TrueChartsClone/charts/stable/davos/security.md

181 lines
541 KiB
Markdown
Raw Normal View History

---
hide:
- toc
---
# Security Overview
<link href="https://truecharts.org/_static/trivy.css" type="text/css" rel="stylesheet" />
## Helm-Chart
##### Scan Results
#### Chart Object: davos/templates/common.yaml
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;securityContext.allowPrivilegeEscalation&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;RELEASE-NAME-davos&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | <details><summary>Expand...</summary> Enforcing CPU limits prevents DoS via resource exhaustion. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;resources.limits.cpu&#39; </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv011">https://avd.aquasec.com/appshield/ksv011</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;RELEASE-NAME-davos&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;RELEASE-NAME-davos&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | <details><summary>Expand...</summary> When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;resources.requests.cpu&#39; </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv015">https://avd.aquasec.com/appshield/ksv015</a><br></details> |
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | <details><summary>Expand...</summary> When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;resources.requests.memory&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv016">https://avd.aquasec.com/appshield/ksv016</a><br></details> |
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | <details><summary>Expand...</summary> Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;securityContext.privileged&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv017">https://avd.aquasec.com/appshield/ksv017</a><br></details> |
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | <details><summary>Expand...</summary> Enforcing memory limits prevents DoS via resource exhaustion. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;resources.limits.memory&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv018">https://avd.aquasec.com/appshield/ksv018</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-davos&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-davos&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
| Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM | <details><summary>Expand...</summary> HostPath volumes must be forbidden. <br> <hr> <br> Deployment &#39;RELEASE-NAME-davos&#39; should not set &#39;spec.template.volumes.hostPath&#39; </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv023">https://avd.aquasec.com/appshield/ksv023</a><br></details> |
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root primary or supplementary GID. <br> <hr> <br> Deployment &#39;RELEASE-NAME-davos&#39; should set &#39;spec.securityContext.runAsGroup&#39;, &#39;spec.securityContext.supplementalGroups[*]&#39; and &#39;spec.securityContext.fsGroup&#39; to integer greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv029">https://avd.aquasec.com/appshield/ksv029</a><br></details> |
## Containers
##### Detected Containers
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/davos:v2.2.1-ls76@sha256:f9359583fb20278b436e7b018ee244f2cce1480d6834775f19e9da3503dd0e9b
##### Scan Results
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details> |
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details> |
#### Container: Java
**jar**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| com.fasterxml.jackson.core:jackson-databind | CVE-2017-15095 | CRITICAL | 2.8.4 | 2.7.9.2, 2.8.10, 2.9.1 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html">http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html">http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/103880">http://www.securityfocus.com/bid/103880</a><br><a href="http://www.securitytracker.com/id/1039769">http://www.securitytracker.com/id/1039769</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3189">https://access.redhat.com/errata/RHSA-2017:3189</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3190">https://access.redhat.com/errata/RHSA-2017:3190</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0342">https://access.redhat.com/errata/RHSA-2018:0342</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0478">https://access.redhat.com/errata/RHSA-2018:0478</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0479">https://access.redhat.com/errata/RHSA-2018:0479</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0480">https://access.redhat.com/errata/RHSA-2018:0480</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0481">https://access.redhat.com/errata/RHSA-2018:0481</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0576">https://access.redhat.com/errata/RHSA-2018:0576</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0577">https://access.redhat.com/errata/RHSA-2018:0577</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1447">https://access.redhat.com/errata/RHSA-2018:1447</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1448">https://access.redhat.com/errata/RHSA-2018:1448</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1449">https://access.redhat.com/errata/RHSA-2018:1449</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1450">https://access.redhat.com/errata/RHSA-2018:1450</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1451">https://access.redhat.com/errata/RHSA-2018:1451</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2927">https://access.redhat.com/errata/RHSA-2018:2927</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-15095">https://access.redhat.com/security/cve/CVE-2017-15095</a><br><a href="https://access.redhat.com/solutions/3442891">https://access.redhat.com/solutions/3442891</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095</a><br><a href="https://github.com/FasterXML/jackson-databind/blob/7093008aa2afe8068e120df850189ae072dfa1b2/src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java#L43">https://github.com/FasterXML/jackson-databind/blob/7093008aa2afe8068e120df850189ae072dfa1b2/src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java#L43</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/3bfbb835">https://github.com/FasterXML/jackson-databind/commit/3bfbb835</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/ddfddfba">https://github.com/FasterXML/jackson-databind/commit/ddfddfba</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/e8f043d1">https://github.com/FasterXML/jackson-databind/commit/e8f043d1</a><br><a href="https://github.com/Fa
| com.fasterxml.jackson.core:jackson-databind | CVE-2017-17485 | CRITICAL | 2.8.4 | 2.8.11, 2.9.4 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/archive/1/541652/100/0/threaded">http://www.securityfocus.com/archive/1/541652/100/0/threaded</a><br><a href="http://www.securityfocus.com/archive/1/archive/1/541652/100/0/threaded">http://www.securityfocus.com/archive/1/archive/1/541652/100/0/threaded</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0116">https://access.redhat.com/errata/RHSA-2018:0116</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0342">https://access.redhat.com/errata/RHSA-2018:0342</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0478">https://access.redhat.com/errata/RHSA-2018:0478</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0479">https://access.redhat.com/errata/RHSA-2018:0479</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0480">https://access.redhat.com/errata/RHSA-2018:0480</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0481">https://access.redhat.com/errata/RHSA-2018:0481</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1447">https://access.redhat.com/errata/RHSA-2018:1447</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1448">https://access.redhat.com/errata/RHSA-2018:1448</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1449">https://access.redhat.com/errata/RHSA-2018:1449</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1450">https://access.redhat.com/errata/RHSA-2018:1450</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1451">https://access.redhat.com/errata/RHSA-2018:1451</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2930">https://access.redhat.com/errata/RHSA-2018:2930</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1782">https://access.redhat.com/errata/RHSA-2019:1782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1797">https://access.redhat.com/errata/RHSA-2019:1797</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-17485">https://access.redhat.com/security/cve/CVE-2017-17485</a><br><a href="https://access.redhat.com/solutions/3442891">https://access.redhat.com/solutions/3442891</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/1855">https://github.com/FasterXML/jackson-databind/issues/1855</a><br><a href="https://github.com/advisories/GHSA-rfx6-vp9g-rh7v">https://github.com/advisories/GHSA-rfx6-vp9g-rh7v</a><br><a href="https://github.com/irsl/jackson-rce-via-spel/">https://github.com/irsl/jackson-rce-via-spel/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-17485">https://nvd.nist.gov/vuln/detail/CVE-2017-17485</a><br><a href="https://security.netapp.com/advisory/ntap-20180201-0003/">https://security.netapp.com/advisory/ntap-20180201-0003/</a><br><a href="https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbhf03902en_us">https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbhf03902en_us</a><br><a href="https://www.debian.org/security/2018/dsa-4114">https://www.debian.org/security/2018/dsa-4114</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2017-7525 | CRITICAL | 2.8.4 | 2.6.7.1, 2.7.9.1, 2.8.9 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html">http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html">http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/99623">http://www.securityfocus.com/bid/99623</a><br><a href="http://www.securitytracker.com/id/1039744">http://www.securitytracker.com/id/1039744</a><br><a href="http://www.securitytracker.com/id/1039947">http://www.securitytracker.com/id/1039947</a><br><a href="http://www.securitytracker.com/id/1040360">http://www.securitytracker.com/id/1040360</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1834">https://access.redhat.com/errata/RHSA-2017:1834</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1835">https://access.redhat.com/errata/RHSA-2017:1835</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1836">https://access.redhat.com/errata/RHSA-2017:1836</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1837">https://access.redhat.com/errata/RHSA-2017:1837</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1839">https://access.redhat.com/errata/RHSA-2017:1839</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1840">https://access.redhat.com/errata/RHSA-2017:1840</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2477">https://access.redhat.com/errata/RHSA-2017:2477</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2546">https://access.redhat.com/errata/RHSA-2017:2546</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2547">https://access.redhat.com/errata/RHSA-2017:2547</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2633">https://access.redhat.com/errata/RHSA-2017:2633</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2635">https://access.redhat.com/errata/RHSA-2017:2635</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2636">https://access.redhat.com/errata/RHSA-2017:2636</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2637">https://access.redhat.com/errata/RHSA-2017:2637</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2638">https://access.redhat.com/errata/RHSA-2017:2638</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3141">https://access.redhat.com/errata/RHSA-2017:3141</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3454">https://access.redhat.com/errata/RHSA-2017:3454</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3455">https://access.redhat.com/errata/RHSA-2017:3455</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3456">https://access.redhat.com/errata/RHSA-2017:3456</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3458">https://access.redhat.com/errata/RHSA-2017:3458</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0294">https://access.redhat.com/errata/RHSA-2018:0294</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0342">https://access.redhat.com/errata/RHSA-2018:0342</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1449">https://access.redhat.com/errata/RHSA-2018:1449</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1450">https://access.redhat.com/errata/RHSA-2018:1450</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0910">https://access.redhat.com/errata/RHSA-2019:0910</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-7525">https://access.redhat.com/
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-11307 | CRITICAL | 2.8.4 | 2.7.9.4, 2.8.11.2, 2.9.6 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2804">https://access.redhat.com/errata/RHSA-2019:2804</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3002">https://access.redhat.com/errata/RHSA-2019:3002</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3140">https://access.redhat.com/errata/RHSA-2019:3140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-11307">https://access.redhat.com/security/cve/CVE-2018-11307</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2032">https://github.com/FasterXML/jackson-databind/issues/2032</a><br><a href="https://github.com/advisories/GHSA-qr7j-h6gg-jmgc">https://github.com/advisories/GHSA-qr7j-h6gg-jmgc</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E">https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062">https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-7525">https://nvd.nist.gov/vuln/detail/CVE-2017-7525</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-11307">https://nvd.nist.gov/vuln/detail/CVE-2018-11307</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2020.html">https://www.oracle.com/security-alerts/cpuapr2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-14718 | CRITICAL | 2.8.4 | 2.6.7.2, 2.9.7 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/106601">http://www.securityfocus.com/bid/106601</a><br><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0877">https://access.redhat.com/errata/RHSA-2019:0877</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1782">https://access.redhat.com/errata/RHSA-2019:1782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1797">https://access.redhat.com/errata/RHSA-2019:1797</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2804">https://access.redhat.com/errata/RHSA-2019:2804</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3002">https://access.redhat.com/errata/RHSA-2019:3002</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3140">https://access.redhat.com/errata/RHSA-2019:3140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-14718">https://access.redhat.com/security/cve/CVE-2018-14718</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44">https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2097">https://github.com/FasterXML/jackson-databind/issues/2097</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7</a><br><a href="https://github.com/advisories/GHSA-645p-88qh-w398">https://github.com/advisories/GHSA-645p-88qh-w398</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E">https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E">https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E">https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissu
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-14719 | CRITICAL | 2.8.4 | 2.6.7.2, 2.9.7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0877">https://access.redhat.com/errata/RHSA-2019:0877</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1782">https://access.redhat.com/errata/RHSA-2019:1782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1797">https://access.redhat.com/errata/RHSA-2019:1797</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2804">https://access.redhat.com/errata/RHSA-2019:2804</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3002">https://access.redhat.com/errata/RHSA-2019:3002</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3140">https://access.redhat.com/errata/RHSA-2019:3140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-14719">https://access.redhat.com/security/cve/CVE-2018-14719</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44">https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2097">https://github.com/FasterXML/jackson-databind/issues/2097</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7</a><br><a href="https://github.com/advisories/GHSA-4gq5-ch57-c2mg">https://github.com/advisories/GHSA-4gq5-ch57-c2mg</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html">https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-14719">https://nvd.nist.gov/vuln/detail/CVE-2018-14719</a><br><a href="https://seclists.org/bugtraq/2019/May/68"
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-14720 | CRITICAL | 2.8.4 | 2.6.7.2, 2.9.7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1106">https://access.redhat.com/errata/RHSA-2019:1106</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1107">https://access.redhat.com/errata/RHSA-2019:1107</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1108">https://access.redhat.com/errata/RHSA-2019:1108</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1140">https://access.redhat.com/errata/RHSA-2019:1140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-14720">https://access.redhat.com/security/cve/CVE-2018-14720</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44">https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2097">https://github.com/FasterXML/jackson-databind/issues/2097</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7</a><br><a href="https://github.com/advisories/GHSA-x2w5-5m2g-7h5m">https://github.com/advisories/GHSA-x2w5-5m2g-7h5m</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E">https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E">https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E">https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.a
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-14721 | CRITICAL | 2.8.4 | 2.6.7.2, 2.9.7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1106">https://access.redhat.com/errata/RHSA-2019:1106</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1107">https://access.redhat.com/errata/RHSA-2019:1107</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1108">https://access.redhat.com/errata/RHSA-2019:1108</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1140">https://access.redhat.com/errata/RHSA-2019:1140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-14721">https://access.redhat.com/security/cve/CVE-2018-14721</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44">https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2097">https://github.com/FasterXML/jackson-databind/issues/2097</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7</a><br><a href="https://github.com/advisories/GHSA-9mxf-g3x6-wv74">https://github.com/advisories/GHSA-9mxf-g3x6-wv74</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html">https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-14721">https://nvd.nist.gov/vuln/detail/CVE-2018-14721</a><br><a href="https://seclists.org/bugtraq/2019/May/68">https://seclists.org/bugtraq/2019/May/68</a><br><a href="https://security.netapp.com/advisory/ntap-20190530-0003/">https://security.netapp.com/advisory/ntap-20190530-0003/</a><br><a href="https://www.debian.org/security/2019/
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-19360 | CRITICAL | 2.8.4 | 2.6.7.3, 2.7.9.5, 2.8.11.3, 2.9.8 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/107985">http://www.securityfocus.com/bid/107985</a><br><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0877">https://access.redhat.com/errata/RHSA-2019:0877</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1782">https://access.redhat.com/errata/RHSA-2019:1782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1797">https://access.redhat.com/errata/RHSA-2019:1797</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2804">https://access.redhat.com/errata/RHSA-2019:2804</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3002">https://access.redhat.com/errata/RHSA-2019:3002</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3140">https://access.redhat.com/errata/RHSA-2019:3140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-19360">https://access.redhat.com/security/cve/CVE-2018-19360</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b">https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2186">https://github.com/FasterXML/jackson-databind/issues/2186</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8</a><br><a href="https://github.com/advisories/GHSA-f9hv-mg5h-xcw9">https://github.com/advisories/GHSA-f9hv-mg5h-xcw9</a><br><a href="https://issues.apache.org/jira/browse/TINKERPOP-2121">https://issues.apache.org/jira/browse/TINKERPOP-2121</a><br><a href="https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E">https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-19361 | CRITICAL | 2.8.4 | 2.6.7.3, 2.7.9.5, 2.8.11.3, 2.9.8 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/107985">http://www.securityfocus.com/bid/107985</a><br><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0877">https://access.redhat.com/errata/RHSA-2019:0877</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1782">https://access.redhat.com/errata/RHSA-2019:1782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1797">https://access.redhat.com/errata/RHSA-2019:1797</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2804">https://access.redhat.com/errata/RHSA-2019:2804</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3002">https://access.redhat.com/errata/RHSA-2019:3002</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3140">https://access.redhat.com/errata/RHSA-2019:3140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-19361">https://access.redhat.com/security/cve/CVE-2018-19361</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b">https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2186">https://github.com/FasterXML/jackson-databind/issues/2186</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8</a><br><a href="https://github.com/advisories/GHSA-mx9v-gmh4-mgqw">https://github.com/advisories/GHSA-mx9v-gmh4-mgqw</a><br><a href="https://issues.apache.org/jira/browse/TINKERPOP-2121">https://issues.apache.org/jira/browse/TINKERPOP-2121</a><br><a href="https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E">https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-19362 | CRITICAL | 2.8.4 | 2.6.7.3, 2.7.9.5, 2.8.11.3, 2.9.8 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/107985">http://www.securityfocus.com/bid/107985</a><br><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0877">https://access.redhat.com/errata/RHSA-2019:0877</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1782">https://access.redhat.com/errata/RHSA-2019:1782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1797">https://access.redhat.com/errata/RHSA-2019:1797</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2804">https://access.redhat.com/errata/RHSA-2019:2804</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3002">https://access.redhat.com/errata/RHSA-2019:3002</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3140">https://access.redhat.com/errata/RHSA-2019:3140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-19362">https://access.redhat.com/security/cve/CVE-2018-19362</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b">https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2186">https://github.com/FasterXML/jackson-databind/issues/2186</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8</a><br><a href="https://github.com/advisories/GHSA-c8hm-7hpq-7jhg">https://github.com/advisories/GHSA-c8hm-7hpq-7jhg</a><br><a href="https://issues.apache.org/jira/browse/TINKERPOP-2121">https://issues.apache.org/jira/browse/TINKERPOP-2121</a><br><a href="https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E">https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-7489 | CRITICAL | 2.8.4 | 2.7.9.3, 2.8.11.1, 2.9.5 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html">http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html">http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/103203">http://www.securityfocus.com/bid/103203</a><br><a href="http://www.securitytracker.com/id/1040693">http://www.securitytracker.com/id/1040693</a><br><a href="http://www.securitytracker.com/id/1041890">http://www.securitytracker.com/id/1041890</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1447">https://access.redhat.com/errata/RHSA-2018:1447</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1448">https://access.redhat.com/errata/RHSA-2018:1448</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1449">https://access.redhat.com/errata/RHSA-2018:1449</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1450">https://access.redhat.com/errata/RHSA-2018:1450</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1451">https://access.redhat.com/errata/RHSA-2018:1451</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1786">https://access.redhat.com/errata/RHSA-2018:1786</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2088">https://access.redhat.com/errata/RHSA-2018:2088</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2089">https://access.redhat.com/errata/RHSA-2018:2089</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2090">https://access.redhat.com/errata/RHSA-2018:2090</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2938">https://access.redhat.com/errata/RHSA-2018:2938</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2939">https://access.redhat.com/errata/RHSA-2018:2939</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-7489">https://access.redhat.com/security/cve/CVE-2018-7489</a><br><a href="https://access.redhat.com/solutions/3442891">https://access.redhat.com/solutions/3442891</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7489">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7489</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/6799f8f10cc78e9af6d443ed6982d00a13f2e7d2">https://github.com/FasterXML/jackson-databind/commit/6799f8f10cc78e9af6d443ed6982d00a13f2e7d2</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/1931">https://github.com/FasterXML/jackson-databind/issues/1931</a><br><a href="https://github.com/advisories/GHSA-cggj-fvv3-cqwv">https://github.com/advisories/GHSA-cggj-fvv3-cqwv</a><br><a href="https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-7489">https://nvd.nist.gov/vuln/detail/CVE-2018-7489</a><br><a href="https://security.netapp.com/advisory/ntap-20180328-0001/">https://security.netapp.com/advisory/ntap-20180328-0001/</a><br><a href="https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbhf03902en_us">https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbhf03902en_us</a><br><a href="https://www.debian.org/security/2018/dsa-4190">https://www.debian.org/security/2018/dsa-4190</a><br
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-14379 | CRITICAL | 2.8.4 | 2.7.9.6, 2.8.11.4, 2.9.9.2 | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2022/Mar/23">http://seclists.org/fulldisclosure/2022/Mar/23</a><br><a href="https://access.redhat.com/errata/RHBA-2019:2824">https://access.redhat.com/errata/RHBA-2019:2824</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2743">https://access.redhat.com/errata/RHSA-2019:2743</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2935">https://access.redhat.com/errata/RHSA-2019:2935</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2936">https://access.redhat.com/errata/RHSA-2019:2936</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2937">https://access.redhat.com/errata/RHSA-2019:2937</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2938">https://access.redhat.com/errata/RHSA-2019:2938</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2998">https://access.redhat.com/errata/RHSA-2019:2998</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3044">https://access.redhat.com/errata/RHSA-2019:3044</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3045">https://access.redhat.com/errata/RHSA-2019:3045</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3046">https://access.redhat.com/errata/RHSA-2019:3046</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3050">https://access.redhat.com/errata/RHSA-2019:3050</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3200">https://access.redhat.com/errata/RHSA-2019:3200</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3292">https://access.redhat.com/errata/RHSA-2019:3292</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3297">https://access.redhat.com/errata/RHSA-2019:3297</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3901">https://access.redhat.com/errata/RHSA-2019:3901</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0727">https://access.redhat.com/errata/RHSA-2020:0727</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-14379">https://access.redhat.com/security/cve/CVE-2019-14379</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b">https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b</a><br><a href="https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2">https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2387">https://github.com/FasterXML/jackson-databind/issues/2387</a><br><a href="https://github.com/advisories/GHSA-6fpp-rgj9-8rwc">https://github.com/advisories/GHSA-6fpp-rgj9-8rwc</a><br><a href="https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E">https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/2766188be238a446a250ef76801037d452979152d85bce5e46805815@%3Cissues.iceberg.apache.org%3E">https://lists.apache.org/thread.html/2766188be238a446a250ef76801037d452979152d85bce5e46805815@%3Cissues.iceberg.apache.org%3E</a><br><a href="https://lists.apache.
