samba vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the samba package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M CVE-2021-3670	*
M Link Following	*
H Out-of-bounds Read	*
H Incorrect Default Permissions	*
M Race Condition	*
L Race Condition	*
H Improper Input Validation	*
H Incorrect Authorization	*
H Missing Authorization	*
H Use After Free	*
H Improper Input Validation	*
H Race Condition	*
M Improper Authentication	*
L NULL Pointer Dereference	*
M Out-of-bounds Read	<2:4.5.16+dfsg-1+deb9u4
L Out-of-bounds Read	*
L Out-of-bounds Read	*
M CVE-2020-14383	<2:4.5.16+dfsg-1+deb9u3
M NULL Pointer Dereference	<2:4.5.16+dfsg-1+deb9u3
M Incorrect Privilege Assignment	<2:4.5.16+dfsg-1+deb9u3
M Improper Privilege Management	<2:4.5.16+dfsg-1+deb9u3
H Improper Input Validation	<2:4.5.16+dfsg-1+deb9u3
M NULL Pointer Dereference	<2:4.5.16+dfsg-1+deb9u3
H Resource Exhaustion	<2:4.5.16+dfsg-1+deb9u3
M Use After Free	<2:4.5.16+dfsg-1+deb9u3
H Buffer Overflow	<2:4.5.16+dfsg-1+deb9u3
M CVE-2019-14902	<2:4.5.16+dfsg-1+deb9u4
M Out-of-bounds Read	<2:4.5.16+dfsg-1+deb9u4
M Improper Authentication	<2:4.5.16+dfsg-1+deb9u4
M Incorrect Default Permissions	<2:4.5.16+dfsg-1+deb9u4
M Directory Traversal	<2:4.5.16+dfsg-1+deb9u4
M Weak Password Requirements	<2:4.5.16+dfsg-1+deb9u4
M NULL Pointer Dereference	<2:4.5.16+dfsg-1+deb9u4
H Improperly Implemented Security Check for Standard	<2:4.5.16+dfsg-1+deb9u2
M Directory Traversal	<2:4.5.16+dfsg-1+deb9u1
L Out-of-bounds Read	*
M Double Free	<2:4.5.12+dfsg-2+deb9u4
M Loop with Unreachable Exit Condition ('Infinite Loop')	<2:4.5.12+dfsg-2+deb9u4
M NULL Pointer Dereference	<2:4.5.12+dfsg-2+deb9u4
M Information Exposure	<2:4.5.12+dfsg-2+deb9u3
H Out-of-Bounds	<2:4.5.12+dfsg-2+deb9u3
H Out-of-Bounds	<2:4.5.2+dfsg-2
M Improper Input Validation	<2:4.5.2+dfsg-2
H Cryptographic Issues	<2:4.5.8+dfsg-2+deb9u2
H CVE-2017-12150	<2:4.5.8+dfsg-2+deb9u2
H Information Exposure	<2:4.5.8+dfsg-2+deb9u2
L Race Condition	<2:3.4.7~dfsg-2
H Incorrect Authorization	<2:4.5.12+dfsg-2+deb9u2
M NULL Pointer Dereference	<2:4.5.12+dfsg-2+deb9u2
H Race Condition	<2:4.5.6+dfsg-2
H Out-of-Bounds	<2:4.5.12+dfsg-2+deb9u1
C Use After Free	<2:4.5.12+dfsg-2+deb9u1
H Insufficient Verification of Data Authenticity	<2:4.5.8+dfsg-2+deb9u1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<2:4.5.6+dfsg-1
C Arbitrary Code Injection	<2:4.5.8+dfsg-2
M Access Restriction Bypass	<2:4.5.2+dfsg-2
H Improper Access Control	<2:4.4.5+dfsg-1
M Security Features	<2:4.3.7+dfsg-1
M CVE-2015-5370	<2:4.3.7+dfsg-1
M Security Features	<2:4.3.7+dfsg-1
M Security Features	<2:4.3.7+dfsg-1
H Cryptographic Issues	<2:4.3.7+dfsg-1
M Security Features	<2:4.3.7+dfsg-1
M Security Features	<2:4.3.7+dfsg-1
H Security Features	<2:4.3.7+dfsg-1
M Improper Access Control	<2:4.3.6+dfsg-1
