[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-3880":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":40,"aliases":41,"duplicate_of":9,"upstream":42,"downstream":43,"duplicates":80,"related":81,"reserved_at":9,"published_at":90,"modified_at":91,"state":92,"summary":93,"references_raw":102,"kevs":180,"epss":181,"epss_history":184,"metrics":433,"affected":449},"CVE-2019-3880","A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-22","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.","weakness","Stable","Base","High",[20,24,28,32,36],{"id":21,"name":22,"techniques":23},"CAPEC-126","Path Traversal",[],{"id":25,"name":26,"techniques":27},"CAPEC-64","Using Slashes and URL Encoding Combined to Bypass Validation Logic",[],{"id":29,"name":30,"techniques":31},"CAPEC-76","Manipulating Web Input to File System Calls",[],{"id":33,"name":34,"techniques":35},"CAPEC-78","Using Escaped Slashes in Alternate Encoding",[],{"id":37,"name":38,"techniques":39},"CAPEC-79","Using Slashes in Alternate Encoding",[],[],[],[],[44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78],{"_key":45},"ALPINE-CVE-2019-3880",{"_key":47},"RHSA-2019:1966",{"_key":49},"RHSA-2019:1967",{"_key":51},"RHSA-2019:2099",{"_key":53},"RHSA-2019:3582",{"_key":55},"SUSE-SU-2019:1037-1",{"_key":57},"SUSE-SU-2019:1040-1",{"_key":59},"SUSE-SU-2019:1194-1",{"_key":61},"SUSE-SU-2019:1195-1",{"_key":63},"SUSE-SU-2019:1203-1",{"_key":65},"SUSE-SU-2019:14042-1",{"_key":67},"OPENSUSE-SU-2019:1180-1",{"_key":69},"OPENSUSE-SU-2024:11365-1",{"_key":71},"DLA-1754-1",{"_key":73},"DSA-4427-1",{"_key":75},"UBUNTU-CVE-2019-3880",{"_key":77},"USN-3939-1",{"_key":79},"DEBIAN-CVE-2019-3880",[],[82,83,84,85,86,87,88,89],{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},"2019-04-09T15:18:08.000Z","2024-08-04T19:19:18.589Z","Modified",{"cisa_kev":94,"cisa_ransomware":94,"cisa_vendor":9,"epss_severity":95,"epss_score":96,"severity":97,"severity_score":98,"severity_version":99,"severity_source":100,"severity_vector":101,"severity_status":92},false,"low",0.03388,"medium",5.5,"v2.0","nvd","AV:N/AC:L/Au:S/C:N/I:P/A:P",[103,112,119,125,130,134,139,143,147,151,155,159,164,168,172,176],{"url":104,"sources":105,"tags":107},"https://www.samba.org/samba/security/CVE-2019-3880.html",[106,100],"cve.org",[108,109,110,111],"X Refsource MISC","Mitigation","Patch","Vendor Advisory",{"url":113,"sources":114,"tags":115},"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3880",[106,100],[116,117,109,118],"X Refsource CONFIRM","Issue Tracking","Third Party Advisory",{"url":120,"sources":121,"tags":122},"https://lists.debian.org/debian-lts-announce/2019/04/msg00013.html",[106,100],[123,124,118],"Mailing List","X Refsource MLIST",{"url":126,"sources":127,"tags":128},"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00050.html",[106,100],[111,129,123,110,118],"X Refsource SUSE",{"url":131,"sources":132,"tags":133},"https://security.netapp.com/advisory/ntap-20190411-0004/",[106,100],[116,118],{"url":135,"sources":136,"tags":137},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTJVFA3RZ6G2IZDTVKLHRMX6QBYA4GPA/",[106,100],[111,138],"X Refsource