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-14540 | CRITICAL | 2.8.4 | 2.9.10 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:3200">https://access.redhat.com/errata/RHSA-2019:3200</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0159">https://access.redhat.com/errata/RHSA-2020:0159</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0160">https://access.redhat.com/errata/RHSA-2020:0160</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0161">https://access.redhat.com/errata/RHSA-2020:0161</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0164">https://access.redhat.com/errata/RHSA-2020:0164</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0445">https://access.redhat.com/errata/RHSA-2020:0445</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-14540">https://access.redhat.com/security/cve/CVE-2019-14540</a><br><a href="https://github.com/FasterXML/jackson-databind/blob/master/release-notes/VERSION-2.x">https://github.com/FasterXML/jackson-databind/blob/master/release-notes/VERSION-2.x</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2410">https://github.com/FasterXML/jackson-databind/issues/2410</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2449">https://github.com/FasterXML/jackson-databind/issues/2449</a><br><a href="https://github.com/advisories/GHSA-h822-r4r5-v8jg">https://github.com/advisories/GHSA-h822-r4r5-v8jg</a><br><a href="https://linux.oracle.com/cve/CVE-2019-14540.html">https://linux.oracle.com/cve/CVE-2019-14540.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-1644.html">https://linux.oracle.com/errata/ELSA-2020-1644.html</a><br><a href="https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E">https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/a4f2c9fb36642a48912cdec6836ec00e497427717c5d377f8d7ccce6@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/a4f2c9fb36642a48912cdec6836ec00e497427717c5d377f8d7ccce6@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed11638949
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-14892 | CRITICAL | 2.8.4 | 2.6.7.3, 2.8.11.5, 2.9.10 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2020:0729">https://access.redhat.com/errata/RHSA-2020:0729</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-14892">https://access.redhat.com/security/cve/CVE-2019-14892</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14892">https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14892</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14892">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14892</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/41b7f9b90149e9d44a65a8261a8deedc7186f6af">https://github.com/FasterXML/jackson-databind/commit/41b7f9b90149e9d44a65a8261a8deedc7186f6af</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/819cdbcab51c6da9fb896380f2d46e9b7d4fdc3b">https://github.com/FasterXML/jackson-databind/commit/819cdbcab51c6da9fb896380f2d46e9b7d4fdc3b</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2462">https://github.com/FasterXML/jackson-databind/issues/2462</a><br><a href="https://github.com/advisories/GHSA-cf6r-3wgc-h863">https://github.com/advisories/GHSA-cf6r-3wgc-h863</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-14892">https://nvd.nist.gov/vuln/detail/CVE-2019-14892</a><br><a href="https://security.netapp.com/advisory/ntap-20200904-0005/">https://security.netapp.com/advisory/ntap-20200904-0005/</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-14893 | CRITICAL | 2.8.4 | 2.8.11.5, 2.9.10 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2020:0729">https://access.redhat.com/errata/RHSA-2020:0729</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-14893">https://access.redhat.com/security/cve/CVE-2019-14893</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14893">https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14893</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14893">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14893</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/998efd708284778f29d83d7962a9bd935c228317">https://github.com/FasterXML/jackson-databind/commit/998efd708284778f29d83d7962a9bd935c228317</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2469">https://github.com/FasterXML/jackson-databind/issues/2469</a><br><a href="https://github.com/advisories/GHSA-qmqc-x3r4-6v39">https://github.com/advisories/GHSA-qmqc-x3r4-6v39</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-14893">https://nvd.nist.gov/vuln/detail/CVE-2019-14893</a><br><a href="https://security.netapp.com/advisory/ntap-20200327-0006/">https://security.netapp.com/advisory/ntap-20200327-0006/</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-16335 | CRITICAL | 2.8.4 | 2.9.10 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:3200">https://access.redhat.com/errata/RHSA-2019:3200</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0159">https://access.redhat.com/errata/RHSA-2020:0159</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0160">https://access.redhat.com/errata/RHSA-2020:0160</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0161">https://access.redhat.com/errata/RHSA-2020:0161</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0164">https://access.redhat.com/errata/RHSA-2020:0164</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0445">https://access.redhat.com/errata/RHSA-2020:0445</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0729">https://access.redhat.com/errata/RHSA-2020:0729</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-16335">https://access.redhat.com/security/cve/CVE-2019-16335</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2449">https://github.com/FasterXML/jackson-databind/issues/2449</a><br><a href="https://github.com/advisories/GHSA-85cw-hj65-qqv9">https://github.com/advisories/GHSA-85cw-hj65-qqv9</a><br><a href="https://linux.oracle.com/cve/CVE-2019-16335.html">https://linux.oracle.com/cve/CVE-2019-16335.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-1644.html">https://linux.oracle.com/errata/ELSA-2020-1644.html</a><br><a href="https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E">https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E">https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/th
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-16942 | CRITICAL | 2.8.4 | 2.9.10.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:3901">https://access.redhat.com/errata/RHSA-2019:3901</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0159">https://access.redhat.com/errata/RHSA-2020:0159</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0160">https://access.redhat.com/errata/RHSA-2020:0160</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0161">https://access.redhat.com/errata/RHSA-2020:0161</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0164">https://access.redhat.com/errata/RHSA-2020:0164</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0445">https://access.redhat.com/errata/RHSA-2020:0445</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-16942">https://access.redhat.com/security/cve/CVE-2019-16942</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2478">https://github.com/FasterXML/jackson-databind/issues/2478</a><br><a href="https://github.com/advisories/GHSA-mx7p-6679-8g3q">https://github.com/advisories/GHSA-mx7p-6679-8g3q</a><br><a href="https://issues.apache.org/jira/browse/GEODE-7255">https://issues.apache.org/jira/browse/GEODE-7255</a><br><a href="https://linux.oracle.com/cve/CVE-2019-16942.html">https://linux.oracle.com/cve/CVE-2019-16942.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-1644.html">https://linux.oracle.com/errata/ELSA-2020-1644.html</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/7782a937c9259a58337ee36b2961f00e2d744feafc13084e176d0df5@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/7782a937c9259a58337ee36b2961f00e2d744feafc13084e176d0df5@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/a430dbc9be874c41314cc69e697384567a9a24025e819d9485547954@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/a430dbc9be874c41314cc69e697384567a9a24025e819d9485547954@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b2e23c94f9dfef53e04c492e5d02e5c75201734be7adc73a49ef2370@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/b2e23c94f9dfef53e04c492e5d02e5c75201734be7adc73a49ef2370@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html">https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/</
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-16943 | CRITICAL | 2.8.4 | 2.9.10.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2020:0159">https://access.redhat.com/errata/RHSA-2020:0159</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0160">https://access.redhat.com/errata/RHSA-2020:0160</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0161">https://access.redhat.com/errata/RHSA-2020:0161</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0164">https://access.redhat.com/errata/RHSA-2020:0164</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0445">https://access.redhat.com/errata/RHSA-2020:0445</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-16943">https://access.redhat.com/security/cve/CVE-2019-16943</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2478">https://github.com/FasterXML/jackson-databind/issues/2478</a><br><a href="https://github.com/advisories/GHSA-fmmc-742q-jg75">https://github.com/advisories/GHSA-fmmc-742q-jg75</a><br><a href="https://linux.oracle.com/cve/CVE-2019-16943.html">https://linux.oracle.com/cve/CVE-2019-16943.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-1644.html">https://linux.oracle.com/errata/ELSA-2020-1644.html</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5ec8d8d485c2c8ac55ea425f4cd96596ef37312532712639712ebcdd@%3Ccommits.iceberg.apache.org%3E">https://lists.apache.org/thread.html/5ec8d8d485c2c8ac55ea425f4cd96596ef37312532712639712ebcdd@%3Ccommits.iceberg.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6@%3Cissues.iceberg.apache.org%3E">https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6@%3Cissues.iceberg.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html">https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/">https://lists.fedoraproject.org/archives/list/package-announce@lists.
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-17267 | CRITICAL | 2.8.4 | 2.9.10 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:3200">https://access.redhat.com/errata/RHSA-2019:3200</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0159">https://access.redhat.com/errata/RHSA-2020:0159</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0160">https://access.redhat.com/errata/RHSA-2020:0160</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0161">https://access.redhat.com/errata/RHSA-2020:0161</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0164">https://access.redhat.com/errata/RHSA-2020:0164</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0445">https://access.redhat.com/errata/RHSA-2020:0445</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-17267">https://access.redhat.com/security/cve/CVE-2019-17267</a><br><a href="https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10">https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2460">https://github.com/FasterXML/jackson-databind/issues/2460</a><br><a href="https://github.com/advisories/GHSA-f3j5-rmmp-3fc5">https://github.com/advisories/GHSA-f3j5-rmmp-3fc5</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9d727fc681fb3828794acbefcaee31393742b4d73a29461ccd9597a8@%3Cdev.skywalking.apache.org%3E">https://lists.apache.org/thread.html/r9d727fc681fb3828794acbefcaee31393742b4d73a29461ccd9597a8@%3Cdev.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html">https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-17267">https://nvd.nist.gov/vuln/detail/CVE-2019-17267</a><br><a href="https://security.netapp.com/advisory/ntap-20191017-0006/">https://security.netapp.com/advisory/ntap-20191017-0006/</a><br><a href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-17531 | CRITICAL | 2.8.4 | 2.9.10.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:4192">https://access.redhat.com/errata/RHSA-2019:4192</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0159">https://access.redhat.com/errata/RHSA-2020:0159</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0160">https://access.redhat.com/errata/RHSA-2020:0160</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0161">https://access.redhat.com/errata/RHSA-2020:0161</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0164">https://access.redhat.com/errata/RHSA-2020:0164</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0445">https://access.redhat.com/errata/RHSA-2020:0445</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-17531">https://access.redhat.com/security/cve/CVE-2019-17531</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2498">https://github.com/FasterXML/jackson-databind/issues/2498</a><br><a href="https://github.com/advisories/GHSA-gjmw-vf9h-g25v">https://github.com/advisories/GHSA-gjmw-vf9h-g25v</a><br><a href="https://linux.oracle.com/cve/CVE-2019-17531.html">https://linux.oracle.com/cve/CVE-2019-17531.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-1644.html">https://linux.oracle.com/errata/ELSA-2020-1644.html</a><br><a href="https://lists.apache.org/thread.html/b3c90d38f99db546de60fea65f99a924d540fae2285f014b79606ca5@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/b3c90d38f99db546de60fea65f99a924d540fae2285f014b79606ca5@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html">https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html</a><br><a href="https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062">https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-17531">https://nvd.nist.gov/vuln/detail/CVE-2019-17531</a><br><a href="https://security.netapp.com/advisory/ntap-20191024-0005/">https://security.netapp.com/advisory/ntap-20191024-0005/</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2020.html">https://www.oracle.com/security-alerts/cpuapr2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-20330 | CRITICAL | 2.8.4 | 2.8.11.5, 2.9.10.2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-20330">https://access.redhat.com/security/cve/CVE-2019-20330</a><br><a href="https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.10.1...jackson-databind-2.9.10.2">https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.10.1...jackson-databind-2.9.10.2</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2526">https://github.com/FasterXML/jackson-databind/issues/2526</a><br><a href="https://github.com/advisories/GHSA-gww7-p5w4-wrfv">https://github.com/advisories/GHSA-gww7-p5w4-wrfv</a><br><a href="https://lists.apache.org/thread.html/r107c8737db39ec9ec4f4e7147b249e29be79170b9ef4b80528105a2d@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r107c8737db39ec9ec4f4e7147b249e29be79170b9ef4b80528105a2d@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2c77dd6ab8344285bd8e481b57cf3029965a4b0036eefccef74cdd44@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r2c77dd6ab8344285bd8e481b57cf3029965a4b0036eefccef74cdd44@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3f8180d0d25a7c6473ebb9714b0c1d19a73f455ae70d0c5fefc17e6c@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r3f8180d0d25a7c6473ebb9714b0c1d19a73f455ae70d0c5fefc17e6c@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r428735963bee7cb99877b88d3228e28ec28af64646455c4f3e7a3c94@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r428735963bee7cb99877b88d3228e28ec28af64646455c4f3e7a3c94@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r50f513772f12e1babf65c7c2b9c16425bac2d945351879e2e267517f@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r50f513772f12e1babf65c7c2b9c16425bac2d945351879e2e267517f@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r5c14fdcabdeaba258857bcb67198652e4dce1d33ddc590cd81d82393@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r5c14fdcabdeaba258857bcb67198652e4dce1d33ddc590cd81d82393@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r5c3644c97f0434d1ceb48ff48897a67bdbf3baf7efbe7d04625425b3@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r5c3644c97f0434d1ceb48ff48897a67bdbf3baf7efbe7d04625425b3@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r5d3d10fdf28110da3f9ac1b7d08d7e252f98d7d37ce0a6bd139a2e4f@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r5d3d10fdf28110da3f9ac1b7d08d7e252f98d7d37ce0a6bd139a2e4f@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r67f4d4c48197454b83d62afbed8bebbda3764e6e3a6e26a848961764@%3Ccommits.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r67f4d4c48197454b83d62afbed8bebbda3764e6e3a6e26a848961764@%3Ccommits.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r707d23bb9ee245f50aa909add0da6e8d8f24719b1278ddd99d2428b2@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r707d23bb9ee245f50aa909add0da6e8d8f24719b1278ddd99d2428b2@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-8840 | CRITICAL | 2.8.4 | 2.7.9.7, 2.8.11.5, 2.9.10.3 | <details><summary>Expand...</summary><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en">http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-8840">https://access.redhat.com/security/cve/CVE-2020-8840</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8840">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8840</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/914e7c9f2cb8ce66724bf26a72adc7e958992497">https://github.com/FasterXML/jackson-databind/commit/914e7c9f2cb8ce66724bf26a72adc7e958992497</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2620">https://github.com/FasterXML/jackson-databind/issues/2620</a><br><a href="https://github.com/advisories/GHSA-4w82-r329-3q67">https://github.com/advisories/GHSA-4w82-r329-3q67</a><br><a href="https://lists.apache.org/thread.html/r078e68a926ea6be12e8404e47f45aabf04bb4668e8265c0de41db6db@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r078e68a926ea6be12e8404e47f45aabf04bb4668e8265c0de41db6db@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1c09b9551f6953dbeca190a4c4b78198cdbb9825fce36f96fe3d8218@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/r1c09b9551f6953dbeca190a4c4b78198cdbb9825fce36f96fe3d8218@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1efc776fc6ce3387593deaa94bbdd296733b1b01408a39c8d1ab9e0e@%3Cdev.ranger.apache.org%3E">https://lists.apache.org/thread.html/r1efc776fc6ce3387593deaa94bbdd296733b1b01408a39c8d1ab9e0e@%3Cdev.ranger.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2fa8046bd47fb407ca09b5107a80fa6147ba4ebe879caae5c98b7657@%3Cdev.ranger.apache.org%3E">https://lists.apache.org/thread.html/r2fa8046bd47fb407ca09b5107a80fa6147ba4ebe879caae5c98b7657@%3Cdev.ranger.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r319f19c74e06c201b9d4e8b282a4e4b2da6dcda022fb46f007dd00d3@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r319f19c74e06c201b9d4e8b282a4e4b2da6dcda022fb46f007dd00d3@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3539bd3a377991217d724879d239e16e86001c54160076408574e1da@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r3539bd3a377991217d724879d239e16e86001c54160076408574e1da@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3d20a2660b36551fd8257d479941782af4a7169582449fac1704bde2@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r3d20a2660b36551fd8257d479941782af4a7169582449fac1704bde2@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r428d068b2a4923f1a5a4f5fc6381b95205cfe7620169d16db78e9c71@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r428d068b2a4923f1a5a4f5fc6381b95205cfe7620169d16db78e9c71@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r446646c5588b10f5e02409ad580b12f314869009cdfbf844ca395cec@%3Cdev.ranger.apache.org%3E">https://lists.apache.org/thread.html/r446646c5588b10f5e02409ad580b12f314869009cdfbf844ca395cec@%3Cdev.ranger.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r46bebdeb59b8b7212d63a010ca445a9f5c4e9d64dcf693cab6f399d3@%3Ccommits.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r46bebdeb59b8b7212d63a010ca445a9f5c4e9d64dcf693cab6f399d3@%3Ccommits.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-9546 | CRITICAL | 2.8.4 | 2.7.9.7, 2.8.11.6, 2.9.10.4 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-9546">https://access.redhat.com/security/cve/CVE-2020-9546</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2631">https://github.com/FasterXML/jackson-databind/issues/2631</a><br><a href="https://github.com/advisories/GHSA-5p34-5m6p-p58g">https://github.com/advisories/GHSA-5p34-5m6p-p58g</a><br><a href="https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html">https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html</a><br><a href="https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062">https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-9546">https://nvd.nist.gov/vuln/detail/CVE-2020-9546</a><br><a href="https://security.netapp.com/advisory/ntap-20200904-0006/">https://security.netapp.com/advisory/ntap-20200904-0006/</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-9547 | CRITICAL | 2.8.4 | 2.7.9.7, 2.8.11.6, 2.9.10.4 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-9547">https://access.redhat.com/security/cve/CVE-2020-9547</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2634">https://github.com/FasterXML/jackson-databind/issues/2634</a><br><a href="https://github.com/advisories/GHSA-q93h-jc49-78gg">https://github.com/advisories/GHSA-q93h-jc49-78gg</a><br><a href="https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4accb2e0de9679174efd3d113a059bab71ff3ec53e882790d21c1cc1@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r4accb2e0de9679174efd3d113a059bab71ff3ec53e882790d21c1cc1@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r742ef70d126548dcf7de5be5779355c9d76a9aec71d7a9ef02c6398a@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r742ef70d126548dcf7de5be5779355c9d76a9aec71d7a9ef02c6398a@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra3e90712f2d59f8cef03fa796f5adf163d32b81fe7b95385f21790e6@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/ra3e90712f2d59f8cef03fa796f5adf163d32b81fe7b95385f21790e6@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rc0d5d0f72da1ed6fc5e438b1ddb3fa090c73006b55f873cf845375ab@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rc0d5d0f72da1ed6fc5e438b1ddb3fa090c73006b55f873cf845375ab@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd0e958d6d5c5ee16efed73314cd0e445c8dbb4bdcc80fc9d1d6c11fc@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rd0e958d6d5c5ee16efed73314cd0e445c8dbb4bdcc80fc9d1d6c11fc@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rdd4df698d5d8e635144d
