{"api_version":"1","generated_at":"2026-04-23T00:41:46+00:00","cve":"CVE-2022-42898","urls":{"html":"https://cve.report/CVE-2022-42898","api":"https://cve.report/api/cve/CVE-2022-42898.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-42898","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-42898"},"summary":{"title":"CVE-2022-42898","description":"PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has \"a similar bug.\"","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2022-12-25 06:15:00","updated_at":"2023-10-08 09:15:00"},"problem_types":["CWE-190"],"metrics":[],"references":[{"url":"https://www.samba.org/samba/security/CVE-2022-42898.html","name":"https://www.samba.org/samba/security/CVE-2022-42898.html","refsource":"CONFIRM","tags":[],"title":"Samba - Security Announcement Archive","mime":"text/html","httpstatus":"200","archivestatus":"403"},{"url":"https://web.mit.edu/kerberos/advisories/","name":"https://web.mit.edu/kerberos/advisories/","refsource":"MISC","tags":[],"title":"Kerberos Security Advisories","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt","name":"https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt","refsource":"CONFIRM","tags":[],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"404"},{"url":"https://bugzilla.samba.org/show_bug.cgi?id=15203","name":"https://bugzilla.samba.org/show_bug.cgi?id=15203","refsource":"MISC","tags":[],"title":"15203 – (CVE-2022-42898) CVE-2022-42898 [SECURITY] krb5_pac_parse() buffer parsing vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c","name":"https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c","refsource":"CONFIRM","tags":[],"title":"PAC parse integer overflows · Advisory · heimdal/heimdal · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.gentoo.org/glsa/202309-06","name":"GLSA-202309-06","refsource":"GENTOO","tags":[],"title":"Samba: Multiple Vulnerabilities (GLSA 202309-06) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20230216-0008/","name":"https://security.netapp.com/advisory/ntap-20230216-0008/","refsource":"CONFIRM","tags":[],"title":"December 2022 Heimdal Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://web.mit.edu/kerberos/krb5-1.19/","name":"https://web.mit.edu/kerberos/krb5-1.19/","refsource":"CONFIRM","tags":[],"title":"Kerberos 5 Release 1.19.4","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.gentoo.org/glsa/202310-06","name":"GLSA-202310-06","refsource":"GENTOO","tags":[],"title":"Heimdal: Multiple Vulnerabilities (GLSA 202310-06) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583","name":"https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583","refsource":"CONFIRM","tags":[],"title":"Fix integer overflows in PAC parsing · krb5/krb5@ea92d2f · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20230223-0001/","name":"https://security.netapp.com/advisory/ntap-20230223-0001/","refsource":"CONFIRM","tags":[],"title":"CVE-2022-42898 MIT Kerberos 5 Vulnerability in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-42898","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42898","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"42898","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"heimdal_project","cpe5":"heimdal","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"42898","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mit","cpe5":"kerberos_5","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"42898","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mit","cpe5":"kerberos_5","cpe6":"1.20","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"42898","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mit","cpe5":"kerberos_5","cpe6":"1.20","cpe7":"beta1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"42898","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"samba","cpe5":"samba","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-42898","qid":"160331","title":"Oracle Enterprise Linux Security Update for krb5 (ELSA-2022-8638)"},{"cve":"CVE-2022-42898","qid":"160335","title":"Oracle Enterprise Linux Security