samba (SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSS package samba, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (8)
CVE-2021-44142 — CVSS 8.8 (high): The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and…
CVE-2020-25717 — CVSS 8.1 (high): A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible…
CVE-2023-0922 — CVSS 5.9 (medium): The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a…
CVE-2021-20251 — CVSS 5.9 (medium): A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if…
CVE-2022-2127 — CVSS 5.9 (medium): An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM…
CVE-2022-32742 — CVSS 4.3 (medium): A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill…