reference_id 1179856
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1179856
8
reference_url https://access.redhat.com/errata/RHSA-2015:0439
reference_id RHSA-2015:0439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0439
9
reference_url https://access.redhat.com/errata/RHSA-2015:0794
reference_id RHSA-2015:0794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0794
10
reference_url https://usn.ubuntu.com/2498-1/
reference_id USN-2498-1
reference_type
scores
url https://usn.ubuntu.com/2498-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
1
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19
aliases CVE-2014-5352
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vq2w-pgev-f7ha
85
url VCID-vuzh-e7pz-fqgt
vulnerability_id VCID-vuzh-e7pz-fqgt
summary The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0971.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0971.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-0971
reference_id
reference_type
scores
0
value 0.00108
scoring_system epss
scoring_elements 0.28583
published_at 2026-06-04T12:55:00Z
1
value 0.00108
scoring_system epss
scoring_elements 0.28656
published_at 2026-06-05T12:55:00Z
2
value 0.00108
scoring_system epss
scoring_elements 0.28615
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-0971
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0971
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0971
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617336
reference_id 1617336
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617336
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278271
reference_id 278271
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278271
5
reference_url https://access.redhat.com/errata/RHSA-2005:012
reference_id RHSA-2005:012
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:012
fixed_packages
0
url pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
purl pkg:deb/debian/krb5@1.15-1%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-3tas-mucv-aufk
2
vulnerability VCID-4mm3-t6eu-4qde
3
vulnerability VCID-c5he-57zg-fybc
4
vulnerability VCID-ekzs-tuvp-ybfq
5
vulnerability VCID-husp-fm64-nfa9
6
vulnerability VCID-j6qa-q1h1-3uaq
7
vulnerability VCID-jfhc-x8j6-yuab
8
vulnerability VCID-kwy5-x7m9-4qgt
9
vulnerability VCID-pq2d-33kw-ayb7
10
vulnerability VCID-rgc3-hzw1-3bcp
11
vulnerability VCID-s1hu-g4ns-5ydy
12
vulnerability VCID-tg7a-etmk-6fea
13
vulnerability VCID-u4y9-vrsc-wbdy
14
vulnerability VCID-wc2t-bbf1-mua5
15
vulnerability VCID-xmhu-nkgw-kybr
16
vulnerability VCID-yejf-124s-hqgx
17
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.15-1%252Bdeb9u1
aliases CVE-2004-0971
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vuzh-e7pz-fqgt
86
url VCID-vxvk-vwan-ukak
vulnerability_id VCID-vxvk-vwan-ukak
summary The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0282.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0282.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-0282
reference_id
reference_type
scores
0
value 0.09562
scoring_system epss
scoring_elements 0.93013
published_at 2026-06-04T12:55:00Z
1
value 0.09562
scoring_system epss
scoring_elements 0.93024
published_at 2026-06-05T12:55:00Z
2
value 0.09562
scoring_system epss
scoring_elements 0.93021
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-0282
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0282
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0282
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=668726
reference_id 668726
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=668726
4
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
5
reference_url https://access.redhat.com/errata/RHSA-2011:0199
reference_id RHSA-2011:0199
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0199
6
reference_url https://access.redhat.com/errata/RHSA-2011:0200
reference_id RHSA-2011:0200
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0200
7
reference_url https://usn.ubuntu.com/1062-1/
reference_id USN-1062-1
reference_type
scores
url https://usn.ubuntu.com/1062-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
aliases CVE-2011-0282
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vxvk-vwan-ukak
87
url VCID-wc2t-bbf1-mua5
vulnerability_id VCID-wc2t-bbf1-mua5
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42898.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42898.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-42898
reference_id
reference_type
scores
0
value 0.10832
scoring_system epss
scoring_elements 0.935
published_at 2026-06-04T12:55:00Z
1
value 0.10832
scoring_system epss
scoring_elements 0.93511
published_at 2026-06-06T12:55:00Z
2
value 0.10832
scoring_system epss
scoring_elements 0.9351
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-42898
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41916
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187
reference_id 1024187
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024187
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024267
reference_id 1024267
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024267
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2140960
reference_id 2140960
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2140960
12
reference_url https://web.mit.edu/kerberos/advisories/
reference_id advisories
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://web.mit.edu/kerberos/advisories/
13
reference_url https://security.archlinux.org/AVG-2828
reference_id AVG-2828
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2828
14
reference_url https://www.samba.org/samba/security/CVE-2022-42898.html
reference_id CVE-2022-42898.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://www.samba.org/samba/security/CVE-2022-42898.html
15
reference_url https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583
reference_id ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583
16
reference_url https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c
reference_id GHSA-64mq-fvfj-5x3c
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c
17
reference_url https://security.gentoo.org/glsa/202309-06
reference_id GLSA-202309-06
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://security.gentoo.org/glsa/202309-06
18
reference_url https://security.gentoo.org/glsa/202310-06
reference_id GLSA-202310-06
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://security.gentoo.org/glsa/202310-06
19
reference_url https://security.gentoo.org/glsa/202405-11
reference_id GLSA-202405-11
reference_type
scores
url https://security.gentoo.org/glsa/202405-11
20
reference_url https://web.mit.edu/kerberos/krb5-1.19/
reference_id krb5-1.19
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://web.mit.edu/kerberos/krb5-1.19/
21
reference_url https://security.netapp.com/advisory/ntap-20230216-0008/
reference_id ntap-20230216-0008
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://security.netapp.com/advisory/ntap-20230216-0008/
22
reference_url https://security.netapp.com/advisory/ntap-20230223-0001/
reference_id ntap-20230223-0001
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://security.netapp.com/advisory/ntap-20230223-0001/
23
reference_url https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt
reference_id README-1.20.1.txt
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt
24
reference_url https://access.redhat.com/errata/RHSA-2022:8637
reference_id RHSA-2022:8637
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8637
25
reference_url https://access.redhat.com/errata/RHSA-2022:8638
reference_id RHSA-2022:8638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8638
26
reference_url https://access.redhat.com/errata/RHSA-2022:8639
reference_id RHSA-2022:8639
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8639
27
reference_url https://access.redhat.com/errata/RHSA-2022:8640
reference_id RHSA-2022:8640
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8640
28
reference_url https://access.redhat.com/errata/RHSA-2022:8641
reference_id RHSA-2022:8641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8641
29
reference_url https://access.redhat.com/errata/RHSA-2022:8648
reference_id RHSA-2022:8648
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8648
30
reference_url https://access.redhat.com/errata/RHSA-2022:8662
reference_id RHSA-2022:8662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8662
31
reference_url https://access.redhat.com/errata/RHSA-2022:8663
reference_id RHSA-2022:8663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8663
32
reference_url https://access.redhat.com/errata/RHSA-2022:8669
reference_id RHSA-2022:8669
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8669
33
reference_url https://access.redhat.com/errata/RHSA-2022:9029
reference_id RHSA-2022:9029
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9029
34
reference_url https://bugzilla.samba.org/show_bug.cgi?id=15203
reference_id show_bug.cgi?id=15203
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T16:11:12Z/
url https://bugzilla.samba.org/show_bug.cgi?id=15203