Update for krb5 (ELSA-2022-8637)"},{"cve":"CVE-2022-42898","qid":"160337","title":"Oracle Enterprise Linux Security Update for krb5 (ELSA-2022-8640)"},{"cve":"CVE-2022-42898","qid":"160454","title":"Oracle Enterprise Linux Security Update for krb5 (ELSA-2023-12104)"},{"cve":"CVE-2022-42898","qid":"181238","title":"Debian Security Update for krb5 (DSA 5286-1)"},{"cve":"CVE-2022-42898","qid":"181242","title":"Debian Security Update for heimdal (DSA 5287-1)"},{"cve":"CVE-2022-42898","qid":"181249","title":"Debian Security Update for heimdal (DLA 3206-1)"},{"cve":"CVE-2022-42898","qid":"181259","title":"Debian Security Update for krb5 (DLA 3213-1)"},{"cve":"CVE-2022-42898","qid":"183360","title":"Debian Security Update for krb5sambaheimdal (CVE-2022-42898)"},{"cve":"CVE-2022-42898","qid":"199102","title":"Ubuntu Security Notification for Heimdal Vulnerabilities (USN-5800-1)"},{"cve":"CVE-2022-42898","qid":"199130","title":"Ubuntu Security Notification for Samba Vulnerabilities (USN-5822-1)"},{"cve":"CVE-2022-42898","qid":"199133","title":"Ubuntu Security Notification for Kerberos Vulnerabilities (USN-5828-1)"},{"cve":"CVE-2022-42898","qid":"199228","title":"Ubuntu Security Notification for Samba Vulnerabilities (USN-5936-1)"},{"cve":"CVE-2022-42898","qid":"240941","title":"Red Hat Update for krb5 (RHSA-2022:8639)"},{"cve":"CVE-2022-42898","qid":"240944","title":"Red Hat Update for krb5 (RHSA-2022:8640)"},{"cve":"CVE-2022-42898","qid":"240945","title":"Red Hat Update for krb5 (RHSA-2022:8637)"},{"cve":"CVE-2022-42898","qid":"240947","title":"Red Hat Update for krb5 (RHSA-2022:8638)"},{"cve":"CVE-2022-42898","qid":"240950","title":"Red Hat Update for krb5 (RHSA-2022:8662)"},{"cve":"CVE-2022-42898","qid":"240951","title":"Red Hat Update for krb5 (RHSA-2022:8669)"},{"cve":"CVE-2022-42898","qid":"257203","title":"CentOS Security Update for krb5 (CESA-2022:8640)"},{"cve":"CVE-2022-42898","qid":"283332","title":"Fedora Security Update for samba (FEDORA-2022-d680c70ebe)"},{"cve":"CVE-2022-42898","qid":"283333","title":"Fedora Security Update for krb5 (FEDORA-2022-78038a4441)"},{"cve":"CVE-2022-42898","qid":"283334","title":"Fedora Security Update for krb5 (FEDORA-2022-88cefef88c)"},{"cve":"CVE-2022-42898","qid":"283360","title":"Fedora Security Update for heimdal (FEDORA-2022-dba9ba8e2b)"},{"cve":"CVE-2022-42898","qid":"283361","title":"Fedora Security Update for heimdal (FEDORA-2022-cbbd105d08)"},{"cve":"CVE-2022-42898","qid":"283375","title":"Fedora Security Update for samba (FEDORA-2022-003403ec6b)"},{"cve":"CVE-2022-42898","qid":"283404","title":"Fedora Security Update for heimdal (FEDORA-2022-2c77cee4b5)"},{"cve":"CVE-2022-42898","qid":"283411","title":"Fedora Security Update for krb5 (FEDORA-2022-a1747aca80)"},{"cve":"CVE-2022-42898","qid":"283413","title":"Fedora Security Update for samba (FEDORA-2022-2156b74a6a)"},{"cve":"CVE-2022-42898","qid":"296099","title":"Oracle Solaris 11.4 Support Repository Update (SRU) 57.144.3 Missing (CPUAPR2023)"},{"cve":"CVE-2022-42898","qid":"354651","title":"Amazon Linux Security Advisory for krb5 : ALAS2-2023-1915"},{"cve":"CVE-2022-42898","qid":"354675","title":"Amazon Linux Security Advisory for krb5 : ALAS-2023-1667"},{"cve":"CVE-2022-42898","qid":"354695","title":"Amazon Linux Security Advisory for krb5 : ALAS2022-2023-272"},{"cve":"CVE-2022-42898","qid":"354706","title":"Amazon Linux Security Advisory for samba : ALAS2022-2023-271"},{"cve":"CVE-2022-42898","qid":"354720","title":"Amazon Linux Security Advisory for krb5 : ALAS-2023-1680"},{"cve":"CVE-2022-42898","qid":"355064","title":"Amazon Linux Security Advisory for krb5 : AL2012-2023-388"},{"cve":"CVE-2022-42898","qid":"355224","title":"Amazon Linux Security Advisory for krb5 : ALAS2023-2023-103"},{"cve":"CVE-2022-42898","qid":"377816","title":"Alibaba Cloud Linux Security Update for krb5 (ALINUX2-SA-2022:0055)"},{"cve":"CVE-2022-42898","qid":"377818","title":"Alibaba Cloud Linux Security Update for krb5 (ALINUX3-SA-2022:0186)"},{"cve":"CVE-2022-42898","qid":"378488","title":"NetApp Clustered Data Open Network