samba vulnerabilities

Known vulnerabilities in the samba package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M CVE-2021-3670	*
M Link Following	*
H Out-of-bounds Read	*
H Incorrect Default Permissions	*
M Race Condition	*
L Race Condition	*
H Improper Input Validation	*
H Incorrect Authorization	*
H Missing Authorization	*
H Use After Free	*
H Improper Input Validation	*
H Race Condition	*
M Improper Authentication	*
L NULL Pointer Dereference	*
M Out-of-bounds Read	<2:4.5.16+dfsg-1+deb9u4
L Out-of-bounds Read	*
L Out-of-bounds Read	*
M CVE-2020-14383	<2:4.5.16+dfsg-1+deb9u3
M NULL Pointer Dereference	<2:4.5.16+dfsg-1+deb9u3
M Incorrect Privilege Assignment	<2:4.5.16+dfsg-1+deb9u3
M Improper Privilege Management	<2:4.5.16+dfsg-1+deb9u3
H Improper Input Validation	<2:4.5.16+dfsg-1+deb9u3
M NULL Pointer Dereference	<2:4.5.16+dfsg-1+deb9u3
H Resource Exhaustion	<2:4.5.16+dfsg-1+deb9u3
M Use After Free	<2:4.5.16+dfsg-1+deb9u3
H Buffer Overflow	<2:4.5.16+dfsg-1+deb9u3
M CVE-2019-14902	<2:4.5.16+dfsg-1+deb9u4
M Out-of-bounds Read	<2:4.5.16+dfsg-1+deb9u4
M Improper Authentication	<2:4.5.16+dfsg-1+deb9u4
M Incorrect Default Permissions	<2:4.5.16+dfsg-1+deb9u4
M Directory Traversal	<2:4.5.16+dfsg-1+deb9u4
M Weak Password Requirements	<2:4.5.16+dfsg-1+deb9u4
M NULL Pointer Dereference	<2:4.5.16+dfsg-1+deb9u4
H Improperly Implemented Security Check for Standard	<2:4.5.16+dfsg-1+deb9u2
M Directory Traversal	<2:4.5.16+dfsg-1+deb9u1
L Out-of-bounds Read	*
M Double Free	<2:4.5.12+dfsg-2+deb9u4
M Loop with Unreachable Exit Condition ('Infinite Loop')	<2:4.5.12+dfsg-2+deb9u4
M NULL Pointer Dereference	<2:4.5.12+dfsg-2+deb9u4
M Information Exposure	<2:4.5.12+dfsg-2+deb9u3
H Out-of-Bounds	<2:4.5.12+dfsg-2+deb9u3
H Out-of-Bounds	<2:4.5.2+dfsg-2
M Improper Input Validation	<2:4.5.2+dfsg-2
H Cryptographic Issues	<2:4.5.8+dfsg-2+deb9u2
H CVE-2017-12150	<2:4.5.8+dfsg-2+deb9u2
H Information Exposure	<2:4.5.8+dfsg-2+deb9u2
L Race Condition	<2:3.4.7~dfsg-2
H Incorrect Authorization	<2:4.5.12+dfsg-2+deb9u2
M NULL Pointer Dereference	<2:4.5.12+dfsg-2+deb9u2
H Race Condition	<2:4.5.6+dfsg-2
H Out-of-Bounds	<2:4.5.12+dfsg-2+deb9u1
C Use After Free	<2:4.5.12+dfsg-2+deb9u1
H Insufficient Verification of Data Authenticity	<2:4.5.8+dfsg-2+deb9u1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<2:4.5.6+dfsg-1
C Arbitrary Code Injection	<2:4.5.8+dfsg-2
M Access Restriction Bypass	<2:4.5.2+dfsg-2
H Improper Access Control	<2:4.4.5+dfsg-1
M Security Features	<2:4.3.7+dfsg-1
M Security Features	<2:4.3.7+dfsg-1
M Security Features	<2:4.3.7+dfsg-1
M CVE-2015-5370	<2:4.3.7+dfsg-1
H Cryptographic Issues	<2:4.3.7+dfsg-1
M Security Features	<2:4.3.7+dfsg-1
M Security Features	<2:4.3.7+dfsg-1
H Security Features	<2:4.3.7+dfsg-1
M Out-of-Bounds	<2:4.3.6+dfsg-1