35
reference_url https://usn.ubuntu.com/5800-1/
reference_id USN-5800-1
reference_type
scores
url https://usn.ubuntu.com/5800-1/
36
reference_url https://usn.ubuntu.com/5822-1/
reference_id USN-5822-1
reference_type
scores
url https://usn.ubuntu.com/5822-1/
37
reference_url https://usn.ubuntu.com/5828-1/
reference_id USN-5828-1
reference_type
scores
url https://usn.ubuntu.com/5828-1/
38
reference_url https://usn.ubuntu.com/5936-1/
reference_id USN-5936-1
reference_type
scores
url https://usn.ubuntu.com/5936-1/
39
reference_url https://usn.ubuntu.com/7582-1/
reference_id USN-7582-1
reference_type
scores
url https://usn.ubuntu.com/7582-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5
purl pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-pq2d-33kw-ayb7
2
vulnerability VCID-s1hu-g4ns-5ydy
3
vulnerability VCID-u4y9-vrsc-wbdy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5
aliases CVE-2022-42898
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wc2t-bbf1-mua5
88
url VCID-xmhu-nkgw-kybr
vulnerability_id VCID-xmhu-nkgw-kybr
summary lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36054.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36054.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-36054
reference_id
reference_type
scores
0
value 0.01096
scoring_system epss
scoring_elements 0.78377
published_at 2026-06-06T12:55:00Z
1
value 0.01096
scoring_system epss
scoring_elements 0.78368
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-36054
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36054
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36054
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043431
reference_id 1043431
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043431
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2230178
reference_id 2230178
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2230178
6
reference_url https://web.mit.edu/kerberos/www/advisories/
reference_id advisories
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/
url https://web.mit.edu/kerberos/www/advisories/
7
reference_url https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd
reference_id ef08b09c9459551aabbe7924fb176f1583053cdd
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/
url https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd
8
reference_url https://security.gentoo.org/glsa/202405-11
reference_id GLSA-202405-11
reference_type
scores
url https://security.gentoo.org/glsa/202405-11
9
reference_url https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final
reference_id krb5-1.20.1-final...krb5-1.20.2-final
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/
url https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final
10
reference_url https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final
reference_id krb5-1.21-final...krb5-1.21.1-final
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/
url https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final
11
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html
reference_id msg00031.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html
12
reference_url https://security.netapp.com/advisory/ntap-20230908-0004/
reference_id ntap-20230908-0004
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T13:57:00Z/
url https://security.netapp.com/advisory/ntap-20230908-0004/
13
reference_url https://access.redhat.com/errata/RHSA-2023:6699
reference_id RHSA-2023:6699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6699
14
reference_url https://usn.ubuntu.com/6467-1/
reference_id USN-6467-1
reference_type
scores
url https://usn.ubuntu.com/6467-1/
15
reference_url https://usn.ubuntu.com/6467-2/
reference_id USN-6467-2
reference_type
scores
url https://usn.ubuntu.com/6467-2/
fixed_packages
0
url pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5
purl pkg:deb/debian/krb5@1.18.3-6%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-pq2d-33kw-ayb7
2
vulnerability VCID-s1hu-g4ns-5ydy
3
vulnerability VCID-u4y9-vrsc-wbdy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.18.3-6%252Bdeb11u5
aliases CVE-2023-36054
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xmhu-nkgw-kybr
89
url VCID-yejf-124s-hqgx
vulnerability_id VCID-yejf-124s-hqgx
summary arbitrary code execution
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15088.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15088.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15088
reference_id
reference_type
scores
0
value 0.01283
scoring_system epss
scoring_elements 0.79965
published_at 2026-06-05T12:55:00Z
1
value 0.01283
scoring_system epss
scoring_elements 0.7994
published_at 2026-06-04T12:55:00Z
2
value 0.01283
scoring_system epss
scoring_elements 0.7997
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15088
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15088
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15088
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:S/C:C/I:C/A:C
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1504045
reference_id 1504045
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1504045
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698
reference_id 871698
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698
6
reference_url https://security.archlinux.org/AVG-505
reference_id AVG-505
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-505
fixed_packages
0
url pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
purl pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-ekzs-tuvp-ybfq
2
vulnerability VCID-husp-fm64-nfa9
3
vulnerability VCID-jfhc-x8j6-yuab
4
vulnerability VCID-kwy5-x7m9-4qgt
5
vulnerability VCID-pq2d-33kw-ayb7
6
vulnerability VCID-s1hu-g4ns-5ydy
7
vulnerability VCID-tg7a-etmk-6fea
8
vulnerability VCID-u4y9-vrsc-wbdy
9
vulnerability VCID-wc2t-bbf1-mua5
10
vulnerability VCID-xmhu-nkgw-kybr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4
aliases CVE-2017-15088
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yejf-124s-hqgx
90
url VCID-yr93-awkm-v7ay
vulnerability_id VCID-yr93-awkm-v7ay
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11368.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11368.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-11368
reference_id
reference_type
scores
0
value 0.00681
scoring_system epss
scoring_elements 0.72042
published_at 2026-06-05T12:55:00Z
1
value 0.00681
scoring_system epss
scoring_elements 0.72049
published_at 2026-06-06T12:55:00Z
2
value 0.00681
scoring_system epss
scoring_elements 0.72001
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-11368
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11368
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11368
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:N/A:C
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1473560
reference_id 1473560
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1473560
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869260
reference_id 869260
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869260
6
reference_url https://security.archlinux.org/ASA-201710-8
reference_id ASA-201710-8
reference_type
scores
url https://security.archlinux.org/ASA-201710-8
7
reference_url https://security.archlinux.org/AVG-414
reference_id AVG-414
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-414
8
reference_url https://security.archlinux.org/AVG-436
reference_id AVG-436
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-436
9
reference_url https://access.redhat.com/errata/RHSA-2018:0666
reference_id RHSA-2018:0666
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0666
fixed_packages
0
url pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
purl pkg:deb/debian/krb5@1.17-3%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d22-kr2u-tuck
1
vulnerability VCID-ekzs-tuvp-ybfq
2
vulnerability VCID-husp-fm64-nfa9
3
vulnerability VCID-jfhc-x8j6-yuab
4
vulnerability VCID-kwy5-x7m9-4qgt
5
vulnerability VCID-pq2d-33kw-ayb7
6
vulnerability VCID-s1hu-g4ns-5ydy
7
vulnerability VCID-tg7a-etmk-6fea
8
vulnerability VCID-u4y9-vrsc-wbdy
9
vulnerability VCID-wc2t-bbf1-mua5
10
vulnerability VCID-xmhu-nkgw-kybr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.17-3%252Bdeb10u4
aliases CVE-2017-11368
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yr93-awkm-v7ay
91
url VCID-yy22-6ztx-67d4
vulnerability_id VCID-yy22-6ztx-67d4
summary The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1321.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1321.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-1321
reference_id
reference_type
scores
0
value 0.01857
scoring_system epss
scoring_elements 0.8339
published_at 2026-06-04T12:55:00Z
1
value 0.01857
scoring_system epss
scoring_elements 0.83414
published_at 2026-06-05T12:55:00Z
2
value 0.01857
scoring_system epss
scoring_elements 0.83415
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-1321
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=582261
reference_id 582261
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=582261