FEDORA",{"url":140,"sources":141,"tags":142},"https://www.synology.com/security/advisory/Synology_SA_19_15",[106,100],[116,118],{"url":144,"sources":145,"tags":146},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6354GALK73CZWQKFUG7AWB6EIEGFMF62/",[106,100],[111,138],{"url":148,"sources":149,"tags":150},"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00106.html",[106,100],[111,129,118],{"url":152,"sources":153,"tags":154},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRLRO7BPRFETVFZ4TVJL2VFZEPHKJY4/",[106,100],[111,138],{"url":156,"sources":157,"tags":158},"https://support.f5.com/csp/article/K20804356",[106,100],[116,118],{"url":160,"sources":161,"tags":162},"https://access.redhat.com/errata/RHSA-2019:1966",[106,100],[111,163,118],"X Refsource REDHAT",{"url":165,"sources":166,"tags":167},"https://access.redhat.com/errata/RHSA-2019:1967",[106,100],[111,163,118],{"url":169,"sources":170,"tags":171},"https://access.redhat.com/errata/RHSA-2019:2099",[106,100],[111,163,118],{"url":173,"sources":174,"tags":175},"https://access.redhat.com/errata/RHSA-2019:3582",[106,100],[111,163,118],{"url":177,"sources":178,"tags":179},"https://access.redhat.com/security/cve/cve-2019-3880",[100],[109,118],[],{"date":182,"score":96,"percentile":183},"2026-06-04",0.87614,[185,189,193,196,199,202,205,208,211,214,217,220,223,226,229,233,236,239,241,244,246,249,251,253,256,259,262,266,269,272,275,278,281,283,286,289,292,295,298,301,304,306,309,311,313,316,319,322,325,327,330,333,336,339,342,345,347,349,352,355,358,361,363,365,367,370,372,374,376,378,380,383,386,388,392,394,396,399,402,405,408,411,414,417,419,421,423,426,428,430],{"date":186,"score":187,"percentile":188},"2025-11-04",0.03162,0.86403,{"date":190,"score":191,"percentile":192},"2025-11-05",0.03096,0.86282,{"date":194,"score":191,"percentile":195},"2025-11-06",0.86281,{"date":197,"score":191,"percentile":198},"2025-11-07",0.86291,{"date":200,"score":191,"percentile":201},"2025-11-08",0.86293,{"date":203,"score":191,"percentile":204},"2025-11-09",0.86287,{"date":206,"score":191,"percentile":207},"2025-11-10",0.86289,{"date":209,"score":191,"percentile":210},"2025-11-11",0.86295,{"date":212,"score":191,"percentile":213},"2025-11-12",0.86302,{"date":215,"score":191,"percentile":216},"2025-11-13",0.86308,{"date":218,"score":191,"percentile":219},"2025-11-14",0.8631,{"date":221,"score":191,"percentile":222},"2025-11-15",0.86301,{"date":224,"score":191,"percentile":225},"2025-11-16",0.86303,{"date":227,"score":191,"percentile":228},"2025-11-17",0.86292,{"date":230,"score":231,"percentile":232},"2025-11-18",0.01688,0.80714,{"date":234,"score":231,"percentile":235},"2025-11-19",0.80715,{"date":237,"score":231,"percentile":238},"2025-11-20",0.8072,{"date":240,"score":191,"percentile":225},"2025-11-21",{"date":242,"score":191,"percentile":243},"2025-11-22",0.86298,{"date":245,"score":191,"percentile":228},"2025-11-23",{"date":247,"score":191,"percentile":248},"2025-11-24",0.86294,{"date":250,"score":191,"percentile":210},"2025-11-25",{"date":252,"score":191,"percentile":248},"2025-11-26",{"date":254,"score":191,"percentile":255},"2025-11-27",0.86296,{"date":257,"score":191,"percentile":258},"2025-11-28",0.86277,{"date":260,"score":191,"percentile":261},"2025-11-29",0.86349,{"date":263,"score":264,"percentile":265},"2025-11-30",0.03735,0.87574,{"date":267,"score":264,"percentile":268},"2025-12-01",0.8764,{"date":270,"score":264,"percentile":271},"2025-12-02",0.87642,{"date":273,"score":264,"percentile":274},"2025-12-03",0.87641,{"date":276,"score":264,"percentile":277},"2025-12-04",0.87572,{"date":279,"score":264,"percentile":280},"2025-12-05",0.87577,{"date":282,"score":264,"percentile":265},"2025-12-06",{"date":284,"score":264,"percentile":285},"2025-12-07",0.8757,{"date":287,"score