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-9548 | CRITICAL | 2.8.4 | 2.7.9.7, 2.8.11.6, 2.9.10.4 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-9548">https://access.redhat.com/security/cve/CVE-2020-9548</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2634">https://github.com/FasterXML/jackson-databind/issues/2634</a><br><a href="https://github.com/advisories/GHSA-p43x-xfjf-5jhr">https://github.com/advisories/GHSA-p43x-xfjf-5jhr</a><br><a href="https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html">https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html</a><br><a href="https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062">https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-9548">https://nvd.nist.gov/vuln/detail/CVE-2020-9548</a><br><a href="https://security.netapp.com/advisory/ntap-20200904-0006/">https://security.netapp.com/advisory/ntap-20200904-0006/</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-12022 | HIGH | 2.8.4 | 2.7.9.4, 2.8.11.2, 2.9.6 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/107585">http://www.securityfocus.com/bid/107585</a><br><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0877">https://access.redhat.com/errata/RHSA-2019:0877</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1106">https://access.redhat.com/errata/RHSA-2019:1106</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1107">https://access.redhat.com/errata/RHSA-2019:1107</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1108">https://access.redhat.com/errata/RHSA-2019:1108</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1140">https://access.redhat.com/errata/RHSA-2019:1140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1782">https://access.redhat.com/errata/RHSA-2019:1782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1797">https://access.redhat.com/errata/RHSA-2019:1797</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2804">https://access.redhat.com/errata/RHSA-2019:2804</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3002">https://access.redhat.com/errata/RHSA-2019:3002</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3140">https://access.redhat.com/errata/RHSA-2019:3140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-12022">https://access.redhat.com/security/cve/CVE-2018-12022</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1671098">https://bugzilla.redhat.com/show_bug.cgi?id=1671098</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a">https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2052">https://github.com/FasterXML/jackson-databind/issues/2052</a><br><a href="https://github.com/advisories/GHSA-cjjf-94ff-43w7">https://github.com/advisories/GHSA-cjjf-94ff-43w7</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E">https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.fedoraproject.org/archives/li
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-12023 | HIGH | 2.8.4 | 2.7.9.4, 2.8.11.2, 2.9.6 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/105659">http://www.securityfocus.com/bid/105659</a><br><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0877">https://access.redhat.com/errata/RHSA-2019:0877</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1106">https://access.redhat.com/errata/RHSA-2019:1106</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1107">https://access.redhat.com/errata/RHSA-2019:1107</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1108">https://access.redhat.com/errata/RHSA-2019:1108</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1140">https://access.redhat.com/errata/RHSA-2019:1140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1782">https://access.redhat.com/errata/RHSA-2019:1782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1797">https://access.redhat.com/errata/RHSA-2019:1797</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2804">https://access.redhat.com/errata/RHSA-2019:2804</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3002">https://access.redhat.com/errata/RHSA-2019:3002</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3140">https://access.redhat.com/errata/RHSA-2019:3140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-12023">https://access.redhat.com/security/cve/CVE-2018-12023</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a">https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2058">https://github.com/FasterXML/jackson-databind/issues/2058</a><br><a href="https://github.com/advisories/GHSA-6wqp-v4v6-c87c">https://github.com/advisories/GHSA-6wqp-v4v6-c87c</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E">https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC/">https://lists.fedoraproject.org/ar
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-5968 | HIGH | 2.8.4 | 2.7.9.5, 2.8.11.1, 2.9.4 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2018:0478">https://access.redhat.com/errata/RHSA-2018:0478</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0479">https://access.redhat.com/errata/RHSA-2018:0479</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0480">https://access.redhat.com/errata/RHSA-2018:0480</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0481">https://access.redhat.com/errata/RHSA-2018:0481</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1525">https://access.redhat.com/errata/RHSA-2018:1525</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-5968">https://access.redhat.com/security/cve/CVE-2018-5968</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5968">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5968</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/1899">https://github.com/FasterXML/jackson-databind/issues/1899</a><br><a href="https://github.com/GulajavaMinistudio/jackson-databind/pull/92/commits/038b471e2efde2e8f96b4e0be958d3e5a1ff1d05">https://github.com/GulajavaMinistudio/jackson-databind/pull/92/commits/038b471e2efde2e8f96b4e0be958d3e5a1ff1d05</a><br><a href="https://github.com/advisories/GHSA-w3f4-3q6j-rh82">https://github.com/advisories/GHSA-w3f4-3q6j-rh82</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-5968">https://nvd.nist.gov/vuln/detail/CVE-2018-5968</a><br><a href="https://security.netapp.com/advisory/ntap-20180423-0002/">https://security.netapp.com/advisory/ntap-20180423-0002/</a><br><a href="https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbhf03902en_us">https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbhf03902en_us</a><br><a href="https://www.debian.org/security/2018/dsa-4114">https://www.debian.org/security/2018/dsa-4114</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-12086 | HIGH | 2.8.4 | 2.7.9.6, 2.8.11.4, 2.9.9 | <details><summary>Expand...</summary><a href="http://russiansecurity.expert/2016/04/20/mysql-connect-file-read/">http://russiansecurity.expert/2016/04/20/mysql-connect-file-read/</a><br><a href="http://www.securityfocus.com/bid/109227">http://www.securityfocus.com/bid/109227</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2935">https://access.redhat.com/errata/RHSA-2019:2935</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2936">https://access.redhat.com/errata/RHSA-2019:2936</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2937">https://access.redhat.com/errata/RHSA-2019:2937</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2938">https://access.redhat.com/errata/RHSA-2019:2938</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2998">https://access.redhat.com/errata/RHSA-2019:2998</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3044">https://access.redhat.com/errata/RHSA-2019:3044</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3045">https://access.redhat.com/errata/RHSA-2019:3045</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3046">https://access.redhat.com/errata/RHSA-2019:3046</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3050">https://access.redhat.com/errata/RHSA-2019:3050</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3200">https://access.redhat.com/errata/RHSA-2019:3200</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-12086">https://access.redhat.com/security/cve/CVE-2019-12086</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2326">https://github.com/FasterXML/jackson-databind/issues/2326</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.9">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.9</a><br><a href="https://github.com/advisories/GHSA-5ww9-j83m-q7qx">https://github.com/advisories/GHSA-5ww9-j83m-q7qx</a><br><a href="https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/88cd25375805950ae7337e669b0cb0eeda98b9604c1b8d806dccbad2@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/88cd25375805950ae7337e669b0cb0eeda98b9604c1b8d806dccbad2@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925a
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-14439 | HIGH | 2.8.4 | 2.7.9.6, 2.8.11.4, 2.9.9.2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:3200">https://access.redhat.com/errata/RHSA-2019:3200</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-14439">https://access.redhat.com/security/cve/CVE-2019-14439</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b">https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b</a><br><a href="https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2">https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2389">https://github.com/FasterXML/jackson-databind/issues/2389</a><br><a href="https://github.com/advisories/GHSA-gwp4-hfv6-p7hw">https://github.com/advisories/GHSA-gwp4-hfv6-p7hw</a><br><a href="https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E">https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-10969 | HIGH | 2.8.4 | 2.7.9.7, 2.8.11.6, 2.9.10.4 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-10969">https://access.redhat.com/security/cve/CVE-2020-10969</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2642">https://github.com/FasterXML/jackson-databind/issues/2642</a><br><a href="https://github.com/advisories/GHSA-758m-v56v-grj4">https://github.com/advisories/GHSA-758m-v56v-grj4</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html">https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html</a><br><a href="https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062">https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-10969">https://nvd.nist.gov/vuln/detail/CVE-2020-10969</a><br><a href="https://security.netapp.com/advisory/ntap-20200403-0002/">https://security.netapp.com/advisory/ntap-20200403-0002/</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-35490 | HIGH | 2.8.4 | 2.9.10.8 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-35490">https://access.redhat.com/security/cve/CVE-2020-35490</a><br><a href="https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062">https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35490">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35490</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d">https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2986">https://github.com/FasterXML/jackson-databind/issues/2986</a><br><a href="https://github.com/advisories/GHSA-wh8g-3j2c-rqj5">https://github.com/advisories/GHSA-wh8g-3j2c-rqj5</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html">https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-35490">https://nvd.nist.gov/vuln/detail/CVE-2020-35490</a><br><a href="https://security.netapp.com/advisory/ntap-20210122-0005/">https://security.netapp.com/advisory/ntap-20210122-0005/</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-35491 | HIGH | 2.8.4 | 2.9.10.8 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-35491">https://access.redhat.com/security/cve/CVE-2020-35491</a><br><a href="https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062">https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35491">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35491</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d">https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2986">https://github.com/FasterXML/jackson-databind/issues/2986</a><br><a href="https://github.com/advisories/GHSA-r3gr-cxrf-hg25">https://github.com/advisories/GHSA-r3gr-cxrf-hg25</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html">https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-35491">https://nvd.nist.gov/vuln/detail/CVE-2020-35491</a><br><a href="https://security.netapp.com/advisory/ntap-20210122-0005/">https://security.netapp.com/advisory/ntap-20210122-0005/</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-36518 | HIGH | 2.8.4 | 2.12.6.1, 2.13.2.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-36518">https://access.redhat.com/security/cve/CVE-2020-36518</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b">https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2816">https://github.com/FasterXML/jackson-databind/issues/2816</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13</a><br><a href="https://github.com/advisories/GHSA-57j2-w4cx-62h2">https://github.com/advisories/GHSA-57j2-w4cx-62h2</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-36518">https://nvd.nist.gov/vuln/detail/CVE-2020-36518</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-1000873 | MEDIUM | 2.8.4 | 2.9.8 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-1000873">https://access.redhat.com/security/cve/CVE-2018-1000873</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1665601">https://bugzilla.redhat.com/show_bug.cgi?id=1665601</a><br><a href="https://github.com/FasterXML/jackson-modules-java8/issues/90">https://github.com/FasterXML/jackson-modules-java8/issues/90</a><br><a href="https://github.com/FasterXML/jackson-modules-java8/pull/87">https://github.com/FasterXML/jackson-modules-java8/pull/87</a><br><a href="https://github.com/advisories/GHSA-h4x4-5qp2-wp46">https://github.com/advisories/GHSA-h4x4-5qp2-wp46</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-1000873">https://nvd.nist.gov/vuln/detail/CVE-2018-1000873</a><br><a href="https://security.netapp.com/advisory/ntap-20200904-0004/">https://security.netapp.com/advisory/ntap-20200904-0004/</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2020.html">https://www.oracle.com/security-alerts/cpuapr2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-12384 | MEDIUM | 2.8.4 | 2.7.9.6, 2.8.11.4, 2.9.9.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:1820">https://access.redhat.com/errata/RHSA-2019:1820</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2720">https://access.redhat.com/errata/RHSA-2019:2720</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2935">https://access.redhat.com/errata/RHSA-2019:2935</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2936">https://access.redhat.com/errata/RHSA-2019:2936</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2937">https://access.redhat.com/errata/RHSA-2019:2937</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2938">https://access.redhat.com/errata/RHSA-2019:2938</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2998">https://access.redhat.com/errata/RHSA-2019:2998</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3200">https://access.redhat.com/errata/RHSA-2019:3200</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3292">https://access.redhat.com/errata/RHSA-2019:3292</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3297">https://access.redhat.com/errata/RHSA-2019:3297</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3901">https://access.redhat.com/errata/RHSA-2019:3901</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4352">https://access.redhat.com/errata/RHSA-2019:4352</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-12384">https://access.redhat.com/security/cve/CVE-2019-12384</a><br><a href="https://blog.doyensec.com/2019/07/22/jackson-gadgets.html">https://blog.doyensec.com/2019/07/22/jackson-gadgets.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12384">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12384</a><br><a href="https://doyensec.com/research.html">https://doyensec.com/research.html</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/c9ef4a10d6f6633cf470d6a469514b68fa2be234">https://github.com/FasterXML/jackson-databind/commit/c9ef4a10d6f6633cf470d6a469514b68fa2be234</a><br><a href="https://github.com/FasterXML/jackson-databind/compare/74b90a4...a977aad">https://github.com/FasterXML/jackson-databind/compare/74b90a4...a977aad</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2334">https://github.com/FasterXML/jackson-databind/issues/2334</a><br><a href="https://github.com/advisories/GHSA-mph4-vhrx-mv67">https://github.com/advisories/GHSA-mph4-vhrx-mv67</a><br><a href="https://linux.oracle.com/cve/CVE-2019-12384.html">https://linux.oracle.com/cve/CVE-2019-12384.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2019-2720.html">https://linux.oracle.com/errata/ELSA-2019-2720.html</a><br><a href="https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-12814 | MEDIUM | 2.8.4 | 2.7.9.6, 2.8.11.4, 2.9.9.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2935">https://access.redhat.com/errata/RHSA-2019:2935</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2936">https://access.redhat.com/errata/RHSA-2019:2936</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2937">https://access.redhat.com/errata/RHSA-2019:2937</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2938">https://access.redhat.com/errata/RHSA-2019:2938</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3044">https://access.redhat.com/errata/RHSA-2019:3044</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3045">https://access.redhat.com/errata/RHSA-2019:3045</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3046">https://access.redhat.com/errata/RHSA-2019:3046</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3050">https://access.redhat.com/errata/RHSA-2019:3050</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3200">https://access.redhat.com/errata/RHSA-2019:3200</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3292">https://access.redhat.com/errata/RHSA-2019:3292</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3297">https://access.redhat.com/errata/RHSA-2019:3297</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-12814">https://access.redhat.com/security/cve/CVE-2019-12814</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12814">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12814</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/5f7c69bba07a7155adde130d9dee2e54a54f1fa5">https://github.com/FasterXML/jackson-databind/commit/5f7c69bba07a7155adde130d9dee2e54a54f1fa5</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2341">https://github.com/FasterXML/jackson-databind/issues/2341</a><br><a href="https://github.com/advisories/GHSA-cmfg-87vq-g5g4">https://github.com/advisories/GHSA-cmfg-87vq-g5g4</a><br><a href="https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/129da0204c876f746636018751a086cc581e0e07bcdeb3ee22ff5731@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/129da0204c876f746636018751a086cc581e0e07bcdeb3ee22ff5731@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/15a55e1d837fa686db493137cc0330c7ee1089ed9a9eea7ae7151ef1@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/15a55e1d837fa686db493137cc0330c7ee1089ed9a9eea7ae7151ef1@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/1e04d9381c801b31ab28dec813c31c304b2a596b2a3707fa5462c5c0@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/1e04d9381c801b31ab28dec813c31c304b2a596b2a3707fa5462c5c0@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/28be28ffd6471d230943a255c36fe196a54ef5afc494a4781d16e37c@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/28be28ffd6471d230943a255c36fe196a54ef5afc494a4781d16e37c@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/2ff264b6a94c5363a35c4c88fa93216f60ec54d1d973ed6b76a9f560@%3Cissues.zookeeper