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=582466
reference_id 582466
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=582466
5
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
6
reference_url https://access.redhat.com/errata/RHSA-2010:0423
reference_id RHSA-2010:0423
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0423
7
reference_url https://access.redhat.com/errata/RHSA-2010:0873
reference_id RHSA-2010:0873
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0873
8
reference_url https://access.redhat.com/errata/RHSA-2010:0935
reference_id RHSA-2010:0935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0935
9
reference_url https://access.redhat.com/errata/RHSA-2011:0152
reference_id RHSA-2011:0152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0152
10
reference_url https://usn.ubuntu.com/940-1/
reference_id USN-940-1
reference_type
scores
url https://usn.ubuntu.com/940-1/
11
reference_url https://usn.ubuntu.com/940-2/
reference_id USN-940-2
reference_type
scores
url https://usn.ubuntu.com/940-2/
fixed_packages
0
url pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
purl pkg:deb/debian/krb5@1.8.3%2Bdfsg-4squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-2674-wgen-1qbk
3
vulnerability VCID-2tn3-dfqx-5yc9
4
vulnerability VCID-3d22-kr2u-tuck
5
vulnerability VCID-3df1-58jr-e7gv
6
vulnerability VCID-3jcm-y59r-47a5
7
vulnerability VCID-3tas-mucv-aufk
8
vulnerability VCID-42rr-7ajf-eqg7
9
vulnerability VCID-4mm3-t6eu-4qde
10
vulnerability VCID-596a-s3un-vbbc
11
vulnerability VCID-6jnk-3rfw-nkh8
12
vulnerability VCID-7wnb-bhuv-tycp
13
vulnerability VCID-8fxt-3wg4-dkbb
14
vulnerability VCID-at3s-18x4-n7e2
15
vulnerability VCID-b6a9-hnjx-c3gk
16
vulnerability VCID-bdmc-p544-bfg9
17
vulnerability VCID-bg27-2hv6-m7cx
18
vulnerability VCID-bkdg-dybz-t3fy
19
vulnerability VCID-bkqm-d2bp-f7fe
20
vulnerability VCID-c5he-57zg-fybc
21
vulnerability VCID-d42v-zwu4-a3ge
22
vulnerability VCID-d53g-faqf-gfdp
23
vulnerability VCID-dbaq-qjd2-d7c9
24
vulnerability VCID-e1xu-a882-s3ga
25
vulnerability VCID-ekzs-tuvp-ybfq
26
vulnerability VCID-esm3-3qwz-cud2
27
vulnerability VCID-ezm2-e8zw-g7dg
28
vulnerability VCID-f343-u3jt-pkfy
29
vulnerability VCID-fcy5-mv1a-n7dh
30
vulnerability VCID-fvfb-k9ar-93eu
31
vulnerability VCID-h23e-nhyz-8uda
32
vulnerability VCID-hre7-pp7p-13fs
33
vulnerability VCID-husp-fm64-nfa9
34
vulnerability VCID-j145-f5mp-xkeq
35
vulnerability VCID-j6qa-q1h1-3uaq
36
vulnerability VCID-jbf6-vrjc-syg1
37
vulnerability VCID-jfhc-x8j6-yuab
38
vulnerability VCID-ksar-xuza-8kg7
39
vulnerability VCID-ktuq-s8bz-1qam
40
vulnerability VCID-kwy5-x7m9-4qgt
41
vulnerability VCID-mbrk-dkua-uyeq
42
vulnerability VCID-ny7t-pkm8-2fb4
43
vulnerability VCID-pj93-uzpy-3bg1
44
vulnerability VCID-pq2d-33kw-ayb7
45
vulnerability VCID-py4d-vrgu-5ueu
46
vulnerability VCID-rgc3-hzw1-3bcp
47
vulnerability VCID-s1hu-g4ns-5ydy
48
vulnerability VCID-t96y-1vd2-fqe3
49
vulnerability VCID-tg7a-etmk-6fea
50
vulnerability VCID-u4y9-vrsc-wbdy
51
vulnerability VCID-ukkj-tn8u-yuab
52
vulnerability VCID-v4b9-7gb8-7kf7
53
vulnerability VCID-vq2w-pgev-f7ha
54
vulnerability VCID-vuzh-e7pz-fqgt
55
vulnerability VCID-vxvk-vwan-ukak
56
vulnerability VCID-wc2t-bbf1-mua5
57
vulnerability VCID-xmhu-nkgw-kybr
58
vulnerability VCID-yejf-124s-hqgx
59
vulnerability VCID-yr93-awkm-v7ay
60
vulnerability VCID-zv6f-cpbv-a7b7
61
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.8.3%252Bdfsg-4squeeze7
aliases CVE-2010-1321
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yy22-6ztx-67d4
92
url VCID-zca5-fvv5-6yeq
vulnerability_id VCID-zca5-fvv5-6yeq
summary KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0062.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0062.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-0062
reference_id
reference_type
scores
0
value 0.16257
scoring_system epss
scoring_elements 0.94946
published_at 2026-06-04T12:55:00Z
1
value 0.16257
scoring_system epss
scoring_elements 0.94954
published_at 2026-06-05T12:55:00Z
2
value 0.16257
scoring_system epss
scoring_elements 0.94955
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-0062
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=432620
reference_id 432620
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=432620
4
reference_url https://security.gentoo.org/glsa/200803-31
reference_id GLSA-200803-31
reference_type
scores
url https://security.gentoo.org/glsa/200803-31
5
reference_url https://access.redhat.com/errata/RHSA-2008:0164
reference_id RHSA-2008:0164
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0164
6
reference_url https://access.redhat.com/errata/RHSA-2008:0180
reference_id RHSA-2008:0180
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0180
7
reference_url https://access.redhat.com/errata/RHSA-2008:0181
reference_id RHSA-2008:0181
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0181
8
reference_url https://access.redhat.com/errata/RHSA-2008:0182
reference_id RHSA-2008:0182
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0182
9
reference_url https://usn.ubuntu.com/587-1/
reference_id USN-587-1
reference_type
scores
url https://usn.ubuntu.com/587-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
purl pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sps-s2a3-wbad
3
vulnerability VCID-1u82-w13p-cfbk
4
vulnerability VCID-2674-wgen-1qbk
5
vulnerability VCID-2tn3-dfqx-5yc9
6
vulnerability VCID-3d22-kr2u-tuck
7
vulnerability VCID-3df1-58jr-e7gv
8
vulnerability VCID-3jcm-y59r-47a5
9
vulnerability VCID-3tas-mucv-aufk
10
vulnerability VCID-42rr-7ajf-eqg7
11
vulnerability VCID-4mm3-t6eu-4qde
12
vulnerability VCID-53pj-pwxv-qqhv
13
vulnerability VCID-596a-s3un-vbbc
14
vulnerability VCID-5jja-ssqm-skhu
15
vulnerability VCID-5thq-ff3f-h7f6
16
vulnerability VCID-6jnk-3rfw-nkh8
17
vulnerability VCID-7ey4-ge6f-9uct
18
vulnerability VCID-7wnb-bhuv-tycp
19
vulnerability VCID-8fxt-3wg4-dkbb
20
vulnerability VCID-9axv-m7xk-quax
21
vulnerability VCID-a4cc-w95t-8fh6
22
vulnerability VCID-at3s-18x4-n7e2
23
vulnerability VCID-b6a9-hnjx-c3gk
24
vulnerability VCID-bdmc-p544-bfg9
25
vulnerability VCID-bg27-2hv6-m7cx
26
vulnerability VCID-bkdg-dybz-t3fy
27
vulnerability VCID-bkqm-d2bp-f7fe
28
vulnerability VCID-c2t4-3vdu-wqf1
29
vulnerability VCID-c3qw-eazy-nyer
30
vulnerability VCID-c5ev-cgh8-3kda
31
vulnerability VCID-c5he-57zg-fybc
32
vulnerability VCID-d2qf-r6jd-r3c7
33
vulnerability VCID-d42v-zwu4-a3ge
34
vulnerability VCID-d53g-faqf-gfdp
35
vulnerability VCID-dbaq-qjd2-d7c9
36
vulnerability VCID-e1xu-a882-s3ga
37
vulnerability VCID-ekzs-tuvp-ybfq
38
vulnerability VCID-esm3-3qwz-cud2
39
vulnerability VCID-ezm2-e8zw-g7dg
40
vulnerability VCID-f343-u3jt-pkfy
41
vulnerability VCID-f72c-txrr-ukga
42
vulnerability VCID-fcy5-mv1a-n7dh
43
vulnerability VCID-fvfb-k9ar-93eu
44
vulnerability VCID-g9nw-c9d1-a3er
45
vulnerability VCID-h23e-nhyz-8uda
46
vulnerability VCID-hre7-pp7p-13fs
47
vulnerability VCID-husp-fm64-nfa9
48
vulnerability VCID-j145-f5mp-xkeq
49
vulnerability VCID-j6qa-q1h1-3uaq
50
vulnerability VCID-jbf6-vrjc-syg1
51
vulnerability VCID-jfhc-x8j6-yuab
52
vulnerability VCID-ksar-xuza-8kg7
53
vulnerability VCID-kszc-uv1w-syb1
54
vulnerability VCID-ktuq-s8bz-1qam
55
vulnerability VCID-kwy5-x7m9-4qgt
56
vulnerability VCID-mbrk-dkua-uyeq
57
vulnerability VCID-ny7t-pkm8-2fb4
58
vulnerability VCID-pbeh-n41k-s7au
59
vulnerability VCID-pj93-uzpy-3bg1
60
vulnerability VCID-pq2d-33kw-ayb7
61
vulnerability VCID-py4d-vrgu-5ueu
62
vulnerability VCID-rgc3-hzw1-3bcp
63
vulnerability VCID-s1hu-g4ns-5ydy
64
vulnerability VCID-sewn-mfcw-gygm
65
vulnerability VCID-t96y-1vd2-fqe3
66
vulnerability VCID-tg7a-etmk-6fea
67
vulnerability VCID-u4y9-vrsc-wbdy
68
vulnerability VCID-ukkj-tn8u-yuab
69
vulnerability VCID-v4b9-7gb8-7kf7
70
vulnerability VCID-vq2w-pgev-f7ha
71
vulnerability VCID-vuzh-e7pz-fqgt
72
vulnerability VCID-vxvk-vwan-ukak
73
vulnerability VCID-wc2t-bbf1-mua5
74
vulnerability VCID-xmhu-nkgw-kybr
75
vulnerability VCID-yejf-124s-hqgx
76
vulnerability VCID-yr93-awkm-v7ay
77
vulnerability VCID-yy22-6ztx-67d4
78
vulnerability VCID-zv6f-cpbv-a7b7
79
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
aliases CVE-2008-0062
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zca5-fvv5-6yeq
93
url VCID-zqek-558r-wqf8
vulnerability_id VCID-zqek-558r-wqf8
summary The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some environments and architectures, which might allow remote attackers to conduct a buffer overflow attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4743.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4743.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-4743
reference_id
reference_type
scores
0
value 0.20249
scoring_system epss
scoring_elements 0.95627
published_at 2026-06-04T12:55:00Z
1
value 0.20249
scoring_system epss
scoring_elements 0.95633
published_at 2026-06-05T12:55:00Z
2
value 0.20249
scoring_system epss
scoring_elements 0.95637
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-4743
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4743
