Approved changes feed: RSS · Atom

cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorMit (82b7f5d9-694f-5ac9-86aa-26958677636b)
ProductKerberos 5 (774ea4a1-4fda-5d25-92ac-c66a6356a1e3)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/krb5/krb5 purl2cpe 2026-06-01 10:16:02.475330
pkg:rpm/fedora/krb5 purl2cpe 2026-06-01 10:16:02.475332

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2026-40356 vulnerable 2026-06-08 08:01:20.222469 Details available
MEDIUM (5.9)
In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process to terminate in parse_message.
Published: 2026-04-28T00:00:00.000Z
Updated: 2026-04-28T13:10:24.842Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-40355 vulnerable 2026-06-08 08:01:20.222100 Details available
MEDIUM (5.9)
In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message.
Published: 2026-04-28T00:00:00.000Z
Updated: 2026-04-28T12:53:20.352Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-24528 vulnerable 2026-06-08 07:12:49.458925 Details available
HIGH (7.1)
In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.
Published: 2026-01-16T00:00:00.000Z
Updated: 2026-01-16T18:06:59.339Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-37371 vulnerable 2026-06-08 06:39:47.315993 Details available
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.
Published: 2024-06-28T00:00:00.000Z
Updated: 2026-05-12T11:54:32.455Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-37370 vulnerable 2026-06-08 06:39:47.315067 Details available
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.
Published: 2024-06-28T00:00:00.000Z
Updated: 2026-05-12T11:54:31.271Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-39975 vulnerable 2026-06-08 06:09:38.220121 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-36054 vulnerable 2026-06-08 06:06:28.528217 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-42898 vulnerable 2026-06-08 05:49:30.671655 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-39028 vulnerable 2026-06-08 05:47:17.659352 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-37750 vulnerable 2026-06-08 05:32:54.738108 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-36222 vulnerable 2026-06-08 05:32:50.121730 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-28196 vulnerable 2026-06-08 05:23:53.844695 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-14844 vulnerable 2026-06-08 05:12:56.249279 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-5730 vulnerable 2026-06-08 05:11:51.666489 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-5729 vulnerable 2026-06-08 05:11:51.664300 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-7562 vulnerable 2026-06-08 05:09:56.553150 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-15088 vulnerable 2026-06-08 05:08:57.821440 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-8631 vulnerable 2026-06-08 05:07:04.567724 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-8629 vulnerable 2026-06-08 05:07:04.554687 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-2697 vulnerable 2026-06-08 05:06:35.584909 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-2696 vulnerable 2026-06-08 05:06:35.584147 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-2695 vulnerable 2026-06-08 05:06:35.578012 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-5353 vulnerable 2026-06-08 05:05:47.711225 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-4341 vulnerable 2026-06-08 05:05:44.608431 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-1418 vulnerable 2026-06-08 05:03:53.878663 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-1416 vulnerable 2026-06-08 05:03:53.874029 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-1415 vulnerable 2026-06-08 05:03:53.868217 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2012-1016 vulnerable 2026-06-08 05:00:47.080392 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2010-1321 vulnerable 2026-06-08 04:54:07.197784 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2010-0629 vulnerable 2026-06-08 04:52:03.656657 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2009-0846 vulnerable 2026-06-08 04:51:11.637060 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-0063 vulnerable 2026-06-08 04:50:10.099052 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-0062 vulnerable 2026-06-08 04:50:10.097702 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2007-5971 vulnerable 2026-06-08 04:50:07.384273 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2007-5901 vulnerable 2026-06-08 04:50:07.226564 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2007-4000 vulnerable 2026-06-08 04:49:55.530625 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2007-2798 vulnerable 2026-06-08 04:49:46.074999 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2007-2443 vulnerable 2026-06-08 04:49:44.892228 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2007-2442 vulnerable 2026-06-08 04:49:44.891093 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2007-1216 vulnerable 2026-06-08 04:49:41.672202 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2007-0957 vulnerable 2026-06-08 04:49:33.871424 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2007-0956 vulnerable 2026-06-08 04:49:33.870396 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2006-6144 vulnerable 2026-06-08 04:49:22.178261 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2005-1689 vulnerable 2026-06-08 04:48:27.200034 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2004-1189 vulnerable 2026-06-08 04:47:53.302416 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2004-0772 vulnerable 2026-06-08 04:47:51.131527 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2004-0643 vulnerable 2026-06-08 04:47:50.637239 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2004-0642 vulnerable 2026-06-08 04:47:50.634525 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2002-2443 vulnerable 2026-06-08 04:47:20.132873 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2002-1235 vulnerable 2026-06-08 04:46:23.243441 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2001-1323 vulnerable 2026-06-08 04:46:19.586818 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2000-0548 vulnerable 2026-06-08 04:45:18.305224 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2000-0547 vulnerable 2026-06-08 04:45:18.304730 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2000-0546 vulnerable 2026-06-08 04:45:18.303964 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.