| com.h2database:h2 | CVE-2021-23463 | CRITICAL | 1.4.193 | 2.0.202 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-23463">https://access.redhat.com/security/cve/CVE-2021-23463</a><br><a href="https://github.com/advisories/GHSA-7rpj-hg47-cx62">https://github.com/advisories/GHSA-7rpj-hg47-cx62</a><br><a href="https://github.com/h2database/h2database/commit/d83285fd2e48fb075780ee95badee6f5a15ea7f8%23diff-008c2e4462609982199cd83e7cf6f1d6b41296b516783f6752c44b9f15dc7bc3">https://github.com/h2database/h2database/commit/d83285fd2e48fb075780ee95badee6f5a15ea7f8%23diff-008c2e4462609982199cd83e7cf6f1d6b41296b516783f6752c44b9f15dc7bc3</a><br><a href="https://github.com/h2database/h2database/issues/3195">https://github.com/h2database/h2database/issues/3195</a><br><a href="https://github.com/h2database/h2database/pull/3199">https://github.com/h2database/h2database/pull/3199</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-23463">https://nvd.nist.gov/vuln/detail/CVE-2021-23463</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-COMH2DATABASE-1769238">https://snyk.io/vuln/SNYK-JAVA-COMH2DATABASE-1769238</a><br></details> |
| com.h2database:h2 | CVE-2021-42392 | CRITICAL | 1.4.193 | 2.0.206 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42392">https://access.redhat.com/security/cve/CVE-2021-42392</a><br><a href="https://github.com/advisories/GHSA-h376-j262-vhq6">https://github.com/advisories/GHSA-h376-j262-vhq6</a><br><a href="https://github.com/h2database/h2database/releases/tag/version-2.0.206">https://github.com/h2database/h2database/releases/tag/version-2.0.206</a><br><a href="https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6">https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6</a><br><a href="https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console/">https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console/</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html">https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42392">https://nvd.nist.gov/vuln/detail/CVE-2021-42392</a><br><a href="https://security.netapp.com/advisory/ntap-20220119-0001/">https://security.netapp.com/advisory/ntap-20220119-0001/</a><br><a href="https://www.debian.org/security/2022/dsa-5076">https://www.debian.org/security/2022/dsa-5076</a><br></details> |
| com.h2database:h2 | CVE-2022-23221 | CRITICAL | 1.4.193 | 2.1.210 | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/165676/H2-Database-Console-Remote-Code-Execution.html">http://packetstormsecurity.com/files/165676/H2-Database-Console-Remote-Code-Execution.html</a><br><a href="http://seclists.org/fulldisclosure/2022/Jan/39">http://seclists.org/fulldisclosure/2022/Jan/39</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-23221">https://access.redhat.com/security/cve/CVE-2022-23221</a><br><a href="https://github.com/advisories/GHSA-45hx-wfhj-473x">https://github.com/advisories/GHSA-45hx-wfhj-473x</a><br><a href="https://github.com/h2database/h2database/releases/tag/version-2.1.210">https://github.com/h2database/h2database/releases/tag/version-2.1.210</a><br><a href="https://github.com/h2database/h2database/security/advisories">https://github.com/h2database/h2database/security/advisories</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html">https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-23221">https://nvd.nist.gov/vuln/detail/CVE-2022-23221</a><br><a href="https://twitter.com/d0nkey_man/status/1483824727936450564">https://twitter.com/d0nkey_man/status/1483824727936450564</a><br><a href="https://www.debian.org/security/2022/dsa-5076">https://www.debian.org/security/2022/dsa-5076</a><br></details> |
| com.h2database:h2 | GMS-2022-7 | UNKNOWN | 1.4.193 | 2.0.206 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-h376-j262-vhq6">https://github.com/advisories/GHSA-h376-j262-vhq6</a><br><a href="https://github.com/h2database/h2database/releases/tag/version-2.0.206">https://github.com/h2database/h2database/releases/tag/version-2.0.206</a><br><a href="https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6">https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6</a><br></details> |
| commons-io:commons-io | CVE-2021-29425 | MEDIUM | 2.4 | 2.7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-29425">https://access.redhat.com/security/cve/CVE-2021-29425</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425</a><br><a href="https://github.com/advisories/GHSA-gwrp-pvrq-jmwv">https://github.com/advisories/GHSA-gwrp-pvrq-jmwv</a><br><a href="https://issues.apache.org/jira/browse/IO-556">https://issues.apache.org/jira/browse/IO-556</a><br><a href="https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E">https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E">https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19@%3Cdev.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e@%3Cpluto-scm.portals.apache.org%3E">https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e@%3Cpluto-scm.portals.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a@%3Cdev.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2@%3Ccommits.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2@%3Ccommits.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thre
| org.apache.httpcomponents:httpclient | CVE-2020-13956 | MEDIUM | 4.5.2 | 4.5.13 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-13956">https://access.redhat.com/security/cve/CVE-2020-13956</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1886587">https://bugzilla.redhat.com/show_bug.cgi?id=1886587</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13956">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13956</a><br><a href="https://github.com/advisories/GHSA-7r82-7xv7-xcpj">https://github.com/advisories/GHSA-7r82-7xv7-xcpj</a><br><a href="https://lists.apache.org/thread.html/r03bbc318c81be21f5c8a9b85e34f2ecc741aa804a8e43b0ef2c37749@%3Cissues.maven.apache.org%3E">https://lists.apache.org/thread.html/r03bbc318c81be21f5c8a9b85e34f2ecc741aa804a8e43b0ef2c37749@%3Cissues.maven.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r043a75acdeb52b15dd5e9524cdadef4202e6a5228644206acf9363f9@%3Cdev.hive.apache.org%3E">https://lists.apache.org/thread.html/r043a75acdeb52b15dd5e9524cdadef4202e6a5228644206acf9363f9@%3Cdev.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r06cf3ca5c8ceb94b39cd24a73d4e96153b485a7dac88444dd876accb@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/r06cf3ca5c8ceb94b39cd24a73d4e96153b485a7dac88444dd876accb@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0a75b8f0f72f3e18442dc56d33f3827b905f2fe5b7ba48997436f5d1@%3Cissues.solr.apache.org%3E">https://lists.apache.org/thread.html/r0a75b8f0f72f3e18442dc56d33f3827b905f2fe5b7ba48997436f5d1@%3Cissues.solr.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0bebe6f9808ac7bdf572873b4fa96a29c6398c90dab29f131f3ebffe@%3Cissues.solr.apache.org%3E">https://lists.apache.org/thread.html/r0bebe6f9808ac7bdf572873b4fa96a29c6398c90dab29f131f3ebffe@%3Cissues.solr.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r12cb62751b35bdcda0ae2a08b67877d665a1f4d41eee0fa7367169e0@%3Cdev.ranger.apache.org%3E">https://lists.apache.org/thread.html/r12cb62751b35bdcda0ae2a08b67877d665a1f4d41eee0fa7367169e0@%3Cdev.ranger.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r132e4c6a560cfc519caa1aaee63bdd4036327610eadbd89f76dd5457@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/r132e4c6a560cfc519caa1aaee63bdd4036327610eadbd89f76dd5457@%3Cdev.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2835543ef0f91adcc47da72389b816e36936f584c7be584d2314fac3@%3Cissues.lucene.apache.org%3E">https://lists.apache.org/thread.html/r2835543ef0f91adcc47da72389b816e36936f584c7be584d2314fac3@%3Cissues.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2a03dc210231d7e852ef73015f71792ac0fcaca6cccc024c522ef17d@%3Ccommits.creadur.apache.org%3E">https://lists.apache.org/thread.html/r2a03dc210231d7e852ef73015f71792ac0fcaca6cccc024c522ef17d@%3Ccommits.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2dc7930b43eadc78220d269b79e13ecd387e4bee52db67b2f47d4303@%3Cgitbox.hive.apache.org%3E">https://lists.apache.org/thread.html/r2dc7930b43eadc78220d269b79e13ecd387e4bee52db67b2f47d4303@%3Cgitbox.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r34178ab6ef106bc940665fd3f4ba5026fac3603b3fa2aefafa0b619d@%3Cdev.ranger.apache.org%3E">https://lists.apache.org/thread.html/r34178ab6ef106bc940665fd3f4ba5026fac3603b3fa2aefafa0b619d@%3Cdev.ranger.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r34efec51cb817397ccf9f86e25a75676d435ba5f83ee7b2eabdad707@%3Ccommits.creadur.apache.org%3E">https://lists.apache.org/thread.html/r34efec51cb817397ccf9f86e25a75676d435ba5f83ee7b2eabdad707@%3Ccommits.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3cecd59fba74404cbf4eb430135e1080897fb376f111406a78bed13a@%3Cissues.lucene.apache.org%3E">https://lists.apache.org/thread.html/r3cecd59fba74404cbf4eb430135e1080897fb376f111406a78bed13a@%3Cissues.lucene.apache.org%
| org.apache.logging.log4j:log4j-core | CVE-2017-5645 | CRITICAL | 2.4.1 | 2.8.2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2019/12/19/2">http://www.openwall.com/lists/oss-security/2019/12/19/2</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html">http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html">http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html">http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/97702">http://www.securityfocus.com/bid/97702</a><br><a href="http://www.securitytracker.com/id/1040200">http://www.securitytracker.com/id/1040200</a><br><a href="http://www.securitytracker.com/id/1041294">http://www.securitytracker.com/id/1041294</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1417">https://access.redhat.com/errata/RHSA-2017:1417</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1801">https://access.redhat.com/errata/RHSA-2017:1801</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1802">https://access.redhat.com/errata/RHSA-2017:1802</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2423">https://access.redhat.com/errata/RHSA-2017:2423</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2633">https://access.redhat.com/errata/RHSA-2017:2633</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2635">https://access.redhat.com/errata/RHSA-2017:2635</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2636">https://access.redhat.com/errata/RHSA-2017:2636</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2637">https://access.redhat.com/errata/RHSA-2017:2637</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2638">https://access.redhat.com/errata/RHSA-2017:2638</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2808">https://access.redhat.com/errata/RHSA-2017:2808</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2809">https://access.redhat.com/errata/RHSA-2017:2809</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2810">https://access.redhat.com/errata/RHSA-2017:2810</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2811">https://access.redhat.com/errata/RHSA-2017:2811</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2888">https://access.redhat.com/errata/RHSA-2017:2888</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2889">https://access.redhat.com/errata/RHSA-2017:2889</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3244">https://access.redhat.com/errata/RHSA-2017:3244</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3399">https://access.redhat.com/errata/RHSA-2017:3399</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3400">https://access.redhat.com/errata/RHSA-2017:3400</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1545">https://access.redhat.com/errata/RHSA-2019:1545</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-5645">https://access.redhat.com/security/cve/CVE-2017-5645</a><br><a href="https://github.com/advisories/GHSA-fxph-q3j8-mv87">https://github.com/advisories/GHSA-fxph-q3j8-mv87</a><br><a href="https://issues.apache.org/jira/browse/LOG4J2-1863">https://issues.apache.org/jira/browse/LOG4J2-1863</a><br><a href="https://linux.oracle.com/cve/CVE-2017-5645.html">https://linux.oracle.com/cve/CVE-2017-5645.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2017-2423.html">https://linux.oracle.com/errata/ELSA-2017-2423.html</a><br><a href="https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9@%3Cdev.logging.
| org.apache.logging.log4j:log4j-core | CVE-2021-44228 | CRITICAL | 2.4.1 | 2.12.2, 2.3.1, 2.15.0 | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html">http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html</a><br><a href="http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html">http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html</a><br><a href="http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html">http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html</a><br><a href="http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html">http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html</a><br><a href="http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html">http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html</a><br><a href="http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html">http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html</a><br><a href="http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html">http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html</a><br><a href="http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html">http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html</a><br><a href="http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html">http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html</a><br><a href="http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html">http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html</a><br><a href="http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html">http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html</a><br><a href="http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html">http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html</a><br><a href="http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html">http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html</a><br><a href="http://seclists.org/fulldisclosure/2022/Mar/23">http://seclists.org/fulldisclosure/2022/Mar/23</a><br><a href="http://www.openwall.com/lists/oss-security/2021/12/10/1">http://www.openwall.com/lists/oss-security/2021/12/10/1</a><br><a href="http://www.openwall.com/lists/oss-security/2021/12/10/2">http://www.openwall.com/lists/oss-security/2021/12/10/2</a><br><a href="http://www.openwall.com/lists/oss-security/2021/12/10/3">http://www.openwall.com/lists/oss-security/2021/12/10/3</a><br><a href="http://www.openwall.com/lists/oss-security/2021/12/13/1">http://www.openwall.com/lists/oss-security/2021/12/13/1</a><br><a href="http://www.openwall.com/lists/oss-security/2021/12/13/2">http://www.openwall.com/lists/oss-security/2021/12/13/2</a><br><a href="http://www.openwall.com/lists/oss-security/2021/12/14/4">http://www.openwall.com/lists/oss-security/2021/12/14/4</a><br><a href="http://www.openwall.com/lists/oss-security/2021/12/15/3">http://www.openwall.com/lists/oss-security/2021/12/15/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-44228">https://access.redhat.com/security/cve/CVE-2021-44228</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pd
| org.apache.logging.log4j:log4j-core | CVE-2021-45046 | CRITICAL | 2.4.1 | 2.12.2, 2.16.0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/12/14/4">http://www.openwall.com/lists/oss-security/2021/12/14/4</a><br><a href="http://www.openwall.com/lists/oss-security/2021/12/15/3">http://www.openwall.com/lists/oss-security/2021/12/15/3</a><br><a href="http://www.openwall.com/lists/oss-security/2021/12/18/1">http://www.openwall.com/lists/oss-security/2021/12/18/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-44228">https://access.redhat.com/security/cve/CVE-2021-44228</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-45046">https://access.redhat.com/security/cve/CVE-2021-45046</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046</a><br><a href="https://github.com/advisories/GHSA-7rjr-3q55-vv33">https://github.com/advisories/GHSA-7rjr-3q55-vv33</a><br><a href="https://github.com/advisories/GHSA-jfh8-c2jp-5v3q">https://github.com/advisories/GHSA-jfh8-c2jp-5v3q</a><br><a href="https://issues.apache.org/jira/browse/LOG4J2-3221">https://issues.apache.org/jira/browse/LOG4J2-3221</a><br><a href="https://lists.apache.org/thread/83y7dx5xvn3h5290q1twn16tltolv88f">https://lists.apache.org/thread/83y7dx5xvn3h5290q1twn16tltolv88f</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/</a><br><a href="https://logging.apache.org/log4j/2.x/security.html">https://logging.apache.org/log4j/2.x/security.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-45046">https://nvd.nist.gov/vuln/detail/CVE-2021-45046</a><br><a href="https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032">https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032</a><br><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd</a><br><a href="https://ubuntu.com/security/notices/USN-5197-1">https://ubuntu.com/security/notices/USN-5197-1</a><br><a href="https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Log4Shell">https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Log4Shell</a><br><a href="https://www.cve.org/CVERecord?id=CVE-2021-44228">https://www.cve.org/CVERecord?id=CVE-2021-44228</a><br><a href="https://www.cve.org/CVERecord?id=CVE-2021-45046">https://www.cve.org/CVERecord?id=CVE-2021-45046</a><br><a href="https://www.debian.org/security/2021/dsa-5022">https://www.debian.org/security/2021/dsa-5022</a><br><a href="https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html">https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html</a><br><a href="https://www.kb.cert.org/vuls/id/930724">https://www.kb.cert.org/vuls/id/930724</a><br><a href="https://www.openwall.com/lists/oss-security/2021/12/14/4">https://www.openwall
| org.apache.logging.log4j:log4j-core | CVE-2021-45105 | HIGH | 2.4.1 | 2.17.0, 2.12.3 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/12/19/1">http://www.openwall.com/lists/oss-security/2021/12/19/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-45105">https://access.redhat.com/security/cve/CVE-2021-45105</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105</a><br><a href="https://github.com/advisories/GHSA-p6xc-xr62-6r2g">https://github.com/advisories/GHSA-p6xc-xr62-6r2g</a><br><a href="https://issues.apache.org/jira/browse/LOG4J2-3230">https://issues.apache.org/jira/browse/LOG4J2-3230</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/12/msg00017.html">https://lists.debian.org/debian-lts-announce/2021/12/msg00017.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/</a><br><a href="https://logging.apache.org/log4j/2.x/security.html">https://logging.apache.org/log4j/2.x/security.html</a><br><a href="https://logging.apache.org/log4j/2.x/security.html#CVE-2021-45105">https://logging.apache.org/log4j/2.x/security.html#CVE-2021-45105</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-45105">https://nvd.nist.gov/vuln/detail/CVE-2021-45105</a><br><a href="https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032">https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032</a><br><a href="https://security.netapp.com/advisory/ntap-20211218-0001/">https://security.netapp.com/advisory/ntap-20211218-0001/</a><br><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd</a><br><a href="https://ubuntu.com/security/notices/USN-5203-1">https://ubuntu.com/security/notices/USN-5203-1</a><br><a href="https://ubuntu.com/security/notices/USN-5222-1">https://ubuntu.com/security/notices/USN-5222-1</a><br><a href="https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Log4Shell">https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Log4Shell</a><br><a href="https://www.cve.org/CVERecord?id=CVE-2021-45105">https://www.cve.org/CVERecord?id=CVE-2021-45105</a><br><a href="https://www.debian.org/security/2021/dsa-5024">https://www.debian.org/security/2021/dsa-5024</a><br><a href="https://www.kb.cert.org/vuls/id/930724">https://www.kb.cert.org/vuls/id/930724</a><br><a href="https://www.openwall.com/lists/oss-security/2021/12/19/1">https://www.openwall.com/lists/oss-security/2021/12/19/1</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.zerodayinitiative.com/advisories/ZDI-21-1541/">https://www.zerodayinitiative.com/advisories/ZDI-21-1541/</a><br></details> |