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4743
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=281561
reference_id 281561
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=281561
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441209
reference_id 441209
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441209
5
reference_url https://access.redhat.com/errata/RHSA-2007:0892
reference_id RHSA-2007:0892
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0892
6
reference_url https://usn.ubuntu.com/511-2/
reference_id USN-511-2
reference_type
scores
url https://usn.ubuntu.com/511-2/
fixed_packages
0
url pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
purl pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sps-s2a3-wbad
3
vulnerability VCID-1u82-w13p-cfbk
4
vulnerability VCID-2674-wgen-1qbk
5
vulnerability VCID-2tn3-dfqx-5yc9
6
vulnerability VCID-3d22-kr2u-tuck
7
vulnerability VCID-3df1-58jr-e7gv
8
vulnerability VCID-3jcm-y59r-47a5
9
vulnerability VCID-3tas-mucv-aufk
10
vulnerability VCID-42rr-7ajf-eqg7
11
vulnerability VCID-4mm3-t6eu-4qde
12
vulnerability VCID-53pj-pwxv-qqhv
13
vulnerability VCID-596a-s3un-vbbc
14
vulnerability VCID-5jja-ssqm-skhu
15
vulnerability VCID-5thq-ff3f-h7f6
16
vulnerability VCID-6jnk-3rfw-nkh8
17
vulnerability VCID-7ey4-ge6f-9uct
18
vulnerability VCID-7wnb-bhuv-tycp
19
vulnerability VCID-8fxt-3wg4-dkbb
20
vulnerability VCID-9axv-m7xk-quax
21
vulnerability VCID-a4cc-w95t-8fh6
22
vulnerability VCID-at3s-18x4-n7e2
23
vulnerability VCID-b6a9-hnjx-c3gk
24
vulnerability VCID-bdmc-p544-bfg9
25
vulnerability VCID-bg27-2hv6-m7cx
26
vulnerability VCID-bkdg-dybz-t3fy
27
vulnerability VCID-bkqm-d2bp-f7fe
28
vulnerability VCID-c2t4-3vdu-wqf1
29
vulnerability VCID-c3qw-eazy-nyer
30
vulnerability VCID-c5ev-cgh8-3kda
31
vulnerability VCID-c5he-57zg-fybc
32
vulnerability VCID-d2qf-r6jd-r3c7
33
vulnerability VCID-d42v-zwu4-a3ge
34
vulnerability VCID-d53g-faqf-gfdp
35
vulnerability VCID-dbaq-qjd2-d7c9
36
vulnerability VCID-e1xu-a882-s3ga
37
vulnerability VCID-ekzs-tuvp-ybfq
38
vulnerability VCID-esm3-3qwz-cud2
39
vulnerability VCID-ezm2-e8zw-g7dg
40
vulnerability VCID-f343-u3jt-pkfy
41
vulnerability VCID-f72c-txrr-ukga
42
vulnerability VCID-fcy5-mv1a-n7dh
43
vulnerability VCID-fvfb-k9ar-93eu
44
vulnerability VCID-g9nw-c9d1-a3er
45
vulnerability VCID-h23e-nhyz-8uda
46
vulnerability VCID-hre7-pp7p-13fs
47
vulnerability VCID-husp-fm64-nfa9
48
vulnerability VCID-j145-f5mp-xkeq
49
vulnerability VCID-j6qa-q1h1-3uaq
50
vulnerability VCID-jbf6-vrjc-syg1
51
vulnerability VCID-jfhc-x8j6-yuab
52
vulnerability VCID-ksar-xuza-8kg7
53
vulnerability VCID-kszc-uv1w-syb1
54
vulnerability VCID-ktuq-s8bz-1qam
55
vulnerability VCID-kwy5-x7m9-4qgt
56
vulnerability VCID-mbrk-dkua-uyeq
57
vulnerability VCID-ny7t-pkm8-2fb4
58
vulnerability VCID-pbeh-n41k-s7au
59
vulnerability VCID-pj93-uzpy-3bg1
60
vulnerability VCID-pq2d-33kw-ayb7
61
vulnerability VCID-py4d-vrgu-5ueu
62
vulnerability VCID-rgc3-hzw1-3bcp
63
vulnerability VCID-s1hu-g4ns-5ydy
64
vulnerability VCID-sewn-mfcw-gygm
65
vulnerability VCID-t96y-1vd2-fqe3
66
vulnerability VCID-tg7a-etmk-6fea
67
vulnerability VCID-u4y9-vrsc-wbdy
68
vulnerability VCID-ukkj-tn8u-yuab
69
vulnerability VCID-v4b9-7gb8-7kf7
70
vulnerability VCID-vq2w-pgev-f7ha
71
vulnerability VCID-vuzh-e7pz-fqgt
72
vulnerability VCID-vxvk-vwan-ukak
73
vulnerability VCID-wc2t-bbf1-mua5
74
vulnerability VCID-xmhu-nkgw-kybr
75
vulnerability VCID-yejf-124s-hqgx
76
vulnerability VCID-yr93-awkm-v7ay
77
vulnerability VCID-yy22-6ztx-67d4
78
vulnerability VCID-zv6f-cpbv-a7b7
79
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
aliases CVE-2007-4743
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zqek-558r-wqf8
94
url VCID-zv6f-cpbv-a7b7
vulnerability_id VCID-zv6f-cpbv-a7b7
summary The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related to the locked_check_p function. NOTE: the Berkeley DB vector is covered by CVE-2011-4151.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1528.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1528.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-1528
reference_id
reference_type
scores
0
value 0.05459
scoring_system epss
scoring_elements 0.90354
published_at 2026-06-04T12:55:00Z
1
value 0.05459
scoring_system epss
scoring_elements 0.9037
published_at 2026-06-05T12:55:00Z
2
value 0.05459
scoring_system epss
scoring_elements 0.90368
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-1528
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1528
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1528
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367
reference_id 646367
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646367
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=737711
reference_id 737711
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=737711
5
reference_url https://security.gentoo.org/glsa/201201-13
reference_id GLSA-201201-13
reference_type
scores
url https://security.gentoo.org/glsa/201201-13
6
reference_url https://access.redhat.com/errata/RHSA-2011:1379
reference_id RHSA-2011:1379
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:1379
7
reference_url https://usn.ubuntu.com/1233-1/
reference_id USN-1233-1
reference_type
scores
url https://usn.ubuntu.com/1233-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
aliases CVE-2011-1528
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zv6f-cpbv-a7b7
95
url VCID-zxdc-pv4q-myb6
vulnerability_id VCID-zxdc-pv4q-myb6
summary MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read or NULL pointer dereference, and application crash) by injecting invalid tokens into a GSSAPI application session.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4342.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4342.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4342
reference_id
reference_type
scores
0
value 0.08139
scoring_system epss
scoring_elements 0.92317
published_at 2026-06-04T12:55:00Z
1
value 0.08139
scoring_system epss
scoring_elements 0.92332
published_at 2026-06-05T12:55:00Z
2
value 0.08139
scoring_system epss
scoring_elements 0.92329
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4342
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1120581
reference_id 1120581
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1120581
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753625
reference_id 753625
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753625
10
reference_url https://access.redhat.com/errata/RHSA-2014:1389
reference_id RHSA-2014:1389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1389
11
reference_url https://access.redhat.com/errata/RHSA-2015:0439
reference_id RHSA-2015:0439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0439
12
reference_url https://usn.ubuntu.com/2310-1/
reference_id USN-2310-1
reference_type
scores
url https://usn.ubuntu.com/2310-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
purl pkg:deb/debian/krb5@1.10.1%2Bdfsg-5%2Bdeb7u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1nn6-mr7d-wyhk
1
vulnerability VCID-2674-wgen-1qbk
2
vulnerability VCID-2tn3-dfqx-5yc9
3
vulnerability VCID-3d22-kr2u-tuck
4
vulnerability VCID-3df1-58jr-e7gv
5
vulnerability VCID-3tas-mucv-aufk
6
vulnerability VCID-42rr-7ajf-eqg7
7
vulnerability VCID-4mm3-t6eu-4qde
8
vulnerability VCID-596a-s3un-vbbc
9
vulnerability VCID-6jnk-3rfw-nkh8
10
vulnerability VCID-7wnb-bhuv-tycp
11
vulnerability VCID-b6a9-hnjx-c3gk
12
vulnerability VCID-bdmc-p544-bfg9
13
vulnerability VCID-c5he-57zg-fybc
14
vulnerability VCID-dbaq-qjd2-d7c9
15
vulnerability VCID-e1xu-a882-s3ga
16
vulnerability VCID-ekzs-tuvp-ybfq
17
vulnerability VCID-esm3-3qwz-cud2
18
vulnerability VCID-f343-u3jt-pkfy
19
vulnerability VCID-fcy5-mv1a-n7dh
20
vulnerability VCID-fvfb-k9ar-93eu
21
vulnerability VCID-h23e-nhyz-8uda
22
vulnerability VCID-husp-fm64-nfa9
23
vulnerability VCID-j145-f5mp-xkeq
24
vulnerability VCID-j6qa-q1h1-3uaq
25
vulnerability VCID-jfhc-x8j6-yuab
26
vulnerability VCID-kwy5-x7m9-4qgt
27
vulnerability VCID-mbrk-dkua-uyeq
28
vulnerability VCID-pj93-uzpy-3bg1
29
vulnerability VCID-pq2d-33kw-ayb7
30
vulnerability VCID-py4d-vrgu-5ueu
31
vulnerability VCID-rgc3-hzw1-3bcp
32
vulnerability VCID-s1hu-g4ns-5ydy
33
vulnerability VCID-t96y-1vd2-fqe3
34
vulnerability VCID-tg7a-etmk-6fea
35
vulnerability VCID-u4y9-vrsc-wbdy
36
vulnerability VCID-ukkj-tn8u-yuab
37
vulnerability VCID-v4b9-7gb8-7kf7
38
vulnerability VCID-vq2w-pgev-f7ha
39
vulnerability VCID-vuzh-e7pz-fqgt
40
vulnerability VCID-wc2t-bbf1-mua5
41
vulnerability VCID-xmhu-nkgw-kybr
42
vulnerability VCID-yejf-124s-hqgx
43
vulnerability VCID-yr93-awkm-v7ay
44
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.10.1%252Bdfsg-5%252Bdeb7u7
1
url pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
purl pkg:deb/debian/krb5@1.12.1%2Bdfsg-19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2tn3-dfqx-5yc9
1
vulnerability VCID-3d22-kr2u-tuck
2
vulnerability VCID-3tas-mucv-aufk
3
vulnerability VCID-4mm3-t6eu-4qde
4
vulnerability VCID-b6a9-hnjx-c3gk
5
vulnerability VCID-c5he-57zg-fybc