M Out-of-Bounds	<2:4.3.6+dfsg-1
H Access Restriction Bypass	<2:4.1.22+dfsg-1
H Access Restriction Bypass	<2:4.1.22+dfsg-1
M Information Exposure	<2:4.1.22+dfsg-1
H Information Exposure	<2:4.1.22+dfsg-1
H Resource Management Errors	<2:4.1.22+dfsg-1
M Numeric Errors	<2:4.1.22+dfsg-1
M Improper Input Validation	<2:4.1.22+dfsg-1
C Code	<2:4.1.17+dfsg-1
H Access Restriction Bypass	<2:4.1.17+dfsg-1
H Arbitrary Code Injection	<2:4.1.11+dfsg-1
M Improper Input Validation	<2:4.1.9+dfsg-1
L Out-of-Bounds	<2:4.1.9+dfsg-1
M Improper Input Validation	<2:4.1.8+dfsg-1
L CVE-2014-0178	<2:4.1.8+dfsg-1
L Credentials Management	<2:4.1.6+dfsg-1
L Access Restriction Bypass	<2:4.1.6+dfsg-1
H Out-of-Bounds	<2:4.0.13+dfsg-1
L Improper Input Validation	<2:4.0.13+dfsg-1
L Access Restriction Bypass	<2:4.0.11+dfsg-1
L Cryptographic Issues	<2:4.0.11+dfsg-1
L Numeric Errors	<2:3.6.17-1
M Access Restriction Bypass	<2:3.6.6-1
M Improper Input Validation	<2:3.6.6-5
M Cross-site Request Forgery (CSRF)	<2:3.6.6-5
M Access Restriction Bypass	<2:3.6.5-1
C Numeric Errors	<2:3.6.4-1
H Out-of-Bounds	<2:3.4.0~pre1-1
L Information Exposure	<2:3.6.3-1
L Improper Input Validation	<2:3.4.7~dfsg-2
L Cross-site Request Forgery (CSRF)	<2:3.5.10~dfsg-1
L Cross-site Scripting (XSS)	<2:3.5.10~dfsg-1
L Improper Input Validation	<2:3.4.7~dfsg-2
M Out-of-Bounds	<2:3.5.7~dfsg-1
H Out-of-Bounds	<2:3.5.5~dfsg-1
H Out-of-Bounds	<2:3.4.0~pre1-1
L Out-of-Bounds	<2:3.5.4~dfsg-2
L CVE-2010-1635	<2:3.6.1-2
H Access Restriction Bypass	<2:3.4.7~dfsg-1
L Directory Traversal	<2:3.4.6~dfsg-1
M Link Following	<2:3.4.5~dfsg-2
M Improper Input Validation	<2:3.4.5~dfsg-2
L CVE-2009-2906	<2:3.4.2-1
M Access Restriction Bypass	<2:3.4.2-1
M Access Restriction Bypass	<2:3.4.2-1
L Access Restriction Bypass	<2:3.3.6-1
H Use of Externally-Controlled Format String	<2:3.3.6-1
M Improper Input Validation	<2:3.2.5-3
H Information Exposure	<2:3.2.5-1
M Access Restriction Bypass	<2:3.2.3-1
M Out-of-Bounds	<1:3.0.30-1
H Out-of-Bounds	<3.0.28-1
H Out-of-Bounds	<3.0.27-1
H Out-of-Bounds	<3.0.27-1
H Access Restriction Bypass	<3.0.26-1
H CVE-2007-2447	<3.0.25-1
H CVE-2007-2444	<3.0.25-1
H Out-of-Bounds	<3.0.25-1
M Use of Externally-Controlled Format String	<3.0.23d-5
L CVE-2007-0452	<3.0.23d-5
M CVE-2006-3403	<3.0.23a-1
L CVE-2006-1059	<3.0.22-1
M CVE-2004-0930	<3.0.8-1
C CVE-2004-0882	<3.0.7
C CVE-2004-1154	<3.0.10-1
M CVE-2004-0829	<2.2.11
M CVE-2004-0808	<3.0.7
M CVE-2004-2546	<3.0.6-1
H CVE-2004-0815	<3.0.6-1
M CVE-2004-0807	<3.0.7
M CVE-2004-0686	<3.0.5
C CVE-2004-0600	<3.0.5
H CVE-2004-0186	<3.0.2-2
H CVE-2004-0082	<3.0.7
C CVE-2003-0201	<3.0
C CVE-2003-0196	<3.0
L CVE-2003-0086	<2.2.8
C CVE-2003-0085	<2.2.8
H Out-of-Bounds	<2.2.5
C CVE-2002-1318	<2.2.7

Vulnerability

Vulnerable Version

CVE-2021-3670