samba vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the samba package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Out-of-bounds Write

*
  • M
Incorrect Default Permissions

<2:4.9.5+dfsg-5+deb10u5
  • M
CVE-2023-42669

*
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Information Exposure

*
  • M
Out-of-bounds Read

<2:4.9.5+dfsg-5+deb10u5
  • H
Access Restriction Bypass

*
  • M
Cleartext Transmission of Sensitive Information

*
  • M
Incorrect Permission Assignment for Critical Resource

*
  • M
Cleartext Storage of Sensitive Information

*
  • M
Missing Authorization

*
  • H
CVE-2022-37967

*
  • H
CVE-2022-38023

*
  • C
Inadequate Encryption Strength

*
  • H
CVE-2022-37966

*
  • H
Integer Overflow or Wraparound

*
  • C
CVE-2022-44640

*
  • M
Heap-based Buffer Overflow

<2:4.9.5+dfsg-5+deb10u5
  • M
Race Condition

*
  • H
Incorrect Default Permissions

*
  • L
Improper Authentication

*
  • L
Use After Free

*
  • L
Authentication Bypass

*
  • M
CVE-2022-32742

<2:4.9.5+dfsg-5+deb10u5
  • L
CVE-2021-3670

*
  • L
Link Following

*
  • H
Out-of-bounds Read

<2:4.9.5+dfsg-5+deb10u3
  • L
Incorrect Default Permissions

*
  • L
Race Condition

*
  • L
Race Condition

*
  • H
Improper Input Validation

<2:4.9.5+dfsg-5+deb10u2
  • H
Incorrect Authorization

*
  • H
Missing Authorization

*
  • H
Use After Free

*
  • H
Improper Input Validation

*
  • H
Race Condition

*
  • M
Improper Authentication

<2:4.9.5+dfsg-5+deb10u4
  • M
NULL Pointer Dereference

*
  • L
Out-of-bounds Read

*
  • L
Out-of-bounds Read

*
  • L
Out-of-bounds Read

*
  • M
CVE-2020-14383

<2:4.9.5+dfsg-5+deb10u5
  • M
NULL Pointer Dereference

<2:4.9.5+dfsg-5+deb10u5
  • M
Incorrect Privilege Assignment

<2:4.9.5+dfsg-5+deb10u5
  • M
Improper Privilege Management

*
  • L
Improper Input Validation

*
  • L
NULL Pointer Dereference

*
  • L
Resource Exhaustion

*
  • L
Use After Free

*
  • H
Buffer Overflow

*
  • M
Use After Free

<2:4.9.5+dfsg-5+deb10u4
  • M
CVE-2019-14902

<2:4.9.5+dfsg-5+deb10u4
  • M
Out-of-bounds Read

<2:4.9.5+dfsg-5+deb10u4
  • M
Improper Authentication

*
  • M
Incorrect Default Permissions

*
  • M
Directory Traversal

<2:4.9.5+dfsg-5+deb10u4
  • M
Weak Password Requirements

<2:4.9.5+dfsg-5+deb10u4
  • M
NULL Pointer Dereference

<2:4.9.5+dfsg-5+deb10u4
  • C
Directory Traversal

<2:4.9.5+dfsg-5+deb10u1
  • M
NULL Pointer Dereference

<2:4.9.5+dfsg-5
  • H
Improperly Implemented Security Check for Standard

<2:4.9.5+dfsg-4
  • M
Incorrect Default Permissions

<2:4.9.5+dfsg-3
  • M
Directory Traversal

<2:4.9.5+dfsg-3
  • L
Out-of-bounds Read

<2:4.9.5+dfsg-1
  • L
Resource Exhaustion

<2:4.9.2+dfsg-2
  • M
Improperly Implemented Security Check for Standard

<2:4.9.2+dfsg-2
  • M
Double Free

<2:4.9.2+dfsg-2
  • M
NULL Pointer Dereference

<2:4.9.2+dfsg-2
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<2:4.9.2+dfsg-2
  • M
NULL Pointer Dereference

<2:4.9.2+dfsg-2
  • M
Improper Input Validation

<2:4.8.4+dfsg-1
  • M
Information Exposure

<2:4.8.4+dfsg-1
  • H
Insufficiently Protected Credentials

<2:4.8.4+dfsg-1
  • H
Out-of-Bounds

<2:4.8.4+dfsg-1
  • M
NULL Pointer Dereference

<2:4.8.4+dfsg-1
  • H
Out-of-Bounds

<2:4.5.2+dfsg-2
  • M
Improper Input Validation

<2:4.5.2+dfsg-2
  • H
Cryptographic Issues

<2:4.6.7+dfsg-2
  • H
CVE-2017-12150

<2:4.6.7+dfsg-2
  • H
Information Exposure

<2:4.6.7+dfsg-2
  • L
Race Condition

<2:3.4.7~dfsg-2
  • H
Incorrect Authorization

<2:4.7.4+dfsg-2
  • M
NULL Pointer Dereference

<2:4.7.4+dfsg-2
  • H
Race Condition

<2:4.5.6+dfsg-2
  • C
Use After Free

<2:4.7.1+dfsg-2
  • H
Out-of-Bounds

<2:4.7.1+dfsg-2
  • H
Insufficient Verification of Data Authenticity

<2:4.6.5+dfsg-4
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<2:4.5.6+dfsg-1
  • C
Arbitrary Code Injection