6
vulnerability VCID-e1xu-a882-s3ga
7
vulnerability VCID-ekzs-tuvp-ybfq
8
vulnerability VCID-fcy5-mv1a-n7dh
9
vulnerability VCID-fvfb-k9ar-93eu
10
vulnerability VCID-h23e-nhyz-8uda
11
vulnerability VCID-husp-fm64-nfa9
12
vulnerability VCID-j6qa-q1h1-3uaq
13
vulnerability VCID-jfhc-x8j6-yuab
14
vulnerability VCID-kwy5-x7m9-4qgt
15
vulnerability VCID-mbrk-dkua-uyeq
16
vulnerability VCID-pj93-uzpy-3bg1
17
vulnerability VCID-pq2d-33kw-ayb7
18
vulnerability VCID-py4d-vrgu-5ueu
19
vulnerability VCID-rgc3-hzw1-3bcp
20
vulnerability VCID-s1hu-g4ns-5ydy
21
vulnerability VCID-tg7a-etmk-6fea
22
vulnerability VCID-u4y9-vrsc-wbdy
23
vulnerability VCID-ukkj-tn8u-yuab
24
vulnerability VCID-vuzh-e7pz-fqgt
25
vulnerability VCID-wc2t-bbf1-mua5
26
vulnerability VCID-xmhu-nkgw-kybr
27
vulnerability VCID-yejf-124s-hqgx
28
vulnerability VCID-yr93-awkm-v7ay
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.12.1%252Bdfsg-19
aliases CVE-2014-4342
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zxdc-pv4q-myb6
96
url VCID-zzy2-uume-kyd8
vulnerability_id VCID-zzy2-uume-kyd8
summary Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via crafted arguments, possibly involving certain format string specifiers.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0957.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0957.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-0957
reference_id
reference_type
scores
0
value 0.26118
scoring_system epss
scoring_elements 0.96389
published_at 2026-06-04T12:55:00Z
1
value 0.26118
scoring_system epss
scoring_elements 0.96394
published_at 2026-06-05T12:55:00Z
2
value 0.26118
scoring_system epss
scoring_elements 0.96398
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-0957
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=231528
reference_id 231528
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=231528
4
reference_url https://security.gentoo.org/glsa/200704-02
reference_id GLSA-200704-02
reference_type
scores
url https://security.gentoo.org/glsa/200704-02
5
reference_url https://access.redhat.com/errata/RHSA-2007:0095
reference_id RHSA-2007:0095
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0095
6
reference_url https://usn.ubuntu.com/449-1/
reference_id USN-449-1
reference_type
scores
url https://usn.ubuntu.com/449-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
purl pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sps-s2a3-wbad
3
vulnerability VCID-1u82-w13p-cfbk
4
vulnerability VCID-2674-wgen-1qbk
5
vulnerability VCID-2tn3-dfqx-5yc9
6
vulnerability VCID-3d22-kr2u-tuck
7
vulnerability VCID-3df1-58jr-e7gv
8
vulnerability VCID-3jcm-y59r-47a5
9
vulnerability VCID-3tas-mucv-aufk
10
vulnerability VCID-42rr-7ajf-eqg7
11
vulnerability VCID-4mm3-t6eu-4qde
12
vulnerability VCID-53pj-pwxv-qqhv
13
vulnerability VCID-596a-s3un-vbbc
14
vulnerability VCID-5jja-ssqm-skhu
15
vulnerability VCID-5thq-ff3f-h7f6
16
vulnerability VCID-6jnk-3rfw-nkh8
17
vulnerability VCID-7ey4-ge6f-9uct
18
vulnerability VCID-7wnb-bhuv-tycp
19
vulnerability VCID-8fxt-3wg4-dkbb
20
vulnerability VCID-9axv-m7xk-quax
21
vulnerability VCID-a4cc-w95t-8fh6
22
vulnerability VCID-at3s-18x4-n7e2
23
vulnerability VCID-b6a9-hnjx-c3gk
24
vulnerability VCID-bdmc-p544-bfg9
25
vulnerability VCID-bg27-2hv6-m7cx
26
vulnerability VCID-bkdg-dybz-t3fy
27
vulnerability VCID-bkqm-d2bp-f7fe
28
vulnerability VCID-c2t4-3vdu-wqf1
29
vulnerability VCID-c3qw-eazy-nyer
30
vulnerability VCID-c5ev-cgh8-3kda
31
vulnerability VCID-c5he-57zg-fybc
32
vulnerability VCID-d2qf-r6jd-r3c7
33
vulnerability VCID-d42v-zwu4-a3ge
34
vulnerability VCID-d53g-faqf-gfdp
35
vulnerability VCID-dbaq-qjd2-d7c9
36
vulnerability VCID-e1xu-a882-s3ga
37
vulnerability VCID-ekzs-tuvp-ybfq
38
vulnerability VCID-esm3-3qwz-cud2
39
vulnerability VCID-ezm2-e8zw-g7dg
40
vulnerability VCID-f343-u3jt-pkfy
41
vulnerability VCID-f72c-txrr-ukga
42
vulnerability VCID-fcy5-mv1a-n7dh
43
vulnerability VCID-fvfb-k9ar-93eu
44
vulnerability VCID-g9nw-c9d1-a3er
45
vulnerability VCID-h23e-nhyz-8uda
46
vulnerability VCID-hre7-pp7p-13fs
47
vulnerability VCID-husp-fm64-nfa9
48
vulnerability VCID-j145-f5mp-xkeq
49
vulnerability VCID-j6qa-q1h1-3uaq
50
vulnerability VCID-jbf6-vrjc-syg1
51
vulnerability VCID-jfhc-x8j6-yuab
52
vulnerability VCID-ksar-xuza-8kg7
53
vulnerability VCID-kszc-uv1w-syb1
54
vulnerability VCID-ktuq-s8bz-1qam
55
vulnerability VCID-kwy5-x7m9-4qgt
56
vulnerability VCID-mbrk-dkua-uyeq
57
vulnerability VCID-ny7t-pkm8-2fb4
58
vulnerability VCID-pbeh-n41k-s7au
59
vulnerability VCID-pj93-uzpy-3bg1
60
vulnerability VCID-pq2d-33kw-ayb7
61
vulnerability VCID-py4d-vrgu-5ueu
62
vulnerability VCID-rgc3-hzw1-3bcp
63
vulnerability VCID-s1hu-g4ns-5ydy
64
vulnerability VCID-sewn-mfcw-gygm
65
vulnerability VCID-t96y-1vd2-fqe3
66
vulnerability VCID-tg7a-etmk-6fea
67
vulnerability VCID-u4y9-vrsc-wbdy
68
vulnerability VCID-ukkj-tn8u-yuab
69
vulnerability VCID-v4b9-7gb8-7kf7
70
vulnerability VCID-vq2w-pgev-f7ha
71
vulnerability VCID-vuzh-e7pz-fqgt
72
vulnerability VCID-vxvk-vwan-ukak
73
vulnerability VCID-wc2t-bbf1-mua5
74
vulnerability VCID-xmhu-nkgw-kybr
75
vulnerability VCID-yejf-124s-hqgx
76
vulnerability VCID-yr93-awkm-v7ay
77
vulnerability VCID-yy22-6ztx-67d4
78
vulnerability VCID-zv6f-cpbv-a7b7
79
vulnerability VCID-zxdc-pv4q-myb6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.6.dfsg.4~beta1-5lenny7
aliases CVE-2007-0957
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zzy2-uume-kyd8
Fixing_vulnerabilities
0
url VCID-8zt4-dzqz-n7gt
vulnerability_id VCID-8zt4-dzqz-n7gt
summary The (1) ftpd and (2) ksu programs in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, and (b) Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which might allow local users to gain privileges by causing setuid to fail to drop privileges. NOTE: as of 20060808, it is not known whether an exploitable attack scenario exists for these issues.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-3084
reference_id
reference_type
scores
0
value 0.00407
scoring_system epss
scoring_elements 0.61424
published_at 2026-06-04T12:55:00Z
1
value 0.00407
scoring_system epss
scoring_elements 0.61471
published_at 2026-06-05T12:55:00Z
2
value 0.00407
scoring_system epss
scoring_elements 0.61478
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-3084
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3084
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3084
2
reference_url https://security.gentoo.org/glsa/200608-15
reference_id GLSA-200608-15
reference_type
scores
url https://security.gentoo.org/glsa/200608-15
3
reference_url https://security.gentoo.org/glsa/200608-21
reference_id GLSA-200608-21
reference_type
scores
url https://security.gentoo.org/glsa/200608-21
4
reference_url https://usn.ubuntu.com/334-1/
reference_id USN-334-1
reference_type
scores
url https://usn.ubuntu.com/334-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.4.4-7etch1
purl pkg:deb/debian/krb5@1.4.4-7etch1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sfq-jfju-2uh8
3
vulnerability VCID-1sps-s2a3-wbad
4
vulnerability VCID-1u82-w13p-cfbk
5
vulnerability VCID-2674-wgen-1qbk
6
vulnerability VCID-2ca9-q5cr-guep
7
vulnerability VCID-2dct-5xex-6bhn
8
vulnerability VCID-2pmt-wrh2-kqgp
9
vulnerability VCID-2tn3-dfqx-5yc9
10
vulnerability VCID-2ud2-gzrr-8bb9
11
vulnerability VCID-3d22-kr2u-tuck
12
vulnerability VCID-3df1-58jr-e7gv
13
vulnerability VCID-3jcm-y59r-47a5
14
vulnerability VCID-3tas-mucv-aufk
15
vulnerability VCID-42rr-7ajf-eqg7
16
vulnerability VCID-4mm3-t6eu-4qde
17
vulnerability VCID-53pj-pwxv-qqhv
18
vulnerability VCID-56jv-ftkh-e7bg
19
vulnerability VCID-596a-s3un-vbbc
20
vulnerability VCID-5jja-ssqm-skhu
21
vulnerability VCID-5thq-ff3f-h7f6
22
vulnerability VCID-66wn-48ee-8qd8
23
vulnerability VCID-6jnk-3rfw-nkh8
24
vulnerability VCID-7azb-3ws6-mbh8
25
vulnerability VCID-7ey4-ge6f-9uct
26
vulnerability VCID-7wnb-bhuv-tycp
27
vulnerability VCID-7wvx-d25a-dkfc
28
vulnerability VCID-7yu5-qag8-23cf
29
vulnerability VCID-8fxt-3wg4-dkbb
30
vulnerability VCID-9axv-m7xk-quax
31
vulnerability VCID-a4cc-w95t-8fh6
32
vulnerability VCID-at3s-18x4-n7e2
33
vulnerability VCID-b6a9-hnjx-c3gk
34
vulnerability VCID-bdmc-p544-bfg9
35
vulnerability VCID-bg27-2hv6-m7cx
36
vulnerability VCID-bkdg-dybz-t3fy
37
vulnerability VCID-bkqm-d2bp-f7fe
38
vulnerability VCID-c2t4-3vdu-wqf1
39
vulnerability VCID-c3qw-eazy-nyer
40
vulnerability VCID-c5ev-cgh8-3kda
41
vulnerability VCID-c5he-57zg-fybc
42
vulnerability VCID-ce17-bbd4-tyc1
43
vulnerability VCID-d2qf-r6jd-r3c7
44
vulnerability VCID-d42v-zwu4-a3ge
45
vulnerability VCID-d53g-faqf-gfdp
46
vulnerability VCID-dbaq-qjd2-d7c9
47
vulnerability VCID-e1xu-a882-s3ga
48
vulnerability VCID-ekzs-tuvp-ybfq
49
vulnerability VCID-esm3-3qwz-cud2
50
vulnerability VCID-ezm2-e8zw-g7dg
51
vulnerability VCID-f343-u3jt-pkfy
52
vulnerability VCID-f72c-txrr-ukga
53
vulnerability VCID-fcy5-mv1a-n7dh
54
vulnerability VCID-fvfb-k9ar-93eu
55
vulnerability VCID-g9nw-c9d1-a3er
56
vulnerability VCID-h23e-nhyz-8uda
57
vulnerability VCID-hre7-pp7p-13fs
58
vulnerability VCID-husp-fm64-nfa9
59
