samba vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the samba package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • C
Directory Traversal

<2:4.17.12+dfsg-0+deb12u1
  • M
Out-of-bounds Write

<2:4.17.12+dfsg-0+deb12u1
  • M
Incorrect Default Permissions

<2:4.17.12+dfsg-0+deb12u1
  • M
CVE-2023-42670

<2:4.17.12+dfsg-0+deb12u1
  • M
CVE-2023-42669

<2:4.17.12+dfsg-0+deb12u1
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

<2:4.17.10+dfsg-0+deb12u1
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<2:4.17.10+dfsg-0+deb12u1
  • M
Information Exposure

<2:4.17.10+dfsg-0+deb12u1
  • M
Improper Verification of Cryptographic Signature

<2:4.17.10+dfsg-0+deb12u1
  • M
Out-of-bounds Read

<2:4.17.10+dfsg-0+deb12u1
  • H
Access Restriction Bypass

<2:4.17.8+dfsg-1
  • M
Cleartext Transmission of Sensitive Information

<2:4.17.7+dfsg-1
  • M
Incorrect Permission Assignment for Critical Resource

<2:4.17.7+dfsg-1
  • M
Cleartext Storage of Sensitive Information

<2:4.17.7+dfsg-1
  • L
Missing Authorization

*
  • H
CVE-2022-37967

<2:4.17.4+dfsg-1
  • H
CVE-2022-38023

<2:4.17.4+dfsg-1
  • C
Inadequate Encryption Strength

<2:4.16.0+dfsg-2
  • H
CVE-2022-37966

<2:4.17.4+dfsg-1
  • H
Integer Overflow or Wraparound

<2:4.17.3+dfsg-1
  • C
CVE-2022-44640

<2:4.17.4+dfsg-1
  • M
Heap-based Buffer Overflow

<2:4.16.6+dfsg-1
  • M
Race Condition

<2:4.17.2+dfsg-3
  • M
Use of Insufficiently Random Values

<2:4.16.5+dfsg-2
  • H
Incorrect Default Permissions

<2:4.17.2+dfsg-3
  • H
Improper Authentication

<2:4.16.4+dfsg-1
  • M
Use After Free

<2:4.16.4+dfsg-1
  • H
Authentication Bypass

<2:4.16.4+dfsg-1
  • H
Out-of-bounds Read

<2:4.16.4+dfsg-1
  • M
CVE-2022-32742

<2:4.16.4+dfsg-1
  • M
CVE-2021-3670

<2:4.16.0+dfsg-2
  • M
Link Following

<2:4.16.0+dfsg-2
  • H
Out-of-bounds Read

<2:4.16.0+dfsg-2
  • H
Incorrect Default Permissions

<2:4.16.0+dfsg-2
  • M
Race Condition

<2:4.16.0+dfsg-2
  • L
Race Condition

<2:4.16.0+dfsg-2
  • H
Improper Input Validation

<2:4.13.14+dfsg-1
  • H
Incorrect Authorization

<2:4.13.14+dfsg-1
  • H
CVE-2021-23192

<2:4.13.14+dfsg-1
  • H
Missing Authorization

<2:4.13.14+dfsg-1
  • H
Use After Free

<2:4.13.14+dfsg-1
  • H
Improper Input Validation

<2:4.13.14+dfsg-1
  • H
Race Condition

<2:4.13.14+dfsg-1
  • M
Improper Authentication

<2:4.13.14+dfsg-1
  • M
NULL Pointer Dereference

<2:4.13.13+dfsg-1
  • M
Out-of-bounds Read