Technology for Appliance Products (ONTAP) Denial of Service (DoS) Vulnerability (NTAP-20230223-0001)"},{"cve":"CVE-2022-42898","qid":"390282","title":"Oracle Managed Virtualization (VM) Server for x86 Security Update for krb5 (OVMSA-2023-0008)"},{"cve":"CVE-2022-42898","qid":"502599","title":"Alpine Linux Security Update for heimdal"},{"cve":"CVE-2022-42898","qid":"502602","title":"Alpine Linux Security Update for krb5"},{"cve":"CVE-2022-42898","qid":"502620","title":"Alpine Linux Security Update for samba"},{"cve":"CVE-2022-42898","qid":"502655","title":"Alpine Linux Security Update for heimdal"},{"cve":"CVE-2022-42898","qid":"502733","title":"Alpine Linux Security Update for krb5"},{"cve":"CVE-2022-42898","qid":"503127","title":"Alpine Linux Security Update for samba"},{"cve":"CVE-2022-42898","qid":"503810","title":"Alpine Linux Security Update for samba"},{"cve":"CVE-2022-42898","qid":"503994","title":"Alpine Linux Security Update for heimdal"},{"cve":"CVE-2022-42898","qid":"505624","title":"Alpine Linux Security Update for krb5"},{"cve":"CVE-2022-42898","qid":"505934","title":"Alpine Linux Security Update for samba"},{"cve":"CVE-2022-42898","qid":"672546","title":"EulerOS Security Update for samba (EulerOS-SA-2023-1112)"},{"cve":"CVE-2022-42898","qid":"672570","title":"EulerOS Security Update for samba (EulerOS-SA-2023-1136)"},{"cve":"CVE-2022-42898","qid":"672577","title":"EulerOS Security Update for krb5 (EulerOS-SA-2023-1321)"},{"cve":"CVE-2022-42898","qid":"672587","title":"EulerOS Security Update for samba (EulerOS-SA-2023-1336)"},{"cve":"CVE-2022-42898","qid":"672630","title":"EulerOS Security Update for samba (EulerOS-SA-2023-1371)"},{"cve":"CVE-2022-42898","qid":"672635","title":"EulerOS Security Update for samba (EulerOS-SA-2023-1399)"},{"cve":"CVE-2022-42898","qid":"672672","title":"EulerOS Security Update for krb5 (EulerOS-SA-2023-1425)"},{"cve":"CVE-2022-42898","qid":"672679","title":"EulerOS Security Update for krb5 (EulerOS-SA-2023-1410)"},{"cve":"CVE-2022-42898","qid":"672695","title":"EulerOS Security Update for samba (EulerOS-SA-2023-1417)"},{"cve":"CVE-2022-42898","qid":"672699","title":"EulerOS Security Update for samba (EulerOS-SA-2023-1432)"},{"cve":"CVE-2022-42898","qid":"672724","title":"EulerOS Security Update for krb5 (EulerOS-SA-2023-1445)"},{"cve":"CVE-2022-42898","qid":"672780","title":"EulerOS Security Update for krb5 (EulerOS-SA-2023-1470)"},{"cve":"CVE-2022-42898","qid":"672809","title":"EulerOS Security Update for krb5 (EulerOS-SA-2023-1527)"},{"cve":"CVE-2022-42898","qid":"672829","title":"EulerOS Security Update for krb5 (EulerOS-SA-2023-1552)"},{"cve":"CVE-2022-42898","qid":"673105","title":"EulerOS Security Update for krb5 (EulerOS-SA-2023-2153)"},{"cve":"CVE-2022-42898","qid":"673107","title":"EulerOS Security Update for samba (EulerOS-SA-2023-2168)"},{"cve":"CVE-2022-42898","qid":"690991","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for krb5 (094e4a5b-6511-11ed-8c5e-206a8a720317)"},{"cve":"CVE-2022-42898","qid":"691336","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for mysql (22df5074-71cd-11ee-85eb-84a93843eb75)"},{"cve":"CVE-2022-42898","qid":"710751","title":"Gentoo Linux Samba Multiple Vulnerabilities (GLSA 202309-06)"},{"cve":"CVE-2022-42898","qid":"710767","title":"Gentoo Linux Heimdal Multiple Vulnerabilities (GLSA 202310-06)"},{"cve":"CVE-2022-42898","qid":"752841","title":"SUSE Enterprise Linux Security Update for krb5 (SUSE-SU-2022:4154-1)"},{"cve":"CVE-2022-42898","qid":"752868","title":"SUSE Enterprise Linux Security Update for krb5 (SUSE-SU-2022:4155-1)"},{"cve":"CVE-2022-42898","qid":"752895","title":"SUSE Enterprise Linux Security Update for krb5 (SUSE-SU-2022:4167-1)"},{"cve":"CVE-2022-42898","qid":"752931","title":"SUSE Enterprise Linux Security Update for krb5 (SUSE-SU-2022:4153-1)"},{"cve":"CVE-2022-42898","qid":"752971","title":"SUSE Enterprise Linux Security Update for krb5 (SUSE-SU-2022:4335-1)"},{"cve":"CVE-2022-42898","qid":"752999","title":"SUSE Enterprise Linux Security Update for samba (SUSE-SU-2022:4395-1)"},{"cve":"CVE-2022-42898","qid":"753517","title":"SUSE