<2:4.5.8+dfsg-2
  • M
Access Restriction Bypass

<2:4.5.2+dfsg-2
  • H
Improper Access Control

<2:4.4.5+dfsg-1
  • M
Security Features

<2:4.3.7+dfsg-1
  • M
CVE-2015-5370

<2:4.3.7+dfsg-1
  • M
Security Features

<2:4.3.7+dfsg-1
  • M
Security Features

<2:4.3.7+dfsg-1
  • M
Security Features

<2:4.3.7+dfsg-1
  • M
Security Features

<2:4.3.7+dfsg-1
  • H
Cryptographic Issues

<2:4.3.7+dfsg-1
  • H
Security Features

<2:4.3.7+dfsg-1
  • M
Out-of-Bounds

<2:4.3.6+dfsg-1
  • M
Improper Access Control

<2:4.3.6+dfsg-1
  • M
Numeric Errors

<2:4.1.22+dfsg-1
  • M
Information Exposure

<2:4.1.22+dfsg-1
  • H
Information Exposure

<2:4.1.22+dfsg-1
  • H
Resource Management Errors

<2:4.1.22+dfsg-1
  • M
Improper Input Validation

<2:4.1.22+dfsg-1
  • H
Access Restriction Bypass

<2:4.1.22+dfsg-1
  • H
Access Restriction Bypass

<2:4.1.22+dfsg-1
  • C
Code

<2:4.1.17+dfsg-1
  • H
Access Restriction Bypass

<2:4.1.17+dfsg-1
  • H
Arbitrary Code Injection

<2:4.1.11+dfsg-1
  • M
Improper Input Validation

<2:4.1.9+dfsg-1
  • L
Out-of-Bounds

<2:4.1.9+dfsg-1
  • M
Improper Input Validation

<2:4.1.8+dfsg-1
  • L
CVE-2014-0178

<2:4.1.8+dfsg-1
  • L
Credentials Management

<2:4.1.6+dfsg-1
  • L
Access Restriction Bypass

<2:4.1.6+dfsg-1
  • H
Out-of-Bounds

<2:4.0.13+dfsg-1
  • L
Improper Input Validation

<2:4.0.13+dfsg-1
  • L
Cryptographic Issues

<2:4.0.11+dfsg-1
  • L
Access Restriction Bypass

<2:4.0.11+dfsg-1
  • L
Numeric Errors

<2:3.6.17-1
  • M
Access Restriction Bypass

<2:3.6.6-1
  • M
Cross-site Request Forgery (CSRF)

<2:3.6.6-5
  • M
Improper Input Validation

<2:3.6.6-5
  • M
Access Restriction Bypass

<2:3.6.5-1
  • C
Numeric Errors

<2:3.6.4-1
  • H
Out-of-Bounds

<2:3.4.0~pre1-1
  • L
Information Exposure

<2:3.6.3-1
  • L
Improper Input Validation

<2:3.4.7~dfsg-2
  • L
Cross-site Request Forgery (CSRF)

<2:3.5.10~dfsg-1
  • L
Cross-site Scripting (XSS)

<2:3.5.10~dfsg-1
  • L
Improper Input Validation

<2:3.4.7~dfsg-2
  • M
Out-of-Bounds

<2:3.5.7~dfsg-1
  • H
Out-of-Bounds

<2:3.5.5~dfsg-1
  • L
CVE-2010-1635

<2:3.6.1-2
  • H
Out-of-Bounds

<2:3.4.0~pre1-1
  • L
Out-of-Bounds

<2:3.5.4~dfsg-2
  • H
Access Restriction Bypass

<2:3.4.7~dfsg-1
  • L
Directory Traversal

<2:3.4.6~dfsg-1
  • M
Link Following

<2:3.4.5~dfsg-2
  • M
Improper Input Validation

<2:3.4.5~dfsg-2
  • L
CVE-2009-2906

<2:3.4.2-1
  • M
Access Restriction Bypass

<2:3.4.2-1
  • M
Access Restriction Bypass

<2:3.4.2-1
  • H
Use of Externally-Controlled Format String

<2:3.3.6-1
  • L
Access Restriction Bypass

<2:3.3.6-1
  • M
Improper Input Validation

<2:3.2.5-3
  • H
Information Exposure

<2:3.2.5-1
  • M
Access Restriction Bypass

<2:3.2.3-1
  • M
Out-of-Bounds

<1:3.0.30-1
  • H
Out-of-Bounds

<3.0.28-1
  • H
Out-of-Bounds

<3.0.27-1
  • H
Out-of-Bounds

<3.0.27-1
  • H
Access Restriction Bypass

<3.0.26-1
  • H
CVE-2007-2447

<3.0.25-1
  • H
Out-of-Bounds

<3.0.25-1
  • H
CVE-2007-2444

<3.0.25-1
  • L
CVE-2007-0452

<3.0.23d-5
  • M
Use of Externally-Controlled Format String

<3.0.23d-5
  • M
CVE-2006-3403

<3.0.23a-1
  • L
CVE-2006-1059

<3.0.22-1
  • M
CVE-2004-0930

<3.0.8-1
  • C
CVE-2004-0882

<3.0.7
  • C
CVE-2004-1154

<3.0.10-1
  • M
CVE-2004-2546

<3.0.6-1
  • M
CVE-2004-0808

<3.0.7
  • M
CVE-2004-0829

<2.2.11
  • H
CVE-2004-0815

<3.0.6-1
  • M
CVE-2004-0807

<3.0.7
  • C
CVE-2004-0600

<3.0.5
  • M
CVE-2004-0686

<3.0.5
  • H
CVE-2004-0186

<3.0.2-2
  • H
CVE-2004-0082

<3.0.7
  • C
CVE-2003-0201

<3.0
  • C
CVE-2003-0196

<3.0
  • L
CVE-2003-0086

<2.2.8
  • C
CVE-2003-0085

<2.2.8
  • H
Out-of-Bounds

<2.2.5
  • C
CVE-2002-1318

<2.2.7