vulnerability VCID-j145-f5mp-xkeq
60
vulnerability VCID-j6qa-q1h1-3uaq
61
vulnerability VCID-jbf6-vrjc-syg1
62
vulnerability VCID-jbkg-zyb4-ybdc
63
vulnerability VCID-jfhc-x8j6-yuab
64
vulnerability VCID-ksar-xuza-8kg7
65
vulnerability VCID-kszc-uv1w-syb1
66
vulnerability VCID-ktuq-s8bz-1qam
67
vulnerability VCID-kwy5-x7m9-4qgt
68
vulnerability VCID-m9pf-r95d-4qbx
69
vulnerability VCID-mbrk-dkua-uyeq
70
vulnerability VCID-ny7t-pkm8-2fb4
71
vulnerability VCID-pbeh-n41k-s7au
72
vulnerability VCID-phbg-1ygq-9qb6
73
vulnerability VCID-pj93-uzpy-3bg1
74
vulnerability VCID-pq2d-33kw-ayb7
75
vulnerability VCID-py4d-vrgu-5ueu
76
vulnerability VCID-rgc3-hzw1-3bcp
77
vulnerability VCID-s1hu-g4ns-5ydy
78
vulnerability VCID-sewn-mfcw-gygm
79
vulnerability VCID-t96y-1vd2-fqe3
80
vulnerability VCID-tg7a-etmk-6fea
81
vulnerability VCID-u4y9-vrsc-wbdy
82
vulnerability VCID-ukkj-tn8u-yuab
83
vulnerability VCID-v4b9-7gb8-7kf7
84
vulnerability VCID-vq2w-pgev-f7ha
85
vulnerability VCID-vuzh-e7pz-fqgt
86
vulnerability VCID-vxvk-vwan-ukak
87
vulnerability VCID-wc2t-bbf1-mua5
88
vulnerability VCID-xmhu-nkgw-kybr
89
vulnerability VCID-yejf-124s-hqgx
90
vulnerability VCID-yr93-awkm-v7ay
91
vulnerability VCID-yy22-6ztx-67d4
92
vulnerability VCID-zca5-fvv5-6yeq
93
vulnerability VCID-zqek-558r-wqf8
94
vulnerability VCID-zv6f-cpbv-a7b7
95
vulnerability VCID-zxdc-pv4q-myb6
96
vulnerability VCID-zzy2-uume-kyd8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.4.4-7etch1
aliases CVE-2006-3084
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8zt4-dzqz-n7gt
1
url VCID-cpxe-zfxr-jqd9
vulnerability_id VCID-cpxe-zfxr-jqd9
summary Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1175.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1175.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-1175
reference_id
reference_type
scores
0
value 0.45397
scoring_system epss
scoring_elements 0.97671
published_at 2026-06-04T12:55:00Z
1
value 0.45397
scoring_system epss
scoring_elements 0.97675
published_at 2026-06-05T12:55:00Z
2
value 0.45397
scoring_system epss
scoring_elements 0.97677
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-1175
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1175
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1175
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617614
reference_id 1617614
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617614
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318437
reference_id 318437
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318437
5
reference_url https://access.redhat.com/errata/RHSA-2005:562
reference_id RHSA-2005:562
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:562
6
reference_url https://access.redhat.com/errata/RHSA-2005:567
reference_id RHSA-2005:567
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:567
7
reference_url https://usn.ubuntu.com/224-1/
reference_id USN-224-1
reference_type
scores
url https://usn.ubuntu.com/224-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.4.4-7etch1
purl pkg:deb/debian/krb5@1.4.4-7etch1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sfq-jfju-2uh8
3
vulnerability VCID-1sps-s2a3-wbad
4
vulnerability VCID-1u82-w13p-cfbk
5
vulnerability VCID-2674-wgen-1qbk
6
vulnerability VCID-2ca9-q5cr-guep
7
vulnerability VCID-2dct-5xex-6bhn
8
vulnerability VCID-2pmt-wrh2-kqgp
9
vulnerability VCID-2tn3-dfqx-5yc9
10
vulnerability VCID-2ud2-gzrr-8bb9
11
vulnerability VCID-3d22-kr2u-tuck
12
vulnerability VCID-3df1-58jr-e7gv
13
vulnerability VCID-3jcm-y59r-47a5
14
vulnerability VCID-3tas-mucv-aufk
15
vulnerability VCID-42rr-7ajf-eqg7
16
vulnerability VCID-4mm3-t6eu-4qde
17
vulnerability VCID-53pj-pwxv-qqhv
18
vulnerability VCID-56jv-ftkh-e7bg
19
vulnerability VCID-596a-s3un-vbbc
20
vulnerability VCID-5jja-ssqm-skhu
21
vulnerability VCID-5thq-ff3f-h7f6
22
vulnerability VCID-66wn-48ee-8qd8
23
vulnerability VCID-6jnk-3rfw-nkh8
24
vulnerability VCID-7azb-3ws6-mbh8
25
vulnerability VCID-7ey4-ge6f-9uct
26
vulnerability VCID-7wnb-bhuv-tycp
27
vulnerability VCID-7wvx-d25a-dkfc
28
vulnerability VCID-7yu5-qag8-23cf
29
vulnerability VCID-8fxt-3wg4-dkbb
30
vulnerability VCID-9axv-m7xk-quax
31
vulnerability VCID-a4cc-w95t-8fh6
32
vulnerability VCID-at3s-18x4-n7e2
33
vulnerability VCID-b6a9-hnjx-c3gk
34
vulnerability VCID-bdmc-p544-bfg9
35
vulnerability VCID-bg27-2hv6-m7cx
36
vulnerability VCID-bkdg-dybz-t3fy
37
vulnerability VCID-bkqm-d2bp-f7fe
38
vulnerability VCID-c2t4-3vdu-wqf1
39
vulnerability VCID-c3qw-eazy-nyer
40
vulnerability VCID-c5ev-cgh8-3kda
41
vulnerability VCID-c5he-57zg-fybc
42
vulnerability VCID-ce17-bbd4-tyc1
43
vulnerability VCID-d2qf-r6jd-r3c7
44
vulnerability VCID-d42v-zwu4-a3ge
45
vulnerability VCID-d53g-faqf-gfdp
46
vulnerability VCID-dbaq-qjd2-d7c9
47
vulnerability VCID-e1xu-a882-s3ga
48
vulnerability VCID-ekzs-tuvp-ybfq
49
vulnerability VCID-esm3-3qwz-cud2
50
vulnerability VCID-ezm2-e8zw-g7dg
51
vulnerability VCID-f343-u3jt-pkfy
52
vulnerability VCID-f72c-txrr-ukga
53
vulnerability VCID-fcy5-mv1a-n7dh
54
vulnerability VCID-fvfb-k9ar-93eu
55
vulnerability VCID-g9nw-c9d1-a3er
56
vulnerability VCID-h23e-nhyz-8uda
57
vulnerability VCID-hre7-pp7p-13fs
58
vulnerability VCID-husp-fm64-nfa9
59
vulnerability VCID-j145-f5mp-xkeq
60
vulnerability VCID-j6qa-q1h1-3uaq
61
vulnerability VCID-jbf6-vrjc-syg1
62
vulnerability VCID-jbkg-zyb4-ybdc
63
vulnerability VCID-jfhc-x8j6-yuab
64
vulnerability VCID-ksar-xuza-8kg7
65
vulnerability VCID-kszc-uv1w-syb1
66
vulnerability VCID-ktuq-s8bz-1qam
67
vulnerability VCID-kwy5-x7m9-4qgt
68
vulnerability VCID-m9pf-r95d-4qbx
69
vulnerability VCID-mbrk-dkua-uyeq
70
vulnerability VCID-ny7t-pkm8-2fb4
71
vulnerability VCID-pbeh-n41k-s7au
72
vulnerability VCID-phbg-1ygq-9qb6
73
vulnerability VCID-pj93-uzpy-3bg1
74
vulnerability VCID-pq2d-33kw-ayb7
75
vulnerability VCID-py4d-vrgu-5ueu
76
vulnerability VCID-rgc3-hzw1-3bcp
77
vulnerability VCID-s1hu-g4ns-5ydy
78
vulnerability VCID-sewn-mfcw-gygm
79
vulnerability VCID-t96y-1vd2-fqe3
80
vulnerability VCID-tg7a-etmk-6fea
81
vulnerability VCID-u4y9-vrsc-wbdy
82
vulnerability VCID-ukkj-tn8u-yuab
83
vulnerability VCID-v4b9-7gb8-7kf7
84
vulnerability VCID-vq2w-pgev-f7ha
85
vulnerability VCID-vuzh-e7pz-fqgt
86
vulnerability VCID-vxvk-vwan-ukak
87
vulnerability VCID-wc2t-bbf1-mua5
88
vulnerability VCID-xmhu-nkgw-kybr
89
vulnerability VCID-yejf-124s-hqgx
90
vulnerability VCID-yr93-awkm-v7ay
91
vulnerability VCID-yy22-6ztx-67d4
92
vulnerability VCID-zca5-fvv5-6yeq
93
vulnerability VCID-zqek-558r-wqf8
94
vulnerability VCID-zv6f-cpbv-a7b7
95
vulnerability VCID-zxdc-pv4q-myb6
96
vulnerability VCID-zzy2-uume-kyd8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.4.4-7etch1
aliases CVE-2005-1175
risk_score 0.2
exploitability 0.5
weighted_severity 0.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cpxe-zfxr-jqd9
2
url VCID-ft9a-w4y3-7uff
vulnerability_id VCID-ft9a-w4y3-7uff
summary The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-6143.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-6143.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-6143
reference_id
reference_type
scores
0
value 0.2506
scoring_system epss
scoring_elements 0.96282
published_at 2026-06-04T12:55:00Z
1
value 0.2506
scoring_system epss
scoring_elements 0.96287
published_at 2026-06-05T12:55:00Z
2
value 0.2506
scoring_system epss
scoring_elements 0.96289
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-6143
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6143
3
reference_url https://security.gentoo.org/glsa/200701-21
reference_id GLSA-200701-21
reference_type
scores
url https://security.gentoo.org/glsa/200701-21
4
reference_url https://usn.ubuntu.com/408-1/
reference_id USN-408-1
reference_type
scores
url https://usn.ubuntu.com/408-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.4.4-7etch1
purl pkg:deb/debian/krb5@1.4.4-7etch1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sfq-jfju-2uh8
3
vulnerability VCID-1sps-s2a3-wbad
4
vulnerability VCID-1u82-w13p-cfbk
5
vulnerability VCID-2674-wgen-1qbk
6
vulnerability VCID-2ca9-q5cr-guep
7
vulnerability VCID-2dct-5xex-6bhn
8
vulnerability VCID-2pmt-wrh2-kqgp
9
vulnerability VCID-2tn3-dfqx-5yc9
10
vulnerability VCID-2ud2-gzrr-8bb9
11
vulnerability VCID-3d22-kr2u-tuck
12
vulnerability VCID-3df1-58jr-e7gv
13
vulnerability VCID-3jcm-y59r-47a5
14
vulnerability VCID-3tas-mucv-aufk
15
vulnerability VCID-42rr-7ajf-eqg7
16
vulnerability VCID-4mm3-t6eu-4qde
17
vulnerability VCID-53pj-pwxv-qqhv
18
vulnerability VCID-56jv-ftkh-e7bg
19
vulnerability VCID-596a-s3un-vbbc
20
vulnerability VCID-5jja-ssqm-skhu
21
vulnerability VCID-5thq-ff3f-h7f6
22
vulnerability VCID-66wn-48ee-8qd8
23
vulnerability VCID-6jnk-3rfw-nkh8
24
vulnerability VCID-7azb-3ws6-mbh8
25
vulnerability VCID-7ey4-ge6f-9uct
26
vulnerability VCID-7wnb-bhuv-tycp
27
vulnerability VCID-7wvx-d25a-dkfc
28
vulnerability VCID-7yu5-qag8-23cf
29
vulnerability VCID-8fxt-3wg4-dkbb
30
vulnerability VCID-9axv-m7xk-quax
31
vulnerability VCID-a4cc-w95t-8fh6
32
vulnerability VCID-at3s-18x4-n7e2
33
vulnerability VCID-b6a9-hnjx-c3gk
34
vulnerability VCID-bdmc-p544-bfg9