<2:4.13.5+dfsg-2
  • L
Out-of-bounds Read

<2:4.13.13+dfsg-1
  • L
Out-of-bounds Read

<2:4.13.13+dfsg-1
  • M
CVE-2020-14383

<2:4.13.2+dfsg-2
  • M
NULL Pointer Dereference

<2:4.13.2+dfsg-2
  • M
Incorrect Privilege Assignment

<2:4.13.2+dfsg-2
  • M
Improper Privilege Management

<2:4.13.2+dfsg-2
  • H
Improper Input Validation

<2:4.12.5+dfsg-1
  • M
NULL Pointer Dereference

<2:4.12.5+dfsg-1
  • H
Resource Exhaustion

<2:4.12.5+dfsg-1
  • M
Use After Free

<2:4.12.5+dfsg-1
  • H
Buffer Overflow

<2:4.12.3+dfsg-2
  • M
Use After Free

<2:4.12.3+dfsg-2
  • M
Use After Free

<2:4.11.5+dfsg-1
  • M
CVE-2019-14902

<2:4.11.5+dfsg-1
  • M
Out-of-bounds Read

<2:4.11.5+dfsg-1
  • M
Improper Authentication

<2:4.11.3+dfsg-1
  • M
Incorrect Default Permissions

<2:4.11.3+dfsg-1
  • M
Directory Traversal

<2:4.11.1+dfsg-2
  • M
Weak Password Requirements

<2:4.11.1+dfsg-2
  • M
NULL Pointer Dereference

<2:4.11.0+dfsg-6
  • C
Directory Traversal

<2:4.9.13+dfsg-1
  • M
NULL Pointer Dereference

<2:4.9.5+dfsg-5
  • H
Improperly Implemented Security Check for Standard

<2:4.9.5+dfsg-4
  • M
Incorrect Default Permissions

<2:4.9.5+dfsg-3
  • M
Directory Traversal

<2:4.9.5+dfsg-3
  • L
Out-of-bounds Read

<2:4.9.5+dfsg-1
  • M
Improperly Implemented Security Check for Standard

<2:4.9.2+dfsg-2
  • L
Resource Exhaustion

<2:4.9.2+dfsg-2
  • M
Double Free

<2:4.9.2+dfsg-2
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<2:4.9.2+dfsg-2
  • M
NULL Pointer Dereference

<2:4.9.2+dfsg-2
  • M
NULL Pointer Dereference

<2:4.9.2+dfsg-2
  • M
Improper Input Validation

<2:4.8.4+dfsg-1
  • M
Information Exposure

<2:4.8.4+dfsg-1
  • H
Insufficiently Protected Credentials

<2:4.8.4+dfsg-1
  • H
Out-of-Bounds

<2:4.8.4+dfsg-1
  • M
NULL Pointer Dereference

<2:4.8.4+dfsg-1
  • H
Out-of-Bounds

<2:4.5.2+dfsg-2
  • M
Improper Input Validation

<2:4.5.2+dfsg-2
  • H
Cryptographic Issues

<2:4.6.7+dfsg-2
  • H
CVE-2017-12150

<2:4.6.7+dfsg-2
  • H
Information Exposure

<2:4.6.7+dfsg-2
  • L
Race Condition

<2:3.4.7~dfsg-2
  • M
NULL Pointer Dereference

<2:4.7.4+dfsg-2
  • H
Incorrect Authorization

<2:4.7.4+dfsg-2
  • H
Race Condition

<2:4.5.6+dfsg-2
  • H
Out-of-Bounds

<2:4.7.1+dfsg-2
  • C
Use After Free

<2:4.7.1+dfsg-2
  • H
Insufficient Verification of Data Authenticity

<2:4.6.5+dfsg-4
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<2:4.5.6+dfsg-1
  • C
Arbitrary Code Injection

