apk package
chainguard/py3.13-samba
pkg:apk/chainguard/py3.13-samba
Vulnerabilities (9)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-14628 | — | < 4.23.2-r0 | 4.23.2-r0 | Jan 17, 2023 | An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store. | ||
| CVE-2022-38023 | — | < 4.22.0-r0 | 4.22.0-r0 | Nov 9, 2022 | Netlogon RPC Elevation of Privilege Vulnerability | ||
| CVE-2022-37967 | — | < 4.22.0-r0 | 4.22.0-r0 | Nov 9, 2022 | Windows Kerberos Elevation of Privilege Vulnerability | ||
| CVE-2022-37966 | — | < 4.22.0-r0 | 4.22.0-r0 | Nov 9, 2022 | Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability | ||
| CVE-2022-32743 | — | < 0 | 0 | Sep 1, 2022 | Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it. | ||
| CVE-2022-1615 | — | < 4.23.2-r0 | 4.23.2-r0 | Sep 1, 2022 | In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values. | ||
| CVE-2021-3670 | — | < 4.23.2-r0 | 4.23.2-r0 | Aug 23, 2022 | MaxQueryDuration not honoured in Samba AD DC LDAP | ||
| CVE-2011-2411 | — | < 0 | 0 | Oct 2, 2011 | Unspecified vulnerability on HP NonStop Servers with software H06.x through H06.23.00 and J06.x through J06.12.00, when Samba is used, allows remote authenticated users to execute arbitrary code via unknown vectors. | ||
| CVE-2007-2407 | — | < 4.22.0-r0 | 4.22.0-r0 | Aug 3, 2007 | The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows file sharing is enabled, does not enforce disk quotas after dropping privileges, which allows remote authenticated users to use disk space in excess of quota. |
- CVE-2018-14628Jan 17, 2023affected < 4.23.2-r0fixed 4.23.2-r0
An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.
- CVE-2022-38023Nov 9, 2022affected < 4.22.0-r0fixed 4.22.0-r0
Netlogon RPC Elevation of Privilege Vulnerability
- CVE-2022-37967Nov 9, 2022affected < 4.22.0-r0fixed 4.22.0-r0
Windows Kerberos Elevation of Privilege Vulnerability
- CVE-2022-37966Nov 9, 2022affected < 4.22.0-r0fixed 4.22.0-r0
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
- CVE-2022-32743Sep 1, 2022affected < 0fixed 0
Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
- CVE-2022-1615Sep 1, 2022affected < 4.23.2-r0fixed 4.23.2-r0
In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.
- CVE-2021-3670Aug 23, 2022affected < 4.23.2-r0fixed 4.23.2-r0
MaxQueryDuration not honoured in Samba AD DC LDAP
- CVE-2011-2411Oct 2, 2011affected < 0fixed 0
Unspecified vulnerability on HP NonStop Servers with software H06.x through H06.23.00 and J06.x through J06.12.00, when Samba is used, allows remote authenticated users to execute arbitrary code via unknown vectors.
- CVE-2007-2407Aug 3, 2007affected < 4.22.0-r0fixed 4.22.0-r0
The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows file sharing is enabled, does not enforce disk quotas after dropping privileges, which allows remote authenticated users to use disk space in excess of quota.