35
vulnerability VCID-bg27-2hv6-m7cx
36
vulnerability VCID-bkdg-dybz-t3fy
37
vulnerability VCID-bkqm-d2bp-f7fe
38
vulnerability VCID-c2t4-3vdu-wqf1
39
vulnerability VCID-c3qw-eazy-nyer
40
vulnerability VCID-c5ev-cgh8-3kda
41
vulnerability VCID-c5he-57zg-fybc
42
vulnerability VCID-ce17-bbd4-tyc1
43
vulnerability VCID-d2qf-r6jd-r3c7
44
vulnerability VCID-d42v-zwu4-a3ge
45
vulnerability VCID-d53g-faqf-gfdp
46
vulnerability VCID-dbaq-qjd2-d7c9
47
vulnerability VCID-e1xu-a882-s3ga
48
vulnerability VCID-ekzs-tuvp-ybfq
49
vulnerability VCID-esm3-3qwz-cud2
50
vulnerability VCID-ezm2-e8zw-g7dg
51
vulnerability VCID-f343-u3jt-pkfy
52
vulnerability VCID-f72c-txrr-ukga
53
vulnerability VCID-fcy5-mv1a-n7dh
54
vulnerability VCID-fvfb-k9ar-93eu
55
vulnerability VCID-g9nw-c9d1-a3er
56
vulnerability VCID-h23e-nhyz-8uda
57
vulnerability VCID-hre7-pp7p-13fs
58
vulnerability VCID-husp-fm64-nfa9
59
vulnerability VCID-j145-f5mp-xkeq
60
vulnerability VCID-j6qa-q1h1-3uaq
61
vulnerability VCID-jbf6-vrjc-syg1
62
vulnerability VCID-jbkg-zyb4-ybdc
63
vulnerability VCID-jfhc-x8j6-yuab
64
vulnerability VCID-ksar-xuza-8kg7
65
vulnerability VCID-kszc-uv1w-syb1
66
vulnerability VCID-ktuq-s8bz-1qam
67
vulnerability VCID-kwy5-x7m9-4qgt
68
vulnerability VCID-m9pf-r95d-4qbx
69
vulnerability VCID-mbrk-dkua-uyeq
70
vulnerability VCID-ny7t-pkm8-2fb4
71
vulnerability VCID-pbeh-n41k-s7au
72
vulnerability VCID-phbg-1ygq-9qb6
73
vulnerability VCID-pj93-uzpy-3bg1
74
vulnerability VCID-pq2d-33kw-ayb7
75
vulnerability VCID-py4d-vrgu-5ueu
76
vulnerability VCID-rgc3-hzw1-3bcp
77
vulnerability VCID-s1hu-g4ns-5ydy
78
vulnerability VCID-sewn-mfcw-gygm
79
vulnerability VCID-t96y-1vd2-fqe3
80
vulnerability VCID-tg7a-etmk-6fea
81
vulnerability VCID-u4y9-vrsc-wbdy
82
vulnerability VCID-ukkj-tn8u-yuab
83
vulnerability VCID-v4b9-7gb8-7kf7
84
vulnerability VCID-vq2w-pgev-f7ha
85
vulnerability VCID-vuzh-e7pz-fqgt
86
vulnerability VCID-vxvk-vwan-ukak
87
vulnerability VCID-wc2t-bbf1-mua5
88
vulnerability VCID-xmhu-nkgw-kybr
89
vulnerability VCID-yejf-124s-hqgx
90
vulnerability VCID-yr93-awkm-v7ay
91
vulnerability VCID-yy22-6ztx-67d4
92
vulnerability VCID-zca5-fvv5-6yeq
93
vulnerability VCID-zqek-558r-wqf8
94
vulnerability VCID-zv6f-cpbv-a7b7
95
vulnerability VCID-zxdc-pv4q-myb6
96
vulnerability VCID-zzy2-uume-kyd8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.4.4-7etch1
aliases CVE-2006-6143
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ft9a-w4y3-7uff
3
url VCID-h5zh-m41x-gubx
vulnerability_id VCID-h5zh-m41x-gubx
summary MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1174.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1174.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-1174
reference_id
reference_type
scores
0
value 0.40925
scoring_system epss
scoring_elements 0.97453
published_at 2026-06-04T12:55:00Z
1
value 0.40925
scoring_system epss
scoring_elements 0.9746
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-1174
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1174
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1174
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617613
reference_id 1617613
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617613
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318437
reference_id 318437
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318437
5
reference_url https://access.redhat.com/errata/RHSA-2005:567
reference_id RHSA-2005:567
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:567
6
reference_url https://usn.ubuntu.com/224-1/
reference_id USN-224-1
reference_type
scores
url https://usn.ubuntu.com/224-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.4.4-7etch1
purl pkg:deb/debian/krb5@1.4.4-7etch1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sfq-jfju-2uh8
3
vulnerability VCID-1sps-s2a3-wbad
4
vulnerability VCID-1u82-w13p-cfbk
5
vulnerability VCID-2674-wgen-1qbk
6
vulnerability VCID-2ca9-q5cr-guep
7
vulnerability VCID-2dct-5xex-6bhn
8
vulnerability VCID-2pmt-wrh2-kqgp
9
vulnerability VCID-2tn3-dfqx-5yc9
10
vulnerability VCID-2ud2-gzrr-8bb9
11
vulnerability VCID-3d22-kr2u-tuck
12
vulnerability VCID-3df1-58jr-e7gv
13
vulnerability VCID-3jcm-y59r-47a5
14
vulnerability VCID-3tas-mucv-aufk
15
vulnerability VCID-42rr-7ajf-eqg7
16
vulnerability VCID-4mm3-t6eu-4qde
17
vulnerability VCID-53pj-pwxv-qqhv
18
vulnerability VCID-56jv-ftkh-e7bg
19
vulnerability VCID-596a-s3un-vbbc
20
vulnerability VCID-5jja-ssqm-skhu
21
vulnerability VCID-5thq-ff3f-h7f6
22
vulnerability VCID-66wn-48ee-8qd8
23
vulnerability VCID-6jnk-3rfw-nkh8
24
vulnerability VCID-7azb-3ws6-mbh8
25
vulnerability VCID-7ey4-ge6f-9uct
26
vulnerability VCID-7wnb-bhuv-tycp
27
vulnerability VCID-7wvx-d25a-dkfc
28
vulnerability VCID-7yu5-qag8-23cf
29
vulnerability VCID-8fxt-3wg4-dkbb
30
vulnerability VCID-9axv-m7xk-quax
31
vulnerability VCID-a4cc-w95t-8fh6
32
vulnerability VCID-at3s-18x4-n7e2
33
vulnerability VCID-b6a9-hnjx-c3gk
34
vulnerability VCID-bdmc-p544-bfg9
35
vulnerability VCID-bg27-2hv6-m7cx
36
vulnerability VCID-bkdg-dybz-t3fy
37
vulnerability VCID-bkqm-d2bp-f7fe
38
vulnerability VCID-c2t4-3vdu-wqf1
39
vulnerability VCID-c3qw-eazy-nyer
40
vulnerability VCID-c5ev-cgh8-3kda
41
vulnerability VCID-c5he-57zg-fybc
42
vulnerability VCID-ce17-bbd4-tyc1
43
vulnerability VCID-d2qf-r6jd-r3c7
44
vulnerability VCID-d42v-zwu4-a3ge
45
vulnerability VCID-d53g-faqf-gfdp
46
vulnerability VCID-dbaq-qjd2-d7c9
47
vulnerability VCID-e1xu-a882-s3ga
48
vulnerability VCID-ekzs-tuvp-ybfq
49
vulnerability VCID-esm3-3qwz-cud2
50
vulnerability VCID-ezm2-e8zw-g7dg
51
vulnerability VCID-f343-u3jt-pkfy
52
vulnerability VCID-f72c-txrr-ukga
53
vulnerability VCID-fcy5-mv1a-n7dh
54
vulnerability VCID-fvfb-k9ar-93eu
55
vulnerability VCID-g9nw-c9d1-a3er
56
vulnerability VCID-h23e-nhyz-8uda
57
vulnerability VCID-hre7-pp7p-13fs
58
vulnerability VCID-husp-fm64-nfa9
59
vulnerability VCID-j145-f5mp-xkeq
60
vulnerability VCID-j6qa-q1h1-3uaq
61
vulnerability VCID-jbf6-vrjc-syg1
62
vulnerability VCID-jbkg-zyb4-ybdc
63
vulnerability VCID-jfhc-x8j6-yuab
64
vulnerability VCID-ksar-xuza-8kg7
65
vulnerability VCID-kszc-uv1w-syb1
66
vulnerability VCID-ktuq-s8bz-1qam
67
vulnerability VCID-kwy5-x7m9-4qgt
68
vulnerability VCID-m9pf-r95d-4qbx
69
vulnerability VCID-mbrk-dkua-uyeq
70
vulnerability VCID-ny7t-pkm8-2fb4
71
vulnerability VCID-pbeh-n41k-s7au
72
vulnerability VCID-phbg-1ygq-9qb6
73
vulnerability VCID-pj93-uzpy-3bg1
74
vulnerability VCID-pq2d-33kw-ayb7
75
vulnerability VCID-py4d-vrgu-5ueu
76
vulnerability VCID-rgc3-hzw1-3bcp
77
vulnerability VCID-s1hu-g4ns-5ydy
78
vulnerability VCID-sewn-mfcw-gygm
79
vulnerability VCID-t96y-1vd2-fqe3
80
vulnerability VCID-tg7a-etmk-6fea
81
vulnerability VCID-u4y9-vrsc-wbdy
82
vulnerability VCID-ukkj-tn8u-yuab
83
vulnerability VCID-v4b9-7gb8-7kf7
84
vulnerability VCID-vq2w-pgev-f7ha
85
vulnerability VCID-vuzh-e7pz-fqgt
86
vulnerability VCID-vxvk-vwan-ukak
87
vulnerability VCID-wc2t-bbf1-mua5
88
vulnerability VCID-xmhu-nkgw-kybr
89
vulnerability VCID-yejf-124s-hqgx
90
vulnerability VCID-yr93-awkm-v7ay
91
vulnerability VCID-yy22-6ztx-67d4
92
vulnerability VCID-zca5-fvv5-6yeq
93
vulnerability VCID-zqek-558r-wqf8
94
vulnerability VCID-zv6f-cpbv-a7b7
95
vulnerability VCID-zxdc-pv4q-myb6
96
vulnerability VCID-zzy2-uume-kyd8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.4.4-7etch1
aliases CVE-2005-1174
risk_score 0.2
exploitability 0.5
weighted_severity 0.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h5zh-m41x-gubx
4
url VCID-kva9-fewk-pubw
vulnerability_id VCID-kva9-fewk-pubw
summary Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1689.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1689.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-1689
reference_id
reference_type
scores
0
value 0.55203
scoring_system epss
scoring_elements 0.981
published_at 2026-06-04T12:55:00Z
1
value 0.55203
scoring_system epss
scoring_elements 0.98102
published_at 2026-06-05T12:55:00Z
2
value 0.55203
scoring_system epss
scoring_elements 0.98103
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-1689
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1689
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1689
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617659
reference_id 1617659
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617659
4
reference_url https://access.redhat.com/errata/RHSA-2005:562
reference_id RHSA-2005:562
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:562
5
reference_url https://access.redhat.com/errata/RHSA-2005:567
reference_id RHSA-2005:567
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:567
6
reference_url https://usn.ubuntu.com/224-1/
reference_id USN-224-1
reference_type
scores
url https://usn.ubuntu.com/224-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.4.4-7etch1
purl pkg:deb/debian/krb5@1.4.4-7etch1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sfq-jfju-2uh8
3
vulnerability VCID-1sps-s2a3-wbad
4
vulnerability VCID-1u82-w13p-cfbk
5
vulnerability VCID-2674-wgen-1qbk
6
vulnerability VCID-2ca9-q5cr-guep
7
vulnerability VCID-2dct-5xex-6bhn
8