":264,"percentile":288},"2025-12-08",0.87571,{"date":290,"score":264,"percentile":291},"2025-12-09",0.87584,{"date":293,"score":264,"percentile":294},"2025-12-10",0.876,{"date":296,"score":264,"percentile":297},"2025-12-11",0.87606,{"date":299,"score":264,"percentile":300},"2025-12-12",0.87611,{"date":302,"score":264,"percentile":303},"2025-12-13",0.8761,{"date":305,"score":264,"percentile":297},"2025-12-14",{"date":307,"score":264,"percentile":308},"2025-12-15",0.87604,{"date":310,"score":264,"percentile":303},"2025-12-16",{"date":312,"score":264,"percentile":183},"2025-12-17",{"date":314,"score":264,"percentile":315},"2025-12-18",0.87623,{"date":317,"score":264,"percentile":318},"2025-12-19",0.87626,{"date":320,"score":264,"percentile":321},"2025-12-20",0.87624,{"date":323,"score":264,"percentile":324},"2025-12-21",0.87629,{"date":326,"score":264,"percentile":324},"2025-12-22",{"date":328,"score":264,"percentile":329},"2025-12-23",0.87632,{"date":331,"score":264,"percentile":332},"2025-12-24",0.87638,{"date":334,"score":264,"percentile":335},"2025-12-25",0.8765,{"date":337,"score":264,"percentile":338},"2025-12-26",0.87649,{"date":340,"score":264,"percentile":341},"2025-12-27",0.87686,{"date":343,"score":264,"percentile":344},"2025-12-28",0.87637,{"date":346,"score":264,"percentile":329},"2025-12-29",{"date":348,"score":264,"percentile":274},"2025-12-30",{"date":350,"score":264,"percentile":351},"2025-12-31",0.87653,{"date":353,"score":264,"percentile":354},"2026-01-01",0.87714,{"date":356,"score":264,"percentile":357},"2026-01-02",0.8771,{"date":359,"score":264,"percentile":360},"2026-01-03",0.87708,{"date":362,"score":264,"percentile":271},"2026-01-04",{"date":364,"score":264,"percentile":332},"2026-01-05",{"date":366,"score":264,"percentile":271},"2026-01-06",{"date":368,"score":264,"percentile":369},"2026-01-07",0.87643,{"date":371,"score":264,"percentile":338},"2026-01-08",{"date":373,"score":264,"percentile":338},"2026-01-09",{"date":375,"score":264,"percentile":338},"2026-01-10",{"date":377,"score":264,"percentile":369},"2026-01-11",{"date":379,"score":264,"percentile":268},"2026-01-12",{"date":381,"score":264,"percentile":382},"2026-01-13",0.87639,{"date":384,"score":264,"percentile":385},"2026-01-14",0.87652,{"date":387,"score":264,"percentile":351},"2026-01-15",{"date":389,"score":390,"percentile":391},"2026-01-16",0.03451,0.8717,{"date":393,"score":390,"percentile":391},"2026-01-17",{"date":395,"score":390,"percentile":391},"2026-01-18",{"date":397,"score":390,"percentile":398},"2026-01-19",0.87164,{"date":400,"score":390,"percentile":401},"2026-01-20",0.87163,{"date":403,"score":390,"percentile":404},"2026-01-21",0.87166,{"date":406,"score":390,"percentile":407},"2026-01-22",0.87171,{"date":409,"score":96,"percentile":410},"2026-01-23",0.87063,{"date":412,"score":96,"percentile":413},"2026-01-24",0.87071,{"date":415,"score":96,"percentile":416},"2026-01-25",0.87066,{"date":418,"score":96,"percentile":410},"2026-01-26",{"date":420,"score":96,"percentile":410},"2026-01-27",{"date":422,"score":96,"percentile":416},"2026-01-28",{"date":424,"score":96,"percentile":425},"2026-01-29",0.87069,{"date":427,"score":96,"percentile":425},"2026-01-30",{"date":429,"score":96,"percentile":413},"2026-01-31",{"date":431,"score":96,"percentile":432},"2026-02-01",0.8714,[434,440],{"source":106,"cvss_v2_0":9,"cvss_v3_0":435,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":436,"baseSeverity":437,"vectorString