<2:4.5.8+dfsg-2
  • M
Access Restriction Bypass

<2:4.5.2+dfsg-2
  • H
Improper Access Control

<2:4.4.5+dfsg-1
  • M
Security Features

<2:4.3.7+dfsg-1
  • H
Cryptographic Issues

<2:4.3.7+dfsg-1
  • M
Security Features

<2:4.3.7+dfsg-1
  • M
CVE-2015-5370

<2:4.3.7+dfsg-1
  • M
Security Features

<2:4.3.7+dfsg-1
  • M
Security Features

<2:4.3.7+dfsg-1
  • M
Security Features

<2:4.3.7+dfsg-1
  • H
Security Features

<2:4.3.7+dfsg-1
  • M
Out-of-Bounds

<2:4.3.6+dfsg-1
  • M
Improper Access Control

<2:4.3.6+dfsg-1
  • H
Access Restriction Bypass

<2:4.1.22+dfsg-1
  • H
Information Exposure

<2:4.1.22+dfsg-1
  • H
Access Restriction Bypass

<2:4.1.22+dfsg-1
  • M
Numeric Errors

<2:4.1.22+dfsg-1
  • H
Resource Management Errors

<2:4.1.22+dfsg-1
  • M
Information Exposure

<2:4.1.22+dfsg-1
  • M
Improper Input Validation

<2:4.1.22+dfsg-1
  • C
Code

<2:4.1.17+dfsg-1
  • H
Access Restriction Bypass

<2:4.1.17+dfsg-1
  • H
Arbitrary Code Injection

<2:4.1.11+dfsg-1
  • M
Improper Input Validation

<2:4.1.9+dfsg-1
  • L
Out-of-Bounds

<2:4.1.9+dfsg-1
  • M
Improper Input Validation

<2:4.1.8+dfsg-1
  • L
CVE-2014-0178

<2:4.1.8+dfsg-1
  • L
Credentials Management

<2:4.1.6+dfsg-1
  • L
Access Restriction Bypass

<2:4.1.6+dfsg-1
  • H
Out-of-Bounds

<2:4.0.13+dfsg-1
  • L
Improper Input Validation

<2:4.0.13+dfsg-1
  • L
Cryptographic Issues

<2:4.0.11+dfsg-1
  • L
Access Restriction Bypass

<2:4.0.11+dfsg-1
  • L
Numeric Errors

<2:3.6.17-1
  • M
Access Restriction Bypass

<2:3.6.6-1
  • M
Cross-site Request Forgery (CSRF)

<2:3.6.6-5
  • M
Improper Input Validation

<2:3.6.6-5
  • M
Access Restriction Bypass

<2:3.6.5-1
  • C
Numeric Errors

<2:3.6.4-1
  • H
Out-of-Bounds

<2:3.4.0~pre1-1
  • L
Information Exposure

<2:3.6.3-1
  • L
Improper Input Validation

<2:3.4.7~dfsg-2
  • L
Cross-site Request Forgery (CSRF)

<2:3.5.10~dfsg-1
  • L
Cross-site Scripting (XSS)

<2:3.5.10~dfsg-1
  • L
Improper Input Validation

<2:3.4.7~dfsg-2
  • M
Out-of-Bounds

<2:3.5.7~dfsg-1
  • H
Out-of-Bounds

<2:3.5.5~dfsg-1
  • H
Out-of-Bounds

<2:3.4.0~pre1-1
  • L
CVE-2010-1635

<2:3.6.1-2
  • L
Out-of-Bounds

<2:3.5.4~dfsg-2
  • L
Directory Traversal

<2:3.4.6~dfsg-1
  • H
Access Restriction Bypass

<2:3.4.7~dfsg-1
  • M
Link Following

<2:3.4.5~dfsg-2
  • M
Improper Input Validation

<2:3.4.5~dfsg-2
  • M
Access Restriction Bypass

<2:3.4.2-1
  • L
CVE-2009-2906

<2:3.4.2-1
  • M
Access Restriction Bypass

<2:3.4.2-1
  • H
Use of Externally-Controlled Format String

<2:3.3.6-1
  • L
Access Restriction Bypass

<2:3.3.6-1
  • M
Improper Input Validation

<2:3.2.5-3
  • H
Information Exposure

<2:3.2.5-1
  • M
Access Restriction Bypass

<2:3.2.3-1
  • M
Out-of-Bounds

<1:3.0.30-1
  • H
Out-of-Bounds

<3.0.28-1
  • H
Out-of-Bounds

<3.0.27-1
  • H
Out-of-Bounds

<3.0.27-1
  • H
Access Restriction Bypass

<3.0.26-1
  • H
CVE-2007-2444

<3.0.25-1
  • H
Out-of-Bounds

<3.0.25-1
  • H
CVE-2007-2447

<3.0.25-1
  • L
CVE-2007-0452

<3.0.23d-5
  • M
Use of Externally-Controlled Format String

<3.0.23d-5
  • M
CVE-2006-3403

<3.0.23a-1
  • L
CVE-2006-1059

<3.0.22-1
  • C
CVE-2004-0882

<3.0.7
  • M
CVE-2004-0930

<3.0.8-1
  • C
CVE-2004-1154

<3.0.10-1
  • M
CVE-2004-2546

<3.0.6-1
  • M
CVE-2004-0829

<2.2.11
  • M
CVE-2004-0808

<3.0.7
  • H
CVE-2004-0815

<3.0.6-1
  • M
CVE-2004-0807

<3.0.7
  • M
CVE-2004-0686

<3.0.5
  • C
CVE-2004-0600

<3.0.5
  • H
CVE-2004-0186

<3.0.2-2
  • H
CVE-2004-0082

<3.0.7
  • C
CVE-2003-0201

<3.0
  • C
CVE-2003-0196

<3.0
  • L
CVE-2003-0086

<2.2.8
  • C
CVE-2003-0085

<2.2.8
  • H
Out-of-Bounds

<2.2.5
  • C
CVE-2002-1318

<2.2.7