| org.apache.logging.log4j:log4j-core | CVE-2021-44832 | MEDIUM | 2.4.1 | 2.17.1, 2.12.4, 2.3.2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/12/28/1">http://www.openwall.com/lists/oss-security/2021/12/28/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-44832">https://access.redhat.com/security/cve/CVE-2021-44832</a><br><a href="https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf">https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832</a><br><a href="https://github.com/advisories/GHSA-8489-44mv-ggj8">https://github.com/advisories/GHSA-8489-44mv-ggj8</a><br><a href="https://github.com/apache/logging-log4j2/commit/05db5f9527254632b59aed2a1d78a32c5ab74f16">https://github.com/apache/logging-log4j2/commit/05db5f9527254632b59aed2a1d78a32c5ab74f16</a><br><a href="https://issues.apache.org/jira/browse/LOG4J2-3293">https://issues.apache.org/jira/browse/LOG4J2-3293</a><br><a href="https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143">https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html">https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-44832">https://nvd.nist.gov/vuln/detail/CVE-2021-44832</a><br><a href="https://security.netapp.com/advisory/ntap-20220104-0001/">https://security.netapp.com/advisory/ntap-20220104-0001/</a><br><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd</a><br><a href="https://ubuntu.com/security/notices/USN-5222-1">https://ubuntu.com/security/notices/USN-5222-1</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br></details> |
| org.apache.logging.log4j:log4j-core | CVE-2020-9488 | LOW | 2.4.1 | 2.13.2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-9488">https://access.redhat.com/security/cve/CVE-2020-9488</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9488">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9488</a><br><a href="https://gitbox.apache.org/repos/asf?p=logging-log4j2.git;h=6851b5083ef9610bae320bf07e1f24d2aa08851b (release-2.x)">https://gitbox.apache.org/repos/asf?p=logging-log4j2.git;h=6851b5083ef9610bae320bf07e1f24d2aa08851b (release-2.x)</a><br><a href="https://gitbox.apache.org/repos/asf?p=logging-log4j2.git;h=fb91a3d71e2f3dadad6fd1beb2ab857f44fe8bbb (master)">https://gitbox.apache.org/repos/asf?p=logging-log4j2.git;h=fb91a3d71e2f3dadad6fd1beb2ab857f44fe8bbb (master)</a><br><a href="https://github.com/advisories/GHSA-vwqq-5vrc-xw9h">https://github.com/advisories/GHSA-vwqq-5vrc-xw9h</a><br><a href="https://issues.apache.org/jira/browse/LOG4J2-2819">https://issues.apache.org/jira/browse/LOG4J2-2819</a><br><a href="https://lists.apache.org/thread.html/r0a2699f724156a558afd1abb6c044fb9132caa66dce861b82699722a@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/r0a2699f724156a558afd1abb6c044fb9132caa66dce861b82699722a@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0df3d7a5acb98c57e64ab9266aa21eeee1d9b399addb96f9cf1cbe05@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r0df3d7a5acb98c57e64ab9266aa21eeee1d9b399addb96f9cf1cbe05@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1fc73f0e16ec2fa249d3ad39a5194afb9cc5afb4c023dc0bab5a5881@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/r1fc73f0e16ec2fa249d3ad39a5194afb9cc5afb4c023dc0bab5a5881@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r22a56beb76dd8cf18e24fda9072f1e05990f49d6439662d3782a392f@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/r22a56beb76dd8cf18e24fda9072f1e05990f49d6439662d3782a392f@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E">https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2f209d271349bafd91537a558a279c08ebcff8fa3e547357d58833e6@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r2f209d271349bafd91537a558a279c08ebcff8fa3e547357d58833e6@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r33864a0fc171c1c4bf680645ebb6d4f8057899ab294a43e1e4fe9d04@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/r33864a0fc171c1c4bf680645ebb6d4f8057899ab294a43e1e4fe9d04@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r393943de452406f0f6f4b3def9f8d3c071f96323c1f6ed1a098f7fe4@%3Ctorque-dev.db.apache.org%3E">https://lists.apache.org/thread.html/r393943de452406f0f6f4b3def9f8d3c071f96323c1f6ed1a098f7fe4@%3Ctorque-dev.db.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3d1d00441c55144a4013adda74b051ae7864128ebcfb6ee9721a2eb3@%3Cissues.hive.apache.org%3E">https://lists.apache.org/thread.html/r3d1d00441c55144a4013adda74b051ae7864128ebcfb6ee9721a2eb3@%3Cissues.hive.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4285398e5585a0456d3d9db021a4fce6e6fcf3ec027dfa13a450ec98@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r4285398e5585a0456d3d9db021a4fce6e6fcf3ec027dfa13a450ec98@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r45916179811a32cbaa500f972de9098e6ee80ee81c7f134fce83e03a@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/r45916179811a32cbaa500f972de9098e6ee80ee81c7f134fce83e03a@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r48
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2017-5648 | CRITICAL | 8.5.6 | 7.0.76, 8.0.42, 8.5.12, 9.0.1 | <details><summary>Expand...</summary><a href="http://www.debian.org/security/2017/dsa-3842">http://www.debian.org/security/2017/dsa-3842</a><br><a href="http://www.debian.org/security/2017/dsa-3843">http://www.debian.org/security/2017/dsa-3843</a><br><a href="http://www.openwall.com/lists/oss-security/2017/04/10/23">http://www.openwall.com/lists/oss-security/2017/04/10/23</a><br><a href="http://www.openwall.com/lists/oss-security/2020/07/20/8">http://www.openwall.com/lists/oss-security/2020/07/20/8</a><br><a href="http://www.securityfocus.com/bid/97530">http://www.securityfocus.com/bid/97530</a><br><a href="http://www.securitytracker.com/id/1038220">http://www.securitytracker.com/id/1038220</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1801">https://access.redhat.com/errata/RHSA-2017:1801</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1802">https://access.redhat.com/errata/RHSA-2017:1802</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1809">https://access.redhat.com/errata/RHSA-2017:1809</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-5648">https://access.redhat.com/security/cve/CVE-2017-5648</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648</a><br><a href="https://linux.oracle.com/cve/CVE-2017-5648.html">https://linux.oracle.com/cve/CVE-2017-5648.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2017-1809.html">https://linux.oracle.com/errata/ELSA-2017-1809.html</a><br><a href="https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r48c1444845fe15a
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2017-5651 | CRITICAL | 8.5.6 | 8.5.13, 9.0.1 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html">http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html</a><br><a href="http://www.securityfocus.com/bid/97544">http://www.securityfocus.com/bid/97544</a><br><a href="http://www.securitytracker.com/id/1038219">http://www.securitytracker.com/id/1038219</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-5651">https://access.redhat.com/security/cve/CVE-2017-5651</a><br><a href="https://bz.apache.org/bugzilla/show_bug.cgi?id=60918">https://bz.apache.org/bugzilla/show_bug.cgi?id=60918</a><br><a href="https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6694538826b87522fb723d2dcedd537e14ebe0a381d92e5525a531d8@%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/6694538826b87522fb723d2dcedd537e14ebe0a381d92e5525a531d8@%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-5651">https://nvd.nist.gov/vuln/detail/CVE-2017-5651</a><br><a href="https://security.gentoo.org/glsa/201705-09">https://security.gentoo.org/glsa/201705-09</a><br><a href="https://security.netapp.com/advisory/ntap-20180614-0001/">https://security.netapp.com/advisory/ntap-20180614-0001/</a><br></details> |
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2018-8014 | CRITICAL | 8.5.6 | 9.0.9, 9.0.9, 9.0.9, 9.0.9, 8.0.53, 7.0.88 | <details><summary>Expand...</summary><a href="http://tomcat.apache.org/security-7.html">http://tomcat.apache.org/security-7.html</a><br><a href="http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.89">http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.89</a><br><a href="http://tomcat.apache.org/security-8.html">http://tomcat.apache.org/security-8.html</a><br><a href="http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.53">http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.53</a><br><a href="http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.32">http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.32</a><br><a href="http://tomcat.apache.org/security-9.html">http://tomcat.apache.org/security-9.html</a><br><a href="http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.9">http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.9</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/104203">http://www.securityfocus.com/bid/104203</a><br><a href="http://www.securitytracker.com/id/1040998">http://www.securitytracker.com/id/1040998</a><br><a href="http://www.securitytracker.com/id/1041888">http://www.securitytracker.com/id/1041888</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2469">https://access.redhat.com/errata/RHSA-2018:2469</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2470">https://access.redhat.com/errata/RHSA-2018:2470</a><br><a href="https://access.redhat.com/errata/RHSA-2018:3768">https://access.redhat.com/errata/RHSA-2018:3768</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0450">https://access.redhat.com/errata/RHSA-2019:0450</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0451">https://access.redhat.com/errata/RHSA-2019:0451</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1529">https://access.redhat.com/errata/RHSA-2019:1529</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2205">https://access.redhat.com/errata/RHSA-2019:2205</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-8014">https://access.redhat.com/security/cve/CVE-2018-8014</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014</a><br><a href="https://github.com/advisories/GHSA-r4x2-3cq5-hqvp">https://github.com/advisories/GHSA-r4x2-3cq5-hqvp</a><br><a href="https://linux.oracle.com/cve/CVE-2018-8014.html">https://linux.oracle.com/cve/CVE-2018-8014.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2019-2205.html">https://linux.oracle.com/errata/ELSA-2019-2205.html</a><br><a href="https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf9
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2020-1938 | CRITICAL | 8.5.6 | 9.0.31, 9.0.31, 9.0.31, 7.0.100 | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html">http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html">http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html</a><br><a href="http://support.blackberry.com/kb/articleDetail?articleNumber=000062739">http://support.blackberry.com/kb/articleDetail?articleNumber=000062739</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-1938">https://access.redhat.com/security/cve/CVE-2020-1938</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938</a><br><a href="https://github.com/advisories/GHSA-c9hw-wf7x-jp9j">https://github.com/advisories/GHSA-c9hw-wf7x-jp9j</a><br><a href="https://linux.oracle.com/cve/CVE-2020-1938.html">https://linux.oracle.com/cve/CVE-2020-1938.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-0912.html">https://linux.oracle.com/errata/ELSA-2020-0912.html</a><br><a href="https://lists.apache.org/thread.html/r089dc67c0358a1556dd279c762c74f32d7a254a54836b7ee2d839d8e@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/r089dc67c0358a1556dd279c762c74f32d7a254a54836b7ee2d839d8e@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r17aaa3a05b5b7fe9075613dd0c681efa60a4f8c8fbad152c61371b6e@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r17aaa3a05b5b7fe9075613dd0c681efa60a4f8c8fbad152c61371b6e@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r38a5b7943b9a62ecb853acc22ef08ff586a7b3c66e08f949f0396ab1@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r38a5b7943b9a62ecb853acc22ef08ff586a7b3c66e08f949f0396ab1@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r43faacf64570b1d9a4bada407a5af3b2738b0c007b905f1b6b608c65@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r43faacf64570b1d9a4bada407a5af3b2738b0c007b905f1b6b608c65@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r47caef01f663106c2bb81d116b8380d62beac9e543dd3f3bc2c2beda@%3Ccommits.tomee.apache.org%3E">https://lists.apache.org/thread.html/r47caef01f663106c2bb81d116b8380d62beac9e543dd3f3bc2c2beda@%3Ccommits.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4afa11e0464408e68f0e9560e90b185749363a66398b1491254f7864@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r4afa11e0464408e68f0e9560e90b185749363a66398b1491254f7864@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4f86cb260196e5cfcbbe782822c225ddcc70f54560f14a8f11c6926f@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r4f86cb260196e5cfcbbe782822c225ddcc70f54560f14a8f11c6926f@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r549b43509e387a42656f0641fa311bf27c127c244fe02007d5b8d6f6@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r549b43509e387a42656f0641fa311bf27c127c244fe02007d5b8d6f6@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r57f5e4ced436ace518a9e222fabe27fb785f09f5bf974814cc48ca97@%3Ccommits.tomee.apache.org%3E">https://lists.apache.org/thread.html/r57f5e4ced436ace518a9e222fabe27fb785f09f5bf974814cc48ca97@%3Ccommits.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r5e2f1201b92ee05a0527cfc076a81ea0c270be299b87895c0ddbe02b@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thre
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2016-8745 | HIGH | 8.5.6 | 7.0.75, 8.0.41, 8.5.9, 9.0.1 | <details><summary>Expand...</summary><a href="http://rhn.redhat.com/errata/RHSA-2017-0457.html">http://rhn.redhat.com/errata/RHSA-2017-0457.html</a><br><a href="http://rhn.redhat.com/errata/RHSA-2017-0527.html">http://rhn.redhat.com/errata/RHSA-2017-0527.html</a><br><a href="http://www.debian.org/security/2017/dsa-3754">http://www.debian.org/security/2017/dsa-3754</a><br><a href="http://www.debian.org/security/2017/dsa-3755">http://www.debian.org/security/2017/dsa-3755</a><br><a href="http://www.openwall.com/lists/oss-security/2016/12/12/1">http://www.openwall.com/lists/oss-security/2016/12/12/1</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html">http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html</a><br><a href="http://www.securityfocus.com/bid/94828">http://www.securityfocus.com/bid/94828</a><br><a href="http://www.securitytracker.com/id/1037432">http://www.securitytracker.com/id/1037432</a><br><a href="https://access.redhat.com/errata/RHSA-2017:0455">https://access.redhat.com/errata/RHSA-2017:0455</a><br><a href="https://access.redhat.com/errata/RHSA-2017:0456">https://access.redhat.com/errata/RHSA-2017:0456</a><br><a href="https://access.redhat.com/errata/RHSA-2017:0935">https://access.redhat.com/errata/RHSA-2017:0935</a><br><a href="https://access.redhat.com/security/cve/CVE-2016-8745">https://access.redhat.com/security/cve/CVE-2016-8745</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745</a><br><a href="https://linux.oracle.com/cve/CVE-2016-8745.html">https://linux.oracle.com/cve/CVE-2016-8745.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2017-0935.html">https://linux.oracle.com/errata/ELSA-2017-0935.html</a><br><a href="https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/4113c05d37f37c12b8033205684f04033c5f7a9bae117d4af23b32b4@%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/4113c05d37f37c12b8033205684f04033c5f7a9bae117d4af23b32b4@%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E">https://lists.apache.o
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2017-12617 | HIGH | 8.5.6 | 7.0.52, 7.0.78, 7.0.82, 8.0.3, 8.0.5, 8.0.8, 8.0.47, 8.5.23, 9.0.1 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html">http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html">http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html">http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html</a><br><a href="http://www.securityfocus.com/bid/100954">http://www.securityfocus.com/bid/100954</a><br><a href="http://www.securitytracker.com/id/1039552">http://www.securitytracker.com/id/1039552</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3080">https://access.redhat.com/errata/RHSA-2017:3080</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3081">https://access.redhat.com/errata/RHSA-2017:3081</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3113">https://access.redhat.com/errata/RHSA-2017:3113</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3114">https://access.redhat.com/errata/RHSA-2017:3114</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0268">https://access.redhat.com/errata/RHSA-2018:0268</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0269">https://access.redhat.com/errata/RHSA-2018:0269</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0270">https://access.redhat.com/errata/RHSA-2018:0270</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0271">https://access.redhat.com/errata/RHSA-2018:0271</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0275">https://access.redhat.com/errata/RHSA-2018:0275</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0465">https://access.redhat.com/errata/RHSA-2018:0465</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0466">https://access.redhat.com/errata/RHSA-2018:0466</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2939">https://access.redhat.com/errata/RHSA-2018:2939</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-12617">https://access.redhat.com/security/cve/CVE-2017-12617</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617</a><br><a href="https://linux.oracle.com/cve/CVE-2017-12617.html">https://linux.oracle.com/cve/CVE-2017-12617.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2017-3081.html">https://linux.oracle.com/errata/ELSA-2017-3081.html</a><br><a href="https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb@%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb@%3Cannounce.tomcat.apache.org%3E</a><br><a href="https:/
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2017-5650 | HIGH | 8.5.6 | 8.5.13, 9.0.1 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html">http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html</a><br><a href="http://www.securityfocus.com/bid/97531">http://www.securityfocus.com/bid/97531</a><br><a href="http://www.securitytracker.com/id/1038217">http://www.securitytracker.com/id/1038217</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-5650">https://access.redhat.com/security/cve/CVE-2017-5650</a><br><a href="https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/d24303fb095db072740d8154b0f0db3f2b8f67bc91a0562dbe89c738@%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/d24303fb095db072740d8154b0f0db3f2b8f67bc91a0562dbe89c738@%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-5650">https://nvd.nist.gov/vuln/detail/CVE-2017-5650</a><br><a href="https://security.gentoo.org/glsa/201705-09">https://security.gentoo.org/glsa/201705-09</a><br><a href="https://security.netapp.com/advisory/ntap-20180614-0001/">https://security.netapp.com/advisory/ntap-20180614-0001/</a><br></details> |
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2017-5664 | HIGH | 8.5.6 | 7.0.52, 7.0.78, 8.0.8, 8.0.44, 8.5.15, 9.0.1 | <details><summary>Expand...</summary><a href="http://apt.inguza.net/wheezy-security/tomcat/tomcat8-CVE-2017-5664.patch">http://apt.inguza.net/wheezy-security/tomcat/tomcat8-CVE-2017-5664.patch</a><br><a href="http://www.debian.org/security/2017/dsa-3891">http://www.debian.org/security/2017/dsa-3891</a><br><a href="http://www.debian.org/security/2017/dsa-3892">http://www.debian.org/security/2017/dsa-3892</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html">http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html">http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html">http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html</a><br><a href="http://www.securityfocus.com/bid/98888">http://www.securityfocus.com/bid/98888</a><br><a href="http://www.securitytracker.com/id/1038641">http://www.securitytracker.com/id/1038641</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1801">https://access.redhat.com/errata/RHSA-2017:1801</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1802">https://access.redhat.com/errata/RHSA-2017:1802</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1809">https://access.redhat.com/errata/RHSA-2017:1809</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2493">https://access.redhat.com/errata/RHSA-2017:2493</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2494">https://access.redhat.com/errata/RHSA-2017:2494</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2633">https://access.redhat.com/errata/RHSA-2017:2633</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2635">https://access.redhat.com/errata/RHSA-2017:2635</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2636">https://access.redhat.com/errata/RHSA-2017:2636</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2637">https://access.redhat.com/errata/RHSA-2017:2637</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2638">https://access.redhat.com/errata/RHSA-2017:2638</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3080">https://access.redhat.com/errata/RHSA-2017:3080</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-5664">https://access.redhat.com/security/cve/CVE-2017-5664</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664</a><br><a href="https://linux.oracle.com/cve/CVE-2017-5664.html">https://linux.oracle.com/cve/CVE-2017-5664.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2017-3080.html">https://linux.oracle.com/errata/ELSA-2017-3080.html</a><br><a href="https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E">https://lists.
