VDB

ALPINE-CVE-2019-10197

ALPINE-CVE-2019-10197 PUBLISHED CVSS 9.100000381469727 CRITICAL

A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.

Risk Scores

CVSS v3.0
9.100000381469727
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected Products

VendorProductVersions
Alpine:v3.22samba4.7.3-r0, 4.7.4-r0, 4.7.6-r0
Alpine:v3.11samba3.3.7-r4, 4.7.4-r0, 4.7.6-r0
Alpine:v3.13samba4.8.8-r0, 4.8.7-r0, 4.8.5-r0
Alpine:v3.18samba4.7.2-r0, 4.7.4-r0, 4.7.6-r0
Alpine:v3.23samba3.4.3-r0, 4.8.7-r0, 4.8.5-r0
Alpine:v3.10samba4.8.8-r0, 4.7.2-r0, 4.7.1-r0
Alpine:v3.14samba4.7.2-r0, 4.7.3-r0, 4.7.4-r0
Alpine:v3.17samba0, 3.2.10-r0, 3.2.11-r0
Alpine:v3.19samba3.6.3-r0, 4.8.8-r0, 4.8.7-r0
Alpine:v3.12samba4.8.7-r0, 0, 3.2.10-r0
Alpine:v3.16samba4.2.3-r1, 4.8.8-r0, 4.8.7-r0
Alpine:v3.20samba3.2.11-r0, 0, 3.2.10-r0
Alpine:v3.21samba0, 3.2.11-r1, 3.2.10-r0
Alpine:v3.15samba4.8.8-r0, 3.3.7-r0, 0

Timeline

  • Sep 3, 2019 CVE Published
  • Dec 3, 2025 CVE Updated
  • Apr 30, 2026 Distribution Patch

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›