Enterprise Linux Security Update for samba (SUSE-SU-2023:0081-1)"},{"cve":"CVE-2022-42898","qid":"753587","title":"SUSE Enterprise Linux Security Update for samba (SUSE-SU-2023:0160-1)"},{"cve":"CVE-2022-42898","qid":"753591","title":"SUSE Enterprise Linux Security Update for krb5 (SUSE-SU-2023:0198-1)"},{"cve":"CVE-2022-42898","qid":"904791","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for heimdal (12125)"},{"cve":"CVE-2022-42898","qid":"904792","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for krb5 (12128)"},{"cve":"CVE-2022-42898","qid":"904796","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for samba (12123)"},{"cve":"CVE-2022-42898","qid":"904797","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for krb5 (12133)"},{"cve":"CVE-2022-42898","qid":"905238","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for krb5 (12133-1)"},{"cve":"CVE-2022-42898","qid":"905346","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for heimdal (12125-1)"},{"cve":"CVE-2022-42898","qid":"905349","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for krb5 (12128-1)"},{"cve":"CVE-2022-42898","qid":"940850","title":"AlmaLinux Security Update for krb5 (ALSA-2022:8638)"},{"cve":"CVE-2022-42898","qid":"940853","title":"AlmaLinux Security Update for krb5 (ALSA-2022:8637)"},{"cve":"CVE-2022-42898","qid":"960467","title":"Rocky Linux Security Update for krb5 (RLSA-2022:8638)"},{"cve":"CVE-2022-42898","qid":"960580","title":"Rocky Linux Security Update for krb5 (RLSA-2022:8637)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2022-42898","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has \"a similar bug.\""}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://web.mit.edu/kerberos/advisories/","refsource":"MISC","name":"https://web.mit.edu/kerberos/advisories/"},{"refsource":"CONFIRM","name":"https://www.samba.org/samba/security/CVE-2022-42898.html","url":"https://www.samba.org/samba/security/CVE-2022-42898.html"},{"refsource":"CONFIRM","name":"https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583","url":"https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583"},{"refsource":"CONFIRM","name":"https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c","url":"https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c"},{"refsource":"CONFIRM","name":"https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt","url":"https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt"},{"refsource":"CONFIRM","name":"https://web.mit.edu/kerberos/krb5-1.19/","url":"https://web.mit.edu/kerberos/krb5-1.19/"},{"refsource":"MISC","name":"https://bugzilla.samba.org/show_bug.cgi?id=15203","url":"https://bugzilla.samba.org/show_bug.cgi?id=15203"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20230216-0008/","url":"https://security.netapp.com/advisory/ntap-20230216-0008/"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20230223-0001/","url":"https://security.netapp.com/advisory/ntap-20230223-0001/"},{"refsource":"GENTOO","name":"GLSA-202309-06","url":"https://security.gentoo.org/glsa/202309-06"},{"refsource":"GENTOO","name":"GLSA-202310-06","url":"https://security.gentoo.org/glsa/202310-06"}]}},"nvd":{"publishedDate":"2022-12-25 06:15:00","lastModifiedDate":"2023-10-08 09:15:00","problem_types":["CWE-190"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*","versionStartIncluding":"1.8","versionEndExcluding":"1.19.4","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mit:kerberos_5:1.20:beta1:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mit:kerberos_5:1.20:-:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:heimdal_project:heimdal:*:*:*:*:*:*:*:*","versionEndExcluding":"7.7.1","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*","versionStartIncluding":"4.17.0","versionEndExcluding":"4.17.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*","versionEndExcluding":"4.15.12","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16.0","versionEndExcluding":"4.16.7","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}