":438,"impactScore":436,"exploitabilityScore":439},4.2,"MEDIUM","CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",4.1,{"source":100,"cvss_v2_0":441,"cvss_v3_0":444,"cvss_v3_1":445,"cvss_v4_0":9},{"baseScore":98,"baseSeverity":9,"vectorString":101,"impactScore":442,"exploitabilityScore":443},4.9,8,{"baseScore":436,"baseSeverity":437,"vectorString":438,"impactScore":436,"exploitabilityScore":439},{"baseScore":446,"baseSeverity":437,"vectorString":447,"impactScore":436,"exploitabilityScore":448},5.4,"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",7.2,[450,459,469,475,482,489,507],{"ecosystem":9,"name":451,"vendor":452,"product":453,"cpe_part":454,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":455},"debian linux","debian","debian_linux","o",[456],{"version":457,"is_range":94,"range_type":458,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0","cpe",{"ecosystem":9,"name":460,"vendor":461,"product":460,"cpe_part":454,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":462},"fedora","fedoraproject",[463,465,467],{"version":464,"is_range":94,"range_type":458,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"28",{"version":466,"is_range":94,"range_type":458,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"29",{"version":468,"is_range":94,"range_type":458,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"30",{"ecosystem":9,"name":470,"vendor":471,"product":470,"cpe_part":454,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":472},"leap","opensuse",[473],{"version":474,"is_range":94,"range_type":458,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"42.3",{"ecosystem":9,"name":476,"vendor":477,"product":478,"cpe_part":454,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":479},"enterprise linux","redhat","enterprise_linux",[480],{"version":481,"is_range":94,"range_type":458,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0",{"ecosystem":9,"name":483,"vendor":477,"product":484,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":486},"gluster storage","gluster_storage","a",[487],{"version":488,"is_range":94,"range_type":458,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.0",{"ecosystem":9,"name":490,"vendor":490,"product":490,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":491},"samba",[492,499,503],{"version":493,"is_range":494,"range_type":458,"version_start":495,"version_start_type":496,"version_end":497,"version_end_type":498,"fixed_in":9},"gte3.2.0_lt4.8.11",true,"3.2.0","including","4.8.11","excluding",{"version":500,"is_range":494,"range_type":458,"version_start":501,"version_start_type":496,"version_end":502,"version_end_type":498,"fixed_in":9},"gte4.9.0_lt4.9.6","4.9.0","4.9.6",{"version":504,"is_range":494,"range_type":458,"version_start":505,"version_start_type":496,"version_end":506,"version_end_type":498,"fixed_in":9},"gte4.10.0_lt4.10.2","4.10.0","4.10.2",{"ecosystem":9,"name":490,"vendor":508,"product":490,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":509},"the samba project",[510,511,512],{"version":497,"is_range":94,"range_type":106,"version_start":497,"version_start_type":496,"version_end":497,"version_end_type":496,"fixed_in":9},{"version":502,"is_range":94,"range_type":106,"version_start":502,"version_start_type":496,"version_end":502,"version_end_type":496,"fixed_in":9},{"version":506,"is_range":94,"range_type":106,"version_start":506,"version_start_type":496,"version_end":506,"version_end_type":496,"fixed_in":9}]