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2017-7675 | HIGH | 8.5.6 | 8.5.16, 9.0.1 | <details><summary>Expand...</summary><a href="http://www.debian.org/security/2017/dsa-3974">http://www.debian.org/security/2017/dsa-3974</a><br><a href="http://www.securityfocus.com/bid/100256">http://www.securityfocus.com/bid/100256</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-7675">https://access.redhat.com/security/cve/CVE-2017-7675</a><br><a href="https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5f8ab8a02f3610bd56ea2b0d69af25cbde451d79c46276c350e05a15@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/5f8ab8a02f3610bd56ea2b0d69af25cbde451d79c46276c350e05a15@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/d3a5818e8af731bde6a05ef031ed3acc093c6dd7c4bfcc4936eafd6c@%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/d3a5818e8af731bde6a05ef031ed3acc093c6dd7c4bfcc4936eafd6c@%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-7675">https://nvd.nist.gov/vuln/detail/CVE-2017-7675</a><br><a href="https://security.netapp.com/advisory/ntap-20180614-0003/">https://security.netapp.com/advisory/ntap-20180614-0003/</a><br><a href="https://tomcat.apache.org/security-8.html">https://tomcat.apache.org/security-8.html</a><br></details> |
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2018-1336 | HIGH | 8.5.6 | 9.0.8, 9.0.8, 9.0.8, 9.0.8, 8.0.51, 7.0.87 | <details><summary>Expand...</summary><a href="http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090435.GA60759%40minotaur.apache.org%3E">http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090435.GA60759%40minotaur.apache.org%3E</a><br><a href="http://www.securityfocus.com/bid/104898">http://www.securityfocus.com/bid/104898</a><br><a href="http://www.securitytracker.com/id/1041375">http://www.securitytracker.com/id/1041375</a><br><a href="https://access.redhat.com/errata/RHEA-2018:2188">https://access.redhat.com/errata/RHEA-2018:2188</a><br><a href="https://access.redhat.com/errata/RHEA-2018:2189">https://access.redhat.com/errata/RHEA-2018:2189</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2700">https://access.redhat.com/errata/RHSA-2018:2700</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2701">https://access.redhat.com/errata/RHSA-2018:2701</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2740">https://access.redhat.com/errata/RHSA-2018:2740</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2741">https://access.redhat.com/errata/RHSA-2018:2741</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2742">https://access.redhat.com/errata/RHSA-2018:2742</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2743">https://access.redhat.com/errata/RHSA-2018:2743</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2921">https://access.redhat.com/errata/RHSA-2018:2921</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2930">https://access.redhat.com/errata/RHSA-2018:2930</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2939">https://access.redhat.com/errata/RHSA-2018:2939</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2945">https://access.redhat.com/errata/RHSA-2018:2945</a><br><a href="https://access.redhat.com/errata/RHSA-2018:3768">https://access.redhat.com/errata/RHSA-2018:3768</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-1336">https://access.redhat.com/security/cve/CVE-2018-1336</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336</a><br><a href="https://github.com/advisories/GHSA-m59c-jpc8-m2x4">https://github.com/advisories/GHSA-m59c-jpc8-m2x4</a><br><a href="https://linux.oracle.com/cve/CVE-2018-1336.html">https://linux.oracle.com/cve/CVE-2018-1336.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2018-2921.html">https://linux.oracle.com/errata/ELSA-2018-2921.html</a><br><a href="https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2018-8034 | HIGH | 8.5.6 | 9.0.10, 9.0.10, 9.0.10, 9.0.10, 8.0.53, 7.0.90 | <details><summary>Expand...</summary><a href="http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722091057.GA70283@minotaur.apache.org%3E">http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722091057.GA70283@minotaur.apache.org%3E</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/104895">http://www.securityfocus.com/bid/104895</a><br><a href="http://www.securitytracker.com/id/1041374">http://www.securitytracker.com/id/1041374</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0130">https://access.redhat.com/errata/RHSA-2019:0130</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0131">https://access.redhat.com/errata/RHSA-2019:0131</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0450">https://access.redhat.com/errata/RHSA-2019:0450</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0451">https://access.redhat.com/errata/RHSA-2019:0451</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1159">https://access.redhat.com/errata/RHSA-2019:1159</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1160">https://access.redhat.com/errata/RHSA-2019:1160</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1161">https://access.redhat.com/errata/RHSA-2019:1161</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1162">https://access.redhat.com/errata/RHSA-2019:1162</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1529">https://access.redhat.com/errata/RHSA-2019:1529</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2205">https://access.redhat.com/errata/RHSA-2019:2205</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-8034">https://access.redhat.com/security/cve/CVE-2018-8034</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8034">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8034</a><br><a href="https://github.com/advisories/GHSA-46j3-r4pj-4835">https://github.com/advisories/GHSA-46j3-r4pj-4835</a><br><a href="https://linux.oracle.com/cve/CVE-2018-8034.html">https://linux.oracle.com/cve/CVE-2018-8034.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2019-2205.html">https://linux.oracle.com/errata/ELSA-2019-2205.html</a><br><a href="https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E">ht
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2019-0199 | HIGH | 8.5.6 | 9.0.16, 9.0.16 | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00090.html">http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00090.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00013.html">http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00013.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html">http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html</a><br><a href="http://www.securityfocus.com/bid/107674">http://www.securityfocus.com/bid/107674</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3929">https://access.redhat.com/errata/RHSA-2019:3929</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3931">https://access.redhat.com/errata/RHSA-2019:3931</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-0199">https://access.redhat.com/security/cve/CVE-2019-0199</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0199">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0199</a><br><a href="https://github.com/advisories/GHSA-qcxh-w3j9-58qr">https://github.com/advisories/GHSA-qcxh-w3j9-58qr</a><br><a href="https://lists.apache.org/thread.html/158ab719cf60448ddbb074798f09152fdb572fc8f781e70a56118d1a@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/158ab719cf60448ddbb074798f09152fdb572fc8f781e70a56118d1a@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/4c438fa4c78cb1ce8979077f668ab7145baf83e7c59f2faf7eccf094@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/4c438fa4c78cb1ce8979077f668ab7145baf83e7c59f2faf7eccf094@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/7bb193bc68b28d21ff1c726fd38bea164deb6333b59eec2eb3661da6@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/7bb193bc68b28d21ff1c726fd38bea164deb6333b59eec2eb3661da6@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/9fe25f98bac6d66f8a663a15c37a98bc2d8f8bbed1d408791a3e4067@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/9fe25f98bac6d66f8a663a15c37a98bc2d8f8bbed1d408791a3e4067@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/a7a201bd23e67fd3326c9b22b814dd0537d3270b3b54a768e2e7ef50@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/a7a201bd23e67fd3326c9b22b814dd0537d3270b3b54a768e2e7ef50@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ac0185ce240a711b542a55bccf9349ab0c2f343d70cf7835e08fabc9@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/ac0185ce240a711b542a55bccf9349ab0c2f343d70cf7835e08fabc9@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/cf4eb2bd2083cebb3602a293c653f9a7faa96c86f672c876f25b37ef@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/cf4eb2bd2083cebb3602a293c653f9a7faa96c86f672c876f25b37ef@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/dddb3590bac28fbe89f69f5ccbe26283d014ddc691abdd042de14600@%3Cannounce.tomcat.apache.org%3
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2019-0232 | HIGH | 8.5.6 | 9.0.17, 9.0.17, 9.0.17, 7.0.94 | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/153506/Apache-Tomcat-CGIServlet-enableCmdLineArguments-Remote-Code-Execution.html">http://packetstormsecurity.com/files/153506/Apache-Tomcat-CGIServlet-enableCmdLineArguments-Remote-Code-Execution.html</a><br><a href="http://seclists.org/fulldisclosure/2019/May/4">http://seclists.org/fulldisclosure/2019/May/4</a><br><a href="http://www.securityfocus.com/bid/107906">http://www.securityfocus.com/bid/107906</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1712">https://access.redhat.com/errata/RHSA-2019:1712</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-0232">https://access.redhat.com/security/cve/CVE-2019-0232</a><br><a href="https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat/">https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat/</a><br><a href="https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html">https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html</a><br><a href="https://github.com/advisories/GHSA-8vmx-qmch-mpqg">https://github.com/advisories/GHSA-8vmx-qmch-mpqg</a><br><a href="https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/52ffb9fbf661245386a83a661183d13f1de2e5779fa23837a08e02ac@%3Ccommits.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/52ffb9fbf661245386a83a661183d13f1de2e5779fa23837a08e02ac@%3Ccommits.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5f297a4b9080b5f65a05bc139596d0e437d6a539b25e31d29d028767@%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/5f297a4b9080b5f65a05bc139596d0e437d6a539b25e31d29d028767@%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/673b6148d92cd7bc99ea2dcf85ad75d57da44fc322d51f37fb529a2a@%3Ccommits.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/673b6148d92cd7bc99ea2dcf85ad75d57da44fc322d51f37fb529a2a@%3Ccommits.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/96849486813a95dfd542e1618b7923ca945508aaf4a4341f674d83e3@%3Cnotifications.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/96849486813a95dfd542e1618b7923ca945508aaf4a4341f674d83e3@%3Cnotifications.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/a6c87a09a71162fd563ab1c4e70a08a103e0b7c199fc391f1c9c4c35@%3Ccommits.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/a6c87a09a71162fd563ab1c4e70a08a103e0b7c199fc391f1c9c4c35@%3Ccommits.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/dd4b325cdb261183dbf5ce913c102920a8f09c26dae666a98309165b@%3Cnotifications.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/dd4b325cdb261183dbf5ce913c102920a8f09c26dae666a98309165b@%3Cnotifications.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f4d48b32ef2b6aa49c8830241a9475da5b46e451f964b291c7a0a715@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/f4d48b32ef2b6aa49c8830241a9475da5b46e
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2019-10072 | HIGH | 8.5.6 | 8.5.40, 9.0.20 | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html">http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html</a><br><a href="http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.41">http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.41</a><br><a href="http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.20">http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.20</a><br><a href="http://www.securityfocus.com/bid/108874">http://www.securityfocus.com/bid/108874</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3929">https://access.redhat.com/errata/RHSA-2019:3929</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3931">https://access.redhat.com/errata/RHSA-2019:3931</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-10072">https://access.redhat.com/security/cve/CVE-2019-10072</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10072">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10072</a><br><a href="https://github.com/advisories/GHSA-q4hg-rmq2-52q9">https://github.com/advisories/GHSA-q4hg-rmq2-52q9</a><br><a href="https://lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a@%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a@%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-10072">https://nvd.nist.gov/vuln/detail/CVE-2019-10072</a><br><a href="https://security.netapp.com/advisory/ntap-20190625-0002/">https://security.netapp.com/advisory/ntap-20190625-0002/</a><br><a href="https://support.f5.com/csp/article/K17321505">https://support.f5.com/csp/article/K17321505</a><br><a href="https://ubuntu.com/security/notices/USN-4128-1">https://ubuntu.com/security/notices/USN-4128-1</a><br><a href="https://ubuntu.com/security/notices/USN-4128-2">https://ubuntu.com/security/notices/USN-4128-2</a><br><a href="https://usn.ubuntu.com/4128-1/">https://usn.ubuntu.com/4128-1/</a><br><a href="https://usn.ubuntu.com/4128-2/">https://usn.ubuntu.com/4128-2/</a><br><a href="https://www.debian.org/security/2020/dsa-4680">https://www.debian.org/security/2020/dsa-4680</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2020.html">https://www.oracle.com/security-alerts/cpuapr2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.htm
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2019-12418 | HIGH | 8.5.6 | 7.0.99, 8.5.49, 9.0.29 | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html">http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html</a><br><a href="http://mail-archives.apache.org/mod_mbox/tomcat-users/201912.mbox/%3C3f42d82c-d9e9-8893-9820-df4e420e5c4e@apache.org%3E">http://mail-archives.apache.org/mod_mbox/tomcat-users/201912.mbox/%3C3f42d82c-d9e9-8893-9820-df4e420e5c4e@apache.org%3E</a><br><a href="http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.49">http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.49</a><br><a href="http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.29">http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.29</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-12418">https://access.redhat.com/security/cve/CVE-2019-12418</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418</a><br><a href="https://github.com/advisories/GHSA-hh3j-x4mc-g48r">https://github.com/advisories/GHSA-hh3j-x4mc-g48r</a><br><a href="https://lists.apache.org/thread.html/43530b91506e2e0c11cfbe691173f5df8c48f51b98262426d7493b67%40%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/43530b91506e2e0c11cfbe691173f5df8c48f51b98262426d7493b67%40%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html">https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/03/msg00029.html">https://lists.debian.org/debian-lts-announce/2020/03/msg00029.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-12418">https://nvd.nist.gov/vuln/detail/CVE-2019-12418</a><br><a href="https://seclists.org/bugtraq/2019/Dec/43">https://seclists.org/bugtraq/2019/Dec/43</a><br><a href="https://security.gentoo.org/glsa/202003-43">https://security.gentoo.org/glsa/202003-43</a><br><a href="https://security.netapp.com/advisory/ntap-20200107-0001/">https://security.netapp.com/advisory/ntap-20200107-0001/</a><br><a href="https://support.f5.com/csp/article/K10107360?utm_source=f5support&amp;amp;utm_medium=RSS">https://support.f5.com/csp/article/K10107360?utm_source=f5support&amp;amp;utm_medium=RSS</a><br><a href="https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.99">https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.99</a><br><a href="https://ubuntu.com/security/notices/USN-4251-1">https://ubuntu.com/security/notices/USN-4251-1</a><br><a href=
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2019-17563 | HIGH | 8.5.6 | 7.0.99, 8.5.50, 9.0.30 | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html">http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html</a><br><a href="http://mail-archives.apache.org/mod_mbox/www-announce/201912.mbox/%3C21b7a375-7297-581b-1f8e-06622d36775b@apache.org%3E">http://mail-archives.apache.org/mod_mbox/www-announce/201912.mbox/%3C21b7a375-7297-581b-1f8e-06622d36775b@apache.org%3E</a><br><a href="http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.30">http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.30</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-17563">https://access.redhat.com/security/cve/CVE-2019-17563</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563</a><br><a href="https://github.com/advisories/GHSA-9xcj-c8cr-8c3c">https://github.com/advisories/GHSA-9xcj-c8cr-8c3c</a><br><a href="https://linux.oracle.com/cve/CVE-2019-17563.html">https://linux.oracle.com/cve/CVE-2019-17563.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-4004.html">https://linux.oracle.com/errata/ELSA-2020-4004.html</a><br><a href="https://lists.apache.org/thread.html/8b4c1db8300117b28a0f3f743c0b9e3f964687a690cdf9662a884bbd%40%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/8b4c1db8300117b28a0f3f743c0b9e3f964687a690cdf9662a884bbd%40%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/reb9a66f176df29b9a832caa95ebd9ffa3284e8f4922ec4fa3ad8eb2e@%3Cissues.cxf.apache.org%3E">https://lists.apache.org/thread.html/reb9a66f176df29b9a832caa95ebd9ffa3284e8f4922ec4fa3ad8eb2e@%3Cissues.cxf.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html">https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html">https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-17563">https://nvd.nist.gov/vuln/detail/CVE-2019-17563</a><br><a href="https://seclists.org/bugtraq/2019/Dec/43">https://seclists.org/bugtraq/2019/Dec/43</a><br><a href="https://security.gentoo.org/glsa/202003-43">https://security.gentoo.org/glsa/202003-43</a><br><a href="https://security.netapp.com/advisory/ntap-20200107-0001/">https://security.netapp.com/advisory/ntap-20200107-0001/</a><br><a href="https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.99">https://tomcat.apache.org/security-7.html#Fixed_in_Ap
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2020-13934 | HIGH | 8.5.6 | 8.5.57, 9.0.37 | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html">http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html">http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html</a><br><a href="http://mail-archives.apache.org/mod_mbox/tomcat-announce/202007.mbox/%3Cad62f54e-8fd7-e326-25f1-3bdf1ffa3818%40apache.org%3E">http://mail-archives.apache.org/mod_mbox/tomcat-announce/202007.mbox/%3Cad62f54e-8fd7-e326-25f1-3bdf1ffa3818%40apache.org%3E</a><br><a href="http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M7">http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M7</a><br><a href="http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.105">http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.105</a><br><a href="http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57">http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57</a><br><a href="http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.37">http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.37</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-13934">https://access.redhat.com/security/cve/CVE-2020-13934</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934</a><br><a href="https://github.com/advisories/GHSA-vf77-8h7g-gghp">https://github.com/advisories/GHSA-vf77-8h7g-gghp</a><br><a href="https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html">https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-13934">https://nvd.nist.gov/vuln/detail/CVE-2020-13934</a><br><a href="https://security.netapp.com/advisory/ntap-20200724-0003/">https://security.netapp.com/advisory/ntap-20200724-0003/</a><br><a href="https://ubuntu.com/security/notices/USN-4596-1">https://ubuntu.com/security/notices/USN-4596-1</a><br><a href="https://usn.ubuntu.com/4596-1/">https://usn.ubuntu.com/4596-1/</a><br><a href="https://www.debian.org/security/2020/dsa-4727">https://www.debian.org/security/2020/dsa-4727</a><br><a href="https://www.openwall.com/lists/oss-security/2020/07/14/4">https://www.openwall.com/lists/oss-security/2020/07/14/4</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2020-17527 | HIGH | 8.5.6 | 8.5.60, 9.0.40, 10.0.2 | <details><summary>Expand...</summary><a href="http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M10">http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M10</a><br><a href="http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60">http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60</a><br><a href="http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40">http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40</a><br><a href="http://www.openwall.com/lists/oss-security/2020/12/03/3">http://www.openwall.com/lists/oss-security/2020/12/03/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-17527">https://access.redhat.com/security/cve/CVE-2020-17527</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527</a><br><a href="https://github.com/advisories/GHSA-vvw4-rfwf-p6hx">https://github.com/advisories/GHSA-vvw4-rfwf-p6hx</a><br><a href="https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29 (8.5.60)">https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29 (8.5.60)</a><br><a href="https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65 (9.0.40)">https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65 (9.0.40)</a><br><a href="https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784@%3Ccommits.tomee.apache.org%3E">https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784@%3Ccommits.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20@%3Ccommits.tomee.apache.org%3E">https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20@%3Ccommits.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa@%3Ccommits.tomee.apache.org%3E">https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa@%3Ccommits.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee@%3Cissues.guacamole.apache.org%3E">https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee@%3Cissues.guacamole.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rabbe6b3ae6a9795641d7a05c00d2378d5bbbe4240b7e20f09b092cce@%3Cissues.guacamole.apache.org%3E">htt