M Improper Access Control	<2:4.3.6+dfsg-1
H Information Exposure	<2:4.1.22+dfsg-1
M Information Exposure	<2:4.1.22+dfsg-1
H Access Restriction Bypass	<2:4.1.22+dfsg-1
M Numeric Errors	<2:4.1.22+dfsg-1
H Resource Management Errors	<2:4.1.22+dfsg-1
H Access Restriction Bypass	<2:4.1.22+dfsg-1
M Improper Input Validation	<2:4.1.22+dfsg-1
C Code	<2:4.1.17+dfsg-1
H Access Restriction Bypass	<2:4.1.17+dfsg-1
H Arbitrary Code Injection	<2:4.1.11+dfsg-1
M Improper Input Validation	<2:4.1.9+dfsg-1
L Out-of-Bounds	<2:4.1.9+dfsg-1
M Improper Input Validation	<2:4.1.8+dfsg-1
L CVE-2014-0178	<2:4.1.8+dfsg-1
L Credentials Management	<2:4.1.6+dfsg-1
L Access Restriction Bypass	<2:4.1.6+dfsg-1
H Out-of-Bounds	<2:4.0.13+dfsg-1
L Improper Input Validation	<2:4.0.13+dfsg-1
L Access Restriction Bypass	<2:4.0.11+dfsg-1
L Cryptographic Issues	<2:4.0.11+dfsg-1
L Numeric Errors	<2:3.6.17-1
M Access Restriction Bypass	<2:3.6.6-1
M Cross-site Request Forgery (CSRF)	<2:3.6.6-5
M Improper Input Validation	<2:3.6.6-5
M Access Restriction Bypass	<2:3.6.5-1
C Numeric Errors	<2:3.6.4-1
H Out-of-Bounds	<2:3.4.0~pre1-1
L Information Exposure	<2:3.6.3-1
L Improper Input Validation	<2:3.4.7~dfsg-2
L Cross-site Request Forgery (CSRF)	<2:3.5.10~dfsg-1
L Cross-site Scripting (XSS)	<2:3.5.10~dfsg-1
L Improper Input Validation	<2:3.4.7~dfsg-2
M Out-of-Bounds	<2:3.5.7~dfsg-1
H Out-of-Bounds	<2:3.5.5~dfsg-1
H Out-of-Bounds	<2:3.4.0~pre1-1
L CVE-2010-1635	<2:3.6.1-2
L Out-of-Bounds	<2:3.5.4~dfsg-2
H Access Restriction Bypass	<2:3.4.7~dfsg-1
L Directory Traversal	<2:3.4.6~dfsg-1
M Link Following	<2:3.4.5~dfsg-2
M Improper Input Validation	<2:3.4.5~dfsg-2
L CVE-2009-2906	<2:3.4.2-1
M Access Restriction Bypass	<2:3.4.2-1
M Access Restriction Bypass	<2:3.4.2-1
H Use of Externally-Controlled Format String	<2:3.3.6-1
L Access Restriction Bypass	<2:3.3.6-1
M Improper Input Validation	<2:3.2.5-3
H Information Exposure	<2:3.2.5-1
M Access Restriction Bypass	<2:3.2.3-1
M Out-of-Bounds	<1:3.0.30-1
H Out-of-Bounds	<3.0.28-1
H Out-of-Bounds	<3.0.27-1
H Out-of-Bounds	<3.0.27-1
H Access Restriction Bypass	<3.0.26-1
H Out-of-Bounds	<3.0.25-1
H CVE-2007-2444	<3.0.25-1
H CVE-2007-2447	<3.0.25-1
M Use of Externally-Controlled Format String	<3.0.23d-5
L CVE-2007-0452	<3.0.23d-5
M CVE-2006-3403	<3.0.23a-1
L CVE-2006-1059	<3.0.22-1
C CVE-2004-0882	<3.0.7
M CVE-2004-0930	<3.0.8-1
C CVE-2004-1154	<3.0.10-1
M CVE-2004-0829	<2.2.11
M CVE-2004-2546	<3.0.6-1
M CVE-2004-0808	<3.0.7
H CVE-2004-0815	<3.0.6-1
M CVE-2004-0807	<3.0.7
C CVE-2004-0600	<3.0.5
M CVE-2004-0686	<3.0.5
H CVE-2004-0186	<3.0.2-2
H CVE-2004-0082	<3.0.7
C CVE-2003-0196	<3.0
C CVE-2003-0201	<3.0
C CVE-2003-0085	<2.2.8
L CVE-2003-0086	<2.2.8
H Out-of-Bounds	<2.2.5
C CVE-2002-1318	<2.2.7

Vulnerability

Vulnerable Version

CVE-2021-3670