Kerberos 5
Approved changes feed: RSS · Atom
cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Mit (82b7f5d9-694f-5ac9-86aa-26958677636b) |
|---|---|
| Product | Kerberos 5 (774ea4a1-4fda-5d25-92ac-c66a6356a1e3) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/krb5/krb5 |
purl2cpe | 2026-06-01 10:16:02.475330 |
pkg:rpm/fedora/krb5 |
purl2cpe | 2026-06-01 10:16:02.475332 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-40356 |
vulnerable | 2026-06-08 08:01:20.222469 |
Details available
MEDIUM (5.9)
In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process to terminate in parse_message.
Published: 2026-04-28T00:00:00.000Z
Updated: 2026-04-28T13:10:24.842Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-40355 |
vulnerable | 2026-06-08 08:01:20.222100 |
Details available
MEDIUM (5.9)
In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message.
Published: 2026-04-28T00:00:00.000Z
Updated: 2026-04-28T12:53:20.352Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-24528 |
vulnerable | 2026-06-08 07:12:49.458925 |
Details available
HIGH (7.1)
In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.
Published: 2026-01-16T00:00:00.000Z
Updated: 2026-01-16T18:06:59.339Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-37371 |
vulnerable | 2026-06-08 06:39:47.315993 |
Details available
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.
Published: 2024-06-28T00:00:00.000Z
Updated: 2026-05-12T11:54:32.455Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-37370 |
vulnerable | 2026-06-08 06:39:47.315067 |
Details available
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.
Published: 2024-06-28T00:00:00.000Z
Updated: 2026-05-12T11:54:31.271Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-39975 |
vulnerable | 2026-06-08 06:09:38.220121 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-36054 |
vulnerable | 2026-06-08 06:06:28.528217 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-42898 |
vulnerable | 2026-06-08 05:49:30.671655 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-39028 |
vulnerable | 2026-06-08 05:47:17.659352 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-37750 |
vulnerable | 2026-06-08 05:32:54.738108 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-36222 |
vulnerable | 2026-06-08 05:32:50.121730 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-28196 |
vulnerable | 2026-06-08 05:23:53.844695 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-14844 |
vulnerable | 2026-06-08 05:12:56.249279 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-5730 |
vulnerable | 2026-06-08 05:11:51.666489 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-5729 |
vulnerable | 2026-06-08 05:11:51.664300 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-7562 |
vulnerable | 2026-06-08 05:09:56.553150 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-15088 |
vulnerable | 2026-06-08 05:08:57.821440 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-8631 |
vulnerable | 2026-06-08 05:07:04.567724 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-8629 |
vulnerable | 2026-06-08 05:07:04.554687 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-2697 |
vulnerable | 2026-06-08 05:06:35.584909 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-2696 |
vulnerable | 2026-06-08 05:06:35.584147 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-2695 |
vulnerable | 2026-06-08 05:06:35.578012 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-5353 |
vulnerable | 2026-06-08 05:05:47.711225 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-4341 |
vulnerable | 2026-06-08 05:05:44.608431 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-1418 |
vulnerable | 2026-06-08 05:03:53.878663 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-1416 |
vulnerable | 2026-06-08 05:03:53.874029 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-1415 |
vulnerable | 2026-06-08 05:03:53.868217 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-1016 |
vulnerable | 2026-06-08 05:00:47.080392 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2010-1321 |
vulnerable | 2026-06-08 04:54:07.197784 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2010-0629 |
vulnerable | 2026-06-08 04:52:03.656657 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2009-0846 |
vulnerable | 2026-06-08 04:51:11.637060 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-0063 |
vulnerable | 2026-06-08 04:50:10.099052 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-0062 |
vulnerable | 2026-06-08 04:50:10.097702 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-5971 |
vulnerable | 2026-06-08 04:50:07.384273 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-5901 |
vulnerable | 2026-06-08 04:50:07.226564 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-4000 |
vulnerable | 2026-06-08 04:49:55.530625 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-2798 |
vulnerable | 2026-06-08 04:49:46.074999 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-2443 |
vulnerable | 2026-06-08 04:49:44.892228 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-2442 |
vulnerable | 2026-06-08 04:49:44.891093 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-1216 |
vulnerable | 2026-06-08 04:49:41.672202 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-0957 |
vulnerable | 2026-06-08 04:49:33.871424 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-0956 |
vulnerable | 2026-06-08 04:49:33.870396 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-6144 |
vulnerable | 2026-06-08 04:49:22.178261 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-1689 |
vulnerable | 2026-06-08 04:48:27.200034 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-1189 |
vulnerable | 2026-06-08 04:47:53.302416 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-0772 |
vulnerable | 2026-06-08 04:47:51.131527 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-0643 |
vulnerable | 2026-06-08 04:47:50.637239 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-0642 |
vulnerable | 2026-06-08 04:47:50.634525 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2002-2443 |
vulnerable | 2026-06-08 04:47:20.132873 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2002-1235 |
vulnerable | 2026-06-08 04:46:23.243441 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2001-1323 |
vulnerable | 2026-06-08 04:46:19.586818 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2000-0548 |
vulnerable | 2026-06-08 04:45:18.305224 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2000-0547 |
vulnerable | 2026-06-08 04:45:18.304730 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2000-0546 |
vulnerable | 2026-06-08 04:45:18.303964 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.