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2020-9484 | HIGH | 8.5.6 | 7.0.104, 8.5.55, 9.0.35, 10.0.0-M5 | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00057.html">http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00057.html</a><br><a href="http://mail-archives.apache.org/mod_mbox/tomcat-announce/202005.mbox/%3Ce3a0a517-bf82-ba62-0af6-24b83ea0e4e2%40apache.org%3E">http://mail-archives.apache.org/mod_mbox/tomcat-announce/202005.mbox/%3Ce3a0a517-bf82-ba62-0af6-24b83ea0e4e2%40apache.org%3E</a><br><a href="http://packetstormsecurity.com/files/157924/Apache-Tomcat-CVE-2020-9484-Proof-Of-Concept.html">http://packetstormsecurity.com/files/157924/Apache-Tomcat-CVE-2020-9484-Proof-Of-Concept.html</a><br><a href="http://seclists.org/fulldisclosure/2020/Jun/6">http://seclists.org/fulldisclosure/2020/Jun/6</a><br><a href="http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M5">http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M5</a><br><a href="http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.104">http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.104</a><br><a href="http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.55">http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.55</a><br><a href="http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.35">http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.35</a><br><a href="http://www.openwall.com/lists/oss-security/2021/03/01/2">http://www.openwall.com/lists/oss-security/2021/03/01/2</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-9484">https://access.redhat.com/security/cve/CVE-2020-9484</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484</a><br><a href="https://github.com/advisories/GHSA-344f-f5vg-2jfj">https://github.com/advisories/GHSA-344f-f5vg-2jfj</a><br><a href="https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222 (9.0.35)">https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222 (9.0.35)</a><br><a href="https://github.com/apache/tomcat/commit/53e30390943c18fca0c9e57dbcc14f1c623cfd06 (7.0.104)">https://github.com/apache/tomcat/commit/53e30390943c18fca0c9e57dbcc14f1c623cfd06 (7.0.104)</a><br><a href="https://github.com/apache/tomcat/commit/bb33048e3f9b4f2b70e4da2e6c4e34ca89023b1b (10.0.0-M5)">https://github.com/apache/tomcat/commit/bb33048e3f9b4f2b70e4da2e6c4e34ca89023b1b (10.0.0-M5)</a><br><a href="https://github.com/apache/tomcat/commit/ec08af18d0f9ddca3f2d800ef66fe7fd20afef2f (8.5.55)">https://github.com/apache/tomcat/commit/ec08af18d0f9ddca3f2d800ef66fe7fd20afef2f (8.5.55)</a><br><a href="https://kc.mcafee.com/corporate/index?page=content&amp;id=SB10332">https://kc.mcafee.com/corporate/index?page=content&amp;id=SB10332</a><br><a href="https://linux.oracle.com/cve/CVE-2020-9484.html">https://linux.oracle.com/cve/CVE-2020-9484.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-2530.html">https://linux.oracle.com/errata/ELSA-2020-2530.html</a><br><a href="https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r123b3ebe389f46f9d337923f393cdae4d3e9b78d982d706712f0898c@%3Ccommits.tomee.apache.org%3E">https://lists.apache.org/thread.html/r123b3ebe389f46f9d337923f393cdae4d3e9b78d982d706712f0898c@%3Ccommits.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r26950738f4b4ca2d256597cf391d52d3450fa665c297ea5ca38f5469@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r26950738f4b4ca2d256597cf391d52d3450fa665c297ea5ca38f5469@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.ht
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2021-25122 | HIGH | 8.5.6 | 8.5.63, 9.0.43, 10.0.2 | <details><summary>Expand...</summary><a href="http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3Cb7626398-5e6d-1639-4e9e-e41b34af84de%40apache.org%3E">http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3Cb7626398-5e6d-1639-4e9e-e41b34af84de%40apache.org%3E</a><br><a href="http://www.openwall.com/lists/oss-security/2021/03/01/1">http://www.openwall.com/lists/oss-security/2021/03/01/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-25122">https://access.redhat.com/security/cve/CVE-2021-25122</a><br><a href="https://github.com/advisories/GHSA-j39c-c8hj-x4j3">https://github.com/advisories/GHSA-j39c-c8hj-x4j3</a><br><a href="https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rcd90bf36b1877e1310b87ecd14ed7bbb15da52b297efd9f0e7253a3b@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/rcd90bf36b1877e1310b87ecd14ed7bbb15da52b297efd9f0e7253a3b@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd0463f9a5cbc02a485404c4b990f0da452e5ac5c237808edba11c947@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/rd0463f9a5cbc02a485404c4b990f0da452e5ac5c237808edba11c947@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-25122">https://nvd.nist.gov/vuln/detail/CVE-2021-25122</a><br><a href="https://security.netapp.com/advisory/ntap-20210409-0002/">https://security.netapp.com/advisory/ntap-20210409-0002/</a><br><a href="https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.2">https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.2</a><br><a href="https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.63">https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.63</a><br><a href="https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.43">https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.43</a><br><a href="https://www.debian.org/security/2021/dsa-4891">https://www.debian.org/security/2021/dsa-4891</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alert
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2021-25329 | HIGH | 8.5.6 | 7.0.108, 8.5.63, 9.0.43, 10.0.2 | <details><summary>Expand...</summary><a href="http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3C811bba77-e74e-9f9b-62ca-5253a09ba84f%40apache.org%3E">http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3C811bba77-e74e-9f9b-62ca-5253a09ba84f%40apache.org%3E</a><br><a href="http://www.openwall.com/lists/oss-security/2021/03/01/2">http://www.openwall.com/lists/oss-security/2021/03/01/2</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-25329">https://access.redhat.com/security/cve/CVE-2021-25329</a><br><a href="https://github.com/advisories/GHSA-jgwr-3qm3-26f3">https://github.com/advisories/GHSA-jgwr-3qm3-26f3</a><br><a href="https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4">https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4</a><br><a href="https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r732b2ca289dc02df2de820e8775559abd6c207f159e39f559547a085@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r732b2ca289dc02df2de820e8775559abd6c207f159e39f559547a085@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r8a2ac0e476dbfc1e6440b09dcc782d444ad635d6da26f0284725a5dc@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r8a2ac0e476dbfc1e6440b09dcc782d444ad635d6da26f0284725a5dc@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb51ccd58b2152fc75125b2406fc93e04ca9d34e737263faa6ff0f41f@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/rb51ccd58b2152fc75125b2406fc93e04ca9d34e737263faa6ff0f41f@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-25329">https://nvd.nist.gov/vuln/detail/CVE-2021-25329</a><br><a href="https://security.netapp.com/advisory/ntap-20210409-0002/">https://security.netapp.com/advisory/ntap-20210409-0002/</a><br><a href="https://tomcat.apache.org/security-10.
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2018-11784 | MEDIUM | 8.5.6 | 8.5.34, 8.5.34, 9.0.12 | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html">http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html">http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html</a><br><a href="http://packetstormsecurity.com/files/163456/Apache-Tomcat-9.0.0M1-Open-Redirect.html">http://packetstormsecurity.com/files/163456/Apache-Tomcat-9.0.0M1-Open-Redirect.html</a><br><a href="http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.91">http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.91</a><br><a href="http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.34">http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.34</a><br><a href="http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.12">http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.12</a><br><a href="http://www.securityfocus.com/bid/105524">http://www.securityfocus.com/bid/105524</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0130">https://access.redhat.com/errata/RHSA-2019:0130</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0131">https://access.redhat.com/errata/RHSA-2019:0131</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0485">https://access.redhat.com/errata/RHSA-2019:0485</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1529">https://access.redhat.com/errata/RHSA-2019:1529</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-11784">https://access.redhat.com/security/cve/CVE-2018-11784</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11784">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11784</a><br><a href="https://github.com/advisories/GHSA-5q99-f34m-67gc">https://github.com/advisories/GHSA-5q99-f34m-67gc</a><br><a href="https://kc.mcafee.com/corporate/index?page=content&amp;id=SB10284">https://kc.mcafee.com/corporate/index?page=content&amp;id=SB10284</a><br><a href="https://linux.oracle.com/cve/CVE-2018-11784.html">https://linux.oracle.com/cve/CVE-2018-11784.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2019-1529.html">https://linux.oracle.com/errata/ELSA-2019-1529.html</a><br><a href="https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/23134c9b5a23892a205dc140cdd8c9c0add233600f76b313dda6bd75@%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/23134c9b5a23892a205dc140cdd8c9c0add233600f76b313dda6bd75@%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2018-1304 | MEDIUM | 8.5.6 | 9.0.5, 9.0.5, 9.0.5, 9.0.5, 8.0.51, 7.0.86 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html">http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/103170">http://www.securityfocus.com/bid/103170</a><br><a href="http://www.securitytracker.com/id/1040427">http://www.securitytracker.com/id/1040427</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0465">https://access.redhat.com/errata/RHSA-2018:0465</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0466">https://access.redhat.com/errata/RHSA-2018:0466</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1320">https://access.redhat.com/errata/RHSA-2018:1320</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1447">https://access.redhat.com/errata/RHSA-2018:1447</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1448">https://access.redhat.com/errata/RHSA-2018:1448</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1449">https://access.redhat.com/errata/RHSA-2018:1449</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1450">https://access.redhat.com/errata/RHSA-2018:1450</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1451">https://access.redhat.com/errata/RHSA-2018:1451</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2939">https://access.redhat.com/errata/RHSA-2018:2939</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2205">https://access.redhat.com/errata/RHSA-2019:2205</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-1304">https://access.redhat.com/security/cve/CVE-2018-1304</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1304">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1304</a><br><a href="https://github.com/advisories/GHSA-6rxj-58jh-436r">https://github.com/advisories/GHSA-6rxj-58jh-436r</a><br><a href="https://linux.oracle.com/cve/CVE-2018-1304.html">https://linux.oracle.com/cve/CVE-2018-1304.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2019-2205.html">https://linux.oracle.com/errata/ELSA-2019-2205.html</a><br><a href="https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/845312a10aabbe2c499fca9400
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2018-1305 | MEDIUM | 8.5.6 | 9.0.5, 9.0.5, 9.0.5, 7.0.85 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html">http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/103144">http://www.securityfocus.com/bid/103144</a><br><a href="http://www.securitytracker.com/id/1040428">http://www.securitytracker.com/id/1040428</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0465">https://access.redhat.com/errata/RHSA-2018:0465</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0466">https://access.redhat.com/errata/RHSA-2018:0466</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1320">https://access.redhat.com/errata/RHSA-2018:1320</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2939">https://access.redhat.com/errata/RHSA-2018:2939</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2205">https://access.redhat.com/errata/RHSA-2019:2205</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-1305">https://access.redhat.com/security/cve/CVE-2018-1305</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305</a><br><a href="https://github.com/advisories/GHSA-jx6h-3fjx-cgv5">https://github.com/advisories/GHSA-jx6h-3fjx-cgv5</a><br><a href="https://linux.oracle.com/cve/CVE-2018-1305.html">https://linux.oracle.com/cve/CVE-2018-1305.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2019-2205.html">https://linux.oracle.com/errata/ELSA-2019-2205.html</a><br><a href="https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2018-8037 | MEDIUM | 8.5.6 | 9.0.10, 9.0.10 | <details><summary>Expand...</summary><a href="http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090623.GA92700%40minotaur.apache.org%3E">http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090623.GA92700%40minotaur.apache.org%3E</a><br><a href="http://mail-archives.us.apache.org/mod_mbox/www-announce/201808.mbox/%3C0c616b4d-4e81-e7f8-b81d-1bb4c575aa33%40apache.org%3E">http://mail-archives.us.apache.org/mod_mbox/www-announce/201808.mbox/%3C0c616b4d-4e81-e7f8-b81d-1bb4c575aa33%40apache.org%3E</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/104894">http://www.securityfocus.com/bid/104894</a><br><a href="http://www.securitytracker.com/id/1041376">http://www.securitytracker.com/id/1041376</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2867">https://access.redhat.com/errata/RHSA-2018:2867</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2868">https://access.redhat.com/errata/RHSA-2018:2868</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1529">https://access.redhat.com/errata/RHSA-2019:1529</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-8037">https://access.redhat.com/security/cve/CVE-2018-8037</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8037">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8037</a><br><a href="https://github.com/advisories/GHSA-6v52-mj5r-7j2m">https://github.com/advisories/GHSA-6v52-mj5r-7j2m</a><br><a href="https://linux.oracle.com/cve/CVE-2018-8037.html">https://linux.oracle.com/cve/CVE-2018-8037.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2019-1529.html">https://linux.oracle.com/errata/ELSA-2019-1529.html</a><br><a href="https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/2ee3af8a43cb019e7898c9330cc8e73306553a27f2e4735dfb522d39@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/2ee3af8a43cb019e7898c9330cc8e73306553a27f2e4735dfb522d39@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5d15316dfb4adf75d96d394745f8037533fa3bcc1ac8f619bf5c044c@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/5d15316dfb4adf75d96d394745f8037533fa3bcc1ac8f619bf5c044c@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E</a><br><a hre
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2019-0221 | MEDIUM | 8.5.6 | 9.0.17, 9.0.17, 9.0.17, 7.0.94 | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00090.html">http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00090.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html">http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html</a><br><a href="http://packetstormsecurity.com/files/163457/Apache-Tomcat-9.0.0.M1-Cross-Site-Scripting.html">http://packetstormsecurity.com/files/163457/Apache-Tomcat-9.0.0.M1-Cross-Site-Scripting.html</a><br><a href="http://seclists.org/fulldisclosure/2019/May/50">http://seclists.org/fulldisclosure/2019/May/50</a><br><a href="http://www.securityfocus.com/bid/108545">http://www.securityfocus.com/bid/108545</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3929">https://access.redhat.com/errata/RHSA-2019:3929</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3931">https://access.redhat.com/errata/RHSA-2019:3931</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-0221">https://access.redhat.com/security/cve/CVE-2019-0221</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221</a><br><a href="https://github.com/advisories/GHSA-jjpq-gp5q-8q6w">https://github.com/advisories/GHSA-jjpq-gp5q-8q6w</a><br><a href="https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c@%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c@%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/05/msg00044.html">https://lists.debian.org/debian-lts-announce/2019/05/msg00044.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html">https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46/">https://lists.fedo
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2020-1935 | MEDIUM | 8.5.6 | 7.0.100, 8.5.51, 9.0.31 | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html">http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-1935">https://access.redhat.com/security/cve/CVE-2020-1935</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935</a><br><a href="https://github.com/advisories/GHSA-qxf4-chvg-4r8r">https://github.com/advisories/GHSA-qxf4-chvg-4r8r</a><br><a href="https://linux.oracle.com/cve/CVE-2020-1935.html">https://linux.oracle.com/cve/CVE-2020-1935.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-5020.html">https://linux.oracle.com/errata/ELSA-2020-5020.html</a><br><a href="https://lists.apache.org/thread.html/r127f76181aceffea2bd4711b03c595d0f115f63e020348fe925a916c%40%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r127f76181aceffea2bd4711b03c595d0f115f63e020348fe925a916c%40%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r441c1f30a252bf14b07396286f6abd8089ce4240e91323211f1a2d75@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r441c1f30a252bf14b07396286f6abd8089ce4240e91323211f1a2d75@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r660cd379afe346f10d72c0eaa8459ccc95d83aff181671b7e9076919@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r660cd379afe346f10d72c0eaa8459ccc95d83aff181671b7e9076919@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E">https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r80e9c8417c77d52c62809168b96912bda70ddf7748f19f8210f745b1@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r80e9c8417c77d52c62809168b96912bda70ddf7748f19f8210f745b1@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9ce7918faf347e7aac32be930bf26c233b0b140fe37af0bb294158b6@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r9ce7918faf347e7aac32be930bf26c233b0b140fe37af0bb294158b6@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra5dee390ad2d60307b8362505c059cd6a726de4d146d63dfce1e05e7@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/ra5dee390ad2d60307b8362505c059cd6a726de4d146d63dfce1e05e7@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E">https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd547be0c9d821b4b1000a694b8e58ef9f5e2d66db03a31dfe77c4b18@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/rd547be0c9d821b4b1000a694b8e58ef9f5e2d66db03a31dfe77c4b18@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html">https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html">https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-1935">https://nvd.nist.gov/vuln/detail/CVE-2020-1935</a><br><a href="https://security.netapp.com/advisory/ntap-20200327-0005/">https://security.netapp.com/advisory/ntap-20200327-0005/</a><br><a href="https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100">https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100</a><br><a href="https://tomcat.apache.org/s