vulnerability VCID-2pmt-wrh2-kqgp
9
vulnerability VCID-2tn3-dfqx-5yc9
10
vulnerability VCID-2ud2-gzrr-8bb9
11
vulnerability VCID-3d22-kr2u-tuck
12
vulnerability VCID-3df1-58jr-e7gv
13
vulnerability VCID-3jcm-y59r-47a5
14
vulnerability VCID-3tas-mucv-aufk
15
vulnerability VCID-42rr-7ajf-eqg7
16
vulnerability VCID-4mm3-t6eu-4qde
17
vulnerability VCID-53pj-pwxv-qqhv
18
vulnerability VCID-56jv-ftkh-e7bg
19
vulnerability VCID-596a-s3un-vbbc
20
vulnerability VCID-5jja-ssqm-skhu
21
vulnerability VCID-5thq-ff3f-h7f6
22
vulnerability VCID-66wn-48ee-8qd8
23
vulnerability VCID-6jnk-3rfw-nkh8
24
vulnerability VCID-7azb-3ws6-mbh8
25
vulnerability VCID-7ey4-ge6f-9uct
26
vulnerability VCID-7wnb-bhuv-tycp
27
vulnerability VCID-7wvx-d25a-dkfc
28
vulnerability VCID-7yu5-qag8-23cf
29
vulnerability VCID-8fxt-3wg4-dkbb
30
vulnerability VCID-9axv-m7xk-quax
31
vulnerability VCID-a4cc-w95t-8fh6
32
vulnerability VCID-at3s-18x4-n7e2
33
vulnerability VCID-b6a9-hnjx-c3gk
34
vulnerability VCID-bdmc-p544-bfg9
35
vulnerability VCID-bg27-2hv6-m7cx
36
vulnerability VCID-bkdg-dybz-t3fy
37
vulnerability VCID-bkqm-d2bp-f7fe
38
vulnerability VCID-c2t4-3vdu-wqf1
39
vulnerability VCID-c3qw-eazy-nyer
40
vulnerability VCID-c5ev-cgh8-3kda
41
vulnerability VCID-c5he-57zg-fybc
42
vulnerability VCID-ce17-bbd4-tyc1
43
vulnerability VCID-d2qf-r6jd-r3c7
44
vulnerability VCID-d42v-zwu4-a3ge
45
vulnerability VCID-d53g-faqf-gfdp
46
vulnerability VCID-dbaq-qjd2-d7c9
47
vulnerability VCID-e1xu-a882-s3ga
48
vulnerability VCID-ekzs-tuvp-ybfq
49
vulnerability VCID-esm3-3qwz-cud2
50
vulnerability VCID-ezm2-e8zw-g7dg
51
vulnerability VCID-f343-u3jt-pkfy
52
vulnerability VCID-f72c-txrr-ukga
53
vulnerability VCID-fcy5-mv1a-n7dh
54
vulnerability VCID-fvfb-k9ar-93eu
55
vulnerability VCID-g9nw-c9d1-a3er
56
vulnerability VCID-h23e-nhyz-8uda
57
vulnerability VCID-hre7-pp7p-13fs
58
vulnerability VCID-husp-fm64-nfa9
59
vulnerability VCID-j145-f5mp-xkeq
60
vulnerability VCID-j6qa-q1h1-3uaq
61
vulnerability VCID-jbf6-vrjc-syg1
62
vulnerability VCID-jbkg-zyb4-ybdc
63
vulnerability VCID-jfhc-x8j6-yuab
64
vulnerability VCID-ksar-xuza-8kg7
65
vulnerability VCID-kszc-uv1w-syb1
66
vulnerability VCID-ktuq-s8bz-1qam
67
vulnerability VCID-kwy5-x7m9-4qgt
68
vulnerability VCID-m9pf-r95d-4qbx
69
vulnerability VCID-mbrk-dkua-uyeq
70
vulnerability VCID-ny7t-pkm8-2fb4
71
vulnerability VCID-pbeh-n41k-s7au
72
vulnerability VCID-phbg-1ygq-9qb6
73
vulnerability VCID-pj93-uzpy-3bg1
74
vulnerability VCID-pq2d-33kw-ayb7
75
vulnerability VCID-py4d-vrgu-5ueu
76
vulnerability VCID-rgc3-hzw1-3bcp
77
vulnerability VCID-s1hu-g4ns-5ydy
78
vulnerability VCID-sewn-mfcw-gygm
79
vulnerability VCID-t96y-1vd2-fqe3
80
vulnerability VCID-tg7a-etmk-6fea
81
vulnerability VCID-u4y9-vrsc-wbdy
82
vulnerability VCID-ukkj-tn8u-yuab
83
vulnerability VCID-v4b9-7gb8-7kf7
84
vulnerability VCID-vq2w-pgev-f7ha
85
vulnerability VCID-vuzh-e7pz-fqgt
86
vulnerability VCID-vxvk-vwan-ukak
87
vulnerability VCID-wc2t-bbf1-mua5
88
vulnerability VCID-xmhu-nkgw-kybr
89
vulnerability VCID-yejf-124s-hqgx
90
vulnerability VCID-yr93-awkm-v7ay
91
vulnerability VCID-yy22-6ztx-67d4
92
vulnerability VCID-zca5-fvv5-6yeq
93
vulnerability VCID-zqek-558r-wqf8
94
vulnerability VCID-zv6f-cpbv-a7b7
95
vulnerability VCID-zxdc-pv4q-myb6
96
vulnerability VCID-zzy2-uume-kyd8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.4.4-7etch1
aliases CVE-2005-1689
risk_score 0.2
exploitability 0.5
weighted_severity 0.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kva9-fewk-pubw
5
url VCID-vd2y-dd7j-abdm
vulnerability_id VCID-vd2y-dd7j-abdm
summary The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, when running on Linux and AIX, and (b) Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which allows local users to gain privileges by causing setuid to fail to drop privileges using attacks such as resource exhaustion.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3083.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3083.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-3083
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21709
published_at 2026-06-04T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.21787
published_at 2026-06-05T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.21775
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-3083
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3083
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3083
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1618134
reference_id 1618134
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1618134
4
reference_url https://security.gentoo.org/glsa/200608-15
reference_id GLSA-200608-15
reference_type
scores
url https://security.gentoo.org/glsa/200608-15
5
reference_url https://security.gentoo.org/glsa/200608-21
reference_id GLSA-200608-21
reference_type
scores
url https://security.gentoo.org/glsa/200608-21
6
reference_url https://access.redhat.com/errata/RHSA-2006:0612
reference_id RHSA-2006:0612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0612
7
reference_url https://usn.ubuntu.com/334-1/
reference_id USN-334-1
reference_type
scores
url https://usn.ubuntu.com/334-1/
fixed_packages
0
url pkg:deb/debian/krb5@1.4.4-7etch1
purl pkg:deb/debian/krb5@1.4.4-7etch1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11jm-yxbs-1kfj
1
vulnerability VCID-1nn6-mr7d-wyhk
2
vulnerability VCID-1sfq-jfju-2uh8
3
vulnerability VCID-1sps-s2a3-wbad
4
vulnerability VCID-1u82-w13p-cfbk
5
vulnerability VCID-2674-wgen-1qbk
6
vulnerability VCID-2ca9-q5cr-guep
7
vulnerability VCID-2dct-5xex-6bhn
8
vulnerability VCID-2pmt-wrh2-kqgp
9
vulnerability VCID-2tn3-dfqx-5yc9
10
vulnerability VCID-2ud2-gzrr-8bb9
11
vulnerability VCID-3d22-kr2u-tuck
12
vulnerability VCID-3df1-58jr-e7gv
13
vulnerability VCID-3jcm-y59r-47a5
14
vulnerability VCID-3tas-mucv-aufk
15
vulnerability VCID-42rr-7ajf-eqg7
16
vulnerability VCID-4mm3-t6eu-4qde
17
vulnerability VCID-53pj-pwxv-qqhv
18
vulnerability VCID-56jv-ftkh-e7bg
19
vulnerability VCID-596a-s3un-vbbc
20
vulnerability VCID-5jja-ssqm-skhu
21
vulnerability VCID-5thq-ff3f-h7f6
22
vulnerability VCID-66wn-48ee-8qd8
23
vulnerability VCID-6jnk-3rfw-nkh8
24
vulnerability VCID-7azb-3ws6-mbh8
25
vulnerability VCID-7ey4-ge6f-9uct
26
vulnerability VCID-7wnb-bhuv-tycp
27
vulnerability VCID-7wvx-d25a-dkfc
28
vulnerability VCID-7yu5-qag8-23cf
29
vulnerability VCID-8fxt-3wg4-dkbb
30
vulnerability VCID-9axv-m7xk-quax
31
vulnerability VCID-a4cc-w95t-8fh6
32
vulnerability VCID-at3s-18x4-n7e2
33
vulnerability VCID-b6a9-hnjx-c3gk
34
vulnerability VCID-bdmc-p544-bfg9
35
vulnerability VCID-bg27-2hv6-m7cx
36
vulnerability VCID-bkdg-dybz-t3fy
37
vulnerability VCID-bkqm-d2bp-f7fe
38
vulnerability VCID-c2t4-3vdu-wqf1
39
vulnerability VCID-c3qw-eazy-nyer
40
vulnerability VCID-c5ev-cgh8-3kda
41
vulnerability VCID-c5he-57zg-fybc
42
vulnerability VCID-ce17-bbd4-tyc1
43
vulnerability VCID-d2qf-r6jd-r3c7
44
vulnerability VCID-d42v-zwu4-a3ge
45
vulnerability VCID-d53g-faqf-gfdp
46
vulnerability VCID-dbaq-qjd2-d7c9
47
vulnerability VCID-e1xu-a882-s3ga
48
vulnerability VCID-ekzs-tuvp-ybfq
49
vulnerability VCID-esm3-3qwz-cud2
50
vulnerability VCID-ezm2-e8zw-g7dg
51
vulnerability VCID-f343-u3jt-pkfy
52
vulnerability VCID-f72c-txrr-ukga
53
vulnerability VCID-fcy5-mv1a-n7dh
54
vulnerability VCID-fvfb-k9ar-93eu
55
vulnerability VCID-g9nw-c9d1-a3er
56
vulnerability VCID-h23e-nhyz-8uda
57
vulnerability VCID-hre7-pp7p-13fs
58
vulnerability VCID-husp-fm64-nfa9
59
vulnerability VCID-j145-f5mp-xkeq
60
vulnerability VCID-j6qa-q1h1-3uaq
61
vulnerability VCID-jbf6-vrjc-syg1
62
vulnerability VCID-jbkg-zyb4-ybdc
63
vulnerability VCID-jfhc-x8j6-yuab
64
vulnerability VCID-ksar-xuza-8kg7
65
vulnerability VCID-kszc-uv1w-syb1
66
vulnerability VCID-ktuq-s8bz-1qam
67
vulnerability VCID-kwy5-x7m9-4qgt
68
vulnerability VCID-m9pf-r95d-4qbx
69
vulnerability VCID-mbrk-dkua-uyeq
70
vulnerability VCID-ny7t-pkm8-2fb4
71
vulnerability VCID-pbeh-n41k-s7au
72
vulnerability VCID-phbg-1ygq-9qb6
73
vulnerability VCID-pj93-uzpy-3bg1
74
vulnerability VCID-pq2d-33kw-ayb7
75
vulnerability VCID-py4d-vrgu-5ueu
76
vulnerability VCID-rgc3-hzw1-3bcp
77
vulnerability VCID-s1hu-g4ns-5ydy
78
vulnerability VCID-sewn-mfcw-gygm
79
vulnerability VCID-t96y-1vd2-fqe3
80
vulnerability VCID-tg7a-etmk-6fea
81
vulnerability VCID-u4y9-vrsc-wbdy
82
vulnerability VCID-ukkj-tn8u-yuab
83
vulnerability VCID-v4b9-7gb8-7kf7
84
vulnerability VCID-vq2w-pgev-f7ha
85
vulnerability VCID-vuzh-e7pz-fqgt
86
vulnerability VCID-vxvk-vwan-ukak
87
vulnerability VCID-wc2t-bbf1-mua5
88
vulnerability VCID-xmhu-nkgw-kybr
89
vulnerability VCID-yejf-124s-hqgx
90
vulnerability VCID-yr93-awkm-v7ay
91
vulnerability VCID-yy22-6ztx-67d4
92
vulnerability VCID-zca5-fvv5-6yeq
93
vulnerability VCID-zqek-558r-wqf8
94
vulnerability VCID-zv6f-cpbv-a7b7
95
vulnerability VCID-zxdc-pv4q-myb6
96
vulnerability VCID-zzy2-uume-kyd8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.4.4-7etch1
aliases CVE-2006-3083
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vd2y-dd7j-abdm
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/krb5@1.4.4-7etch1