{"id":"AZL-37023","summary":"CVE-2023-34968 affecting package samba 4.18.3-2","details":"A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the information that is part of the disclosed path.","modified":"2026-04-01T05:12:23.449528Z","published":"2023-07-20T15:15:11Z","upstream":["CVE-2023-34968"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-34968"}],"affected":[{"package":{"name":"samba","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/samba"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"4.18.3-2"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-37023.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}