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2021-24122 | MEDIUM | 8.5.6 | 10.0.0-M10, 9.0.40, 8.5.60, 7.0.107 | <details><summary>Expand...</summary><a href="http://mail-archives.apache.org/mod_mbox/tomcat-announce/202101.mbox/%3Cf3765f21-969d-7f21-e34a-efc106175373%40apache.org%3E">http://mail-archives.apache.org/mod_mbox/tomcat-announce/202101.mbox/%3Cf3765f21-969d-7f21-e34a-efc106175373%40apache.org%3E</a><br><a href="http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.107">http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.107</a><br><a href="http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60">http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60</a><br><a href="http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40">http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40</a><br><a href="http://www.openwall.com/lists/oss-security/2021/01/14/1">http://www.openwall.com/lists/oss-security/2021/01/14/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-24122">https://access.redhat.com/security/cve/CVE-2021-24122</a><br><a href="https://github.com/advisories/GHSA-2rvv-w9r2-rg7m">https://github.com/advisories/GHSA-2rvv-w9r2-rg7m</a><br><a href="https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-24122">https://nvd.nist.gov/vuln/detail/CVE-2021-24122</a><br><a href="https://security.netapp.com/advisory/ntap-20210212-0008/">https://security.netapp.com/advisory/ntap-20210212-0008/</a><br></details> |
| org.apache.tomcat.embed:tomcat-embed-websocket | CVE-2020-13935 | HIGH | 8.5.6 | 7.0.105, 8.5.57, 9.0.37, 10.0.2 | <details><summary>Expand...</summary><a href="http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html">http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html</a><br><a href="http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html">http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html</a><br><a href="http://mail-archives.apache.org/mod_mbox/tomcat-announce/202007.mbox/%3C39e4200c-6f4e-b85d-fe4b-a9c2bd5fdc3d%40apache.org%3E">http://mail-archives.apache.org/mod_mbox/tomcat-announce/202007.mbox/%3C39e4200c-6f4e-b85d-fe4b-a9c2bd5fdc3d%40apache.org%3E</a><br><a href="http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M7">http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M7</a><br><a href="http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.105">http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.105</a><br><a href="http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57">http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57</a><br><a href="http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.37">http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.37</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-13935">https://access.redhat.com/security/cve/CVE-2020-13935</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935</a><br><a href="https://github.com/advisories/GHSA-m7jv-hq7h-mq7c">https://github.com/advisories/GHSA-m7jv-hq7h-mq7c</a><br><a href="https://kc.mcafee.com/corporate/index?page=content&amp;id=SB10332">https://kc.mcafee.com/corporate/index?page=content&amp;id=SB10332</a><br><a href="https://linux.oracle.com/cve/CVE-2020-13935.html">https://linux.oracle.com/cve/CVE-2020-13935.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-4004.html">https://linux.oracle.com/errata/ELSA-2020-4004.html</a><br><a href="https://lists.apache.org/thread.html/r4e5d3c09f4dd2923191e972408b40fb8b42dbff0bc7904d44b651e50@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r4e5d3c09f4dd2923191e972408b40fb8b42dbff0bc7904d44b651e50@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd48c72bd3255bda87564d4da3791517c074d94f8a701f93b85752651%40%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/rd48c72bd3255bda87564d4da3791517c074d94f8a701f93b85752651%40%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html">https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-13935">https://nvd.nist.gov/vuln/detail/CVE-2020-13935</a><br><a href="https://security.netapp.com/advisory/ntap-20200724-0003/">https://security.netapp.com/advisory/ntap-20200724-0003/</a><br><a href="https://ubuntu.com/security/notices/USN-4448-1">https://ubuntu.com/security/notices/USN-4448-1</a><br><a href="https://ubuntu.com/security/notices/USN-4596-1">https://ubuntu.com/security/notices/USN-4596-1</a><br><a href="https://usn.ubuntu.com/4448-1/">https://usn.ubuntu.com/4448-1/</a><br><a href="https://usn.ubuntu.com/4596-1/">https://usn.ubuntu.com/4596-1/</a><br><a href="https://www.debian.org/security/2020/dsa-4727">https://www.debian.org/security/2020/dsa-4727</a><br><a href="https://www.openwall.com/lists/oss-security/2020/07/14/3">https://www.openwall.com/lists/oss-security/2020/07/14/3</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/securi
| org.apache.tomcat.embed:tomcat-embed-websocket | CVE-2021-24122 | MEDIUM | 8.5.6 | 10.0.0-M10, 9.0.40, 8.5.60, 7.0.107 | <details><summary>Expand...</summary><a href="http://mail-archives.apache.org/mod_mbox/tomcat-announce/202101.mbox/%3Cf3765f21-969d-7f21-e34a-efc106175373%40apache.org%3E">http://mail-archives.apache.org/mod_mbox/tomcat-announce/202101.mbox/%3Cf3765f21-969d-7f21-e34a-efc106175373%40apache.org%3E</a><br><a href="http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.107">http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.107</a><br><a href="http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60">http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60</a><br><a href="http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40">http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40</a><br><a href="http://www.openwall.com/lists/oss-security/2021/01/14/1">http://www.openwall.com/lists/oss-security/2021/01/14/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-24122">https://access.redhat.com/security/cve/CVE-2021-24122</a><br><a href="https://github.com/advisories/GHSA-2rvv-w9r2-rg7m">https://github.com/advisories/GHSA-2rvv-w9r2-rg7m</a><br><a href="https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E">https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html">https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-24122">https://nvd.nist.gov/vuln/detail/CVE-2021-24122</a><br><a href="https://security.netapp.com/advisory/ntap-20210212-0008/">https://security.netapp.com/advisory/ntap-20210212-0008/</a><br></details> |
| org.codehaus.groovy:groovy | CVE-2020-17521 | MEDIUM | 2.4.7 | 2.4.21, 2.5.14, 3.0.7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-17521">https://access.redhat.com/security/cve/CVE-2020-17521</a><br><a href="https://github.com/advisories/GHSA-rcjj-h6gh-jf3r">https://github.com/advisories/GHSA-rcjj-h6gh-jf3r</a><br><a href="https://github.com/apache/groovy/commit/bcbe5c4c76db83736166530647c024ac1e47ef28">https://github.com/apache/groovy/commit/bcbe5c4c76db83736166530647c024ac1e47ef28</a><br><a href="https://github.com/apache/groovy/pull/1425">https://github.com/apache/groovy/pull/1425</a><br><a href="https://groovy-lang.org/security.html#CVE-2020-17521">https://groovy-lang.org/security.html#CVE-2020-17521</a><br><a href="https://lists.apache.org/thread.html/r4b2f13c302eec98838ff7475253091fb9b75bc1038016ba00ebf6c08@%3Cdev.atlas.apache.org%3E">https://lists.apache.org/thread.html/r4b2f13c302eec98838ff7475253091fb9b75bc1038016ba00ebf6c08@%3Cdev.atlas.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra9dab34bf8625511f23692ad0fcee2725f782e9aad6c5cdff6cf4465@%3Cnotifications.groovy.apache.org%3E">https://lists.apache.org/thread.html/ra9dab34bf8625511f23692ad0fcee2725f782e9aad6c5cdff6cf4465@%3Cnotifications.groovy.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rea63a4666ba245d2892471307772a2d8ce0f0741f341d6576625c1b3@%3Cdev.atlas.apache.org%3E">https://lists.apache.org/thread.html/rea63a4666ba245d2892471307772a2d8ce0f0741f341d6576625c1b3@%3Cdev.atlas.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-17521">https://nvd.nist.gov/vuln/detail/CVE-2020-17521</a><br><a href="https://security.netapp.com/advisory/ntap-20201218-0006/">https://security.netapp.com/advisory/ntap-20201218-0006/</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| org.hibernate:hibernate-core | CVE-2020-25638 | HIGH | 5.0.11.Final | 5.3.20.Final, 5.4.24.Final | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-25638">https://access.redhat.com/security/cve/CVE-2020-25638</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1881353">https://bugzilla.redhat.com/show_bug.cgi?id=1881353</a><br><a href="https://github.com/advisories/GHSA-j8jw-g6fq-mp7h">https://github.com/advisories/GHSA-j8jw-g6fq-mp7h</a><br><a href="https://lists.apache.org/thread.html/r833c1276e41334fa675848a08daf0c61f39009f9f9a400d9f7006d44@%3Cdev.turbine.apache.org%3E">https://lists.apache.org/thread.html/r833c1276e41334fa675848a08daf0c61f39009f9f9a400d9f7006d44@%3Cdev.turbine.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf2378209c676a28b71f9b604a3b3517c448540b85367160e558ef9df@%3Ccommits.turbine.apache.org%3E">https://lists.apache.org/thread.html/rf2378209c676a28b71f9b604a3b3517c448540b85367160e558ef9df@%3Ccommits.turbine.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/01/msg00000.html">https://lists.debian.org/debian-lts-announce/2021/01/msg00000.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-25638">https://nvd.nist.gov/vuln/detail/CVE-2020-25638</a><br><a href="https://www.debian.org/security/2021/dsa-4908">https://www.debian.org/security/2021/dsa-4908</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br></details> |
| org.hibernate:hibernate-validator | CVE-2017-7536 | HIGH | 5.2.4.Final | 5.2.5.Final, 5.3.6.Final, 5.4.2.Final | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/101048">http://www.securityfocus.com/bid/101048</a><br><a href="http://www.securitytracker.com/id/1039744">http://www.securitytracker.com/id/1039744</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2808">https://access.redhat.com/errata/RHSA-2017:2808</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2809">https://access.redhat.com/errata/RHSA-2017:2809</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2810">https://access.redhat.com/errata/RHSA-2017:2810</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2811">https://access.redhat.com/errata/RHSA-2017:2811</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3141">https://access.redhat.com/errata/RHSA-2017:3141</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3454">https://access.redhat.com/errata/RHSA-2017:3454</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3455">https://access.redhat.com/errata/RHSA-2017:3455</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3456">https://access.redhat.com/errata/RHSA-2017:3456</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3458">https://access.redhat.com/errata/RHSA-2017:3458</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2740">https://access.redhat.com/errata/RHSA-2018:2740</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2741">https://access.redhat.com/errata/RHSA-2018:2741</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2742">https://access.redhat.com/errata/RHSA-2018:2742</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2743">https://access.redhat.com/errata/RHSA-2018:2743</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2927">https://access.redhat.com/errata/RHSA-2018:2927</a><br><a href="https://access.redhat.com/errata/RHSA-2018:3817">https://access.redhat.com/errata/RHSA-2018:3817</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-7536">https://access.redhat.com/security/cve/CVE-2017-7536</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1465573">https://bugzilla.redhat.com/show_bug.cgi?id=1465573</a><br><a href="https://github.com/advisories/GHSA-xxgp-pcfc-3vgc">https://github.com/advisories/GHSA-xxgp-pcfc-3vgc</a><br><a href="https://github.com/hibernate/hibernate-validator/commit/0778a5c98b817771a645c6f4ba0b28dd8b5437b">https://github.com/hibernate/hibernate-validator/commit/0778a5c98b817771a645c6f4ba0b28dd8b5437b</a><br><a href="https://github.com/hibernate/hibernate-validator/commit/0886e89900d343ea20fde5137c9a3086e6da9ac">https://github.com/hibernate/hibernate-validator/commit/0886e89900d343ea20fde5137c9a3086e6da9ac</a><br><a href="https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-7536">https://nvd.nist.gov/vuln/detail/CVE-2017-7536</a><br></details> |
| org.hibernate:hibernate-validator | CVE-2020-10693 | MEDIUM | 5.2.4.Final | 6.0.20.Final, 6.1.5.Final, 7.0.0.CR1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-10693">https://access.redhat.com/security/cve/CVE-2020-10693</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10693">https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10693</a><br><a href="https://github.com/advisories/GHSA-rmrm-75hp-phr2">https://github.com/advisories/GHSA-rmrm-75hp-phr2</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-10693">https://nvd.nist.gov/vuln/detail/CVE-2020-10693</a><br><a href="https://www.ibm.com/support/pages/node/6348216">https://www.ibm.com/support/pages/node/6348216</a><br></details> |
| org.springframework.boot:spring-boot | CVE-2017-8046 | CRITICAL | 1.4.2.RELEASE | 1.5.9.RELEASE | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/100948">http://www.securityfocus.com/bid/100948</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2405">https://access.redhat.com/errata/RHSA-2018:2405</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-8046">https://access.redhat.com/security/cve/CVE-2017-8046</a><br><a href="https://jira.spring.io/browse/DATAREST-1127">https://jira.spring.io/browse/DATAREST-1127</a><br><a href="https://jira.spring.io/browse/DATAREST-1152">https://jira.spring.io/browse/DATAREST-1152</a><br><a href="https://pivotal.io/security/cve-2017-8046">https://pivotal.io/security/cve-2017-8046</a><br><a href="https://www.exploit-db.com/exploits/44289/">https://www.exploit-db.com/exploits/44289/</a><br></details> |
| org.springframework.boot:spring-boot | CVE-2018-1196 | MEDIUM | 1.4.2.RELEASE | 1.5.10.RELEASE | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-1196">https://access.redhat.com/security/cve/CVE-2018-1196</a><br><a href="https://github.com/advisories/GHSA-xx65-cc7g-9pfp">https://github.com/advisories/GHSA-xx65-cc7g-9pfp</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-1196">https://nvd.nist.gov/vuln/detail/CVE-2018-1196</a><br><a href="https://pivotal.io/security/cve-2018-1196">https://pivotal.io/security/cve-2018-1196</a><br></details> |
| org.springframework.data:spring-data-commons | CVE-2018-1273 | CRITICAL | 1.12.5.RELEASE | 2.0.6.RELEASE | <details><summary>Expand...</summary><a href="http://mail-archives.apache.org/mod_mbox/ignite-dev/201807.mbox/%3CCAK0qHnqzfzmCDFFi6c5Jok19zNkVCz5Xb4sU%3D0f2J_1i4p46zQ%40mail.gmail.com%3E">http://mail-archives.apache.org/mod_mbox/ignite-dev/201807.mbox/%3CCAK0qHnqzfzmCDFFi6c5Jok19zNkVCz5Xb4sU%3D0f2J_1i4p46zQ%40mail.gmail.com%3E</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-1273">https://access.redhat.com/security/cve/CVE-2018-1273</a><br><a href="https://github.com/advisories/GHSA-4fq3-mr56-cg6r">https://github.com/advisories/GHSA-4fq3-mr56-cg6r</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-1273">https://nvd.nist.gov/vuln/detail/CVE-2018-1273</a><br><a href="https://pivotal.io/security/cve-2018-1273">https://pivotal.io/security/cve-2018-1273</a><br></details> |
| org.springframework:spring-core | CVE-2018-1270 | CRITICAL | 4.3.4.RELEASE | 4.3.16, 5.0.5 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html">http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/103696">http://www.securityfocus.com/bid/103696</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2939">https://access.redhat.com/errata/RHSA-2018:2939</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-1270">https://access.redhat.com/security/cve/CVE-2018-1270</a><br><a href="https://bugs.launchpad.net/ubuntu/+source/saaj/+bug/1814133">https://bugs.launchpad.net/ubuntu/+source/saaj/+bug/1814133</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1270">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1270</a><br><a href="https://github.com/advisories/GHSA-p5hg-3xm3-gcjg">https://github.com/advisories/GHSA-p5hg-3xm3-gcjg</a><br><a href="https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html">https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-1270">https://nvd.nist.gov/vuln/detail/CVE-2018-1270</a><br><a href="https://pivotal.io/security/cve-2018-1270">https://pivotal.io/security/cve-2018-1270</a><br><a href="https://www.exploit-db.com/exploits/44796/">https://www.exploit-db.com/exploits/44796/</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html">https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a><br></details> |
| org.springframework:spring-core | CVE-2018-1275 | CRITICAL | 4.3.4.RELEASE | 5.0.5, 4.3.16 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html">http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/103771">http://www.securityfocus.com/bid/103771</a><br><a href="http://www.securitytracker.com/id/1041301">http://www.securitytracker.com/id/1041301</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1320">https://access.redhat.com/errata/RHSA-2018:1320</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2939">https://access.redhat.com/errata/RHSA-2018:2939</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-1275">https://access.redhat.com/security/cve/CVE-2018-1275</a><br><a href="https://github.com/advisories/GHSA-3rmv-2pg5-xvqj">https://github.com/advisories/GHSA-3rmv-2pg5-xvqj</a><br><a href="https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-1275">https://nvd.nist.gov/vuln/detail/CVE-2018-1275</a><br><a href="https://pivotal.io/security/cve-2018-1275">https://pivotal.io/security/cve-2018-1275</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html">https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a><br></details> |
| org.springframework:spring-core | CVE-2016-9878 | HIGH | 4.3.4.RELEASE | 4.3.5, 4.2.9, 3.2.18 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html">http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html">http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html">http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html</a><br><a href="http://www.securityfocus.com/bid/95072">http://www.securityfocus.com/bid/95072</a><br><a href="http://www.securitytracker.com/id/1040698">http://www.securitytracker.com/id/1040698</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3115">https://access.redhat.com/errata/RHSA-2017:3115</a><br><a href="https://access.redhat.com/security/cve/CVE-2016-9878">https://access.redhat.com/security/cve/CVE-2016-9878</a><br><a href="https://github.com/advisories/GHSA-2m8h-fgr8-2q9w">https://github.com/advisories/GHSA-2m8h-fgr8-2q9w</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/07/msg00012.html">https://lists.debian.org/debian-lts-announce/2019/07/msg00012.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2016-9878">https://nvd.nist.gov/vuln/detail/CVE-2016-9878</a><br><a href="https://pivotal.io/security/cve-2016-9878">https://pivotal.io/security/cve-2016-9878</a><br><a href="https://security.netapp.com/advisory/ntap-20180419-0002/">https://security.netapp.com/advisory/ntap-20180419-0002/</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a><br></details> |
| org.springframework:spring-core | CVE-2018-1199 | HIGH | 4.3.4.RELEASE | 5.0.3, 4.3.14 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2018:2405">https://access.redhat.com/errata/RHSA-2018:2405</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-1199">https://access.redhat.com/security/cve/CVE-2018-1199</a><br><a href="https://github.com/advisories/GHSA-v596-fwhq-8x48">https://github.com/advisories/GHSA-v596-fwhq-8x48</a><br><a href="https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-1199">https://nvd.nist.gov/vuln/detail/CVE-2018-1199</a><br><a href="https://pivotal.io/security/cve-2018-1199">https://pivotal.io/security/cve-2018-1199</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br></details> |
| org.springframework:spring-core | CVE-2018-1272 | HIGH | 4.3.4.RELEASE | 5.0.5, 4.3.15 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html">http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/103697">http://www.securityfocus.com/bid/103697</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1320">https://access.redhat.com/errata/RHSA-2018:1320</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2669">https://access.redhat.com/errata/RHSA-2018:2669</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-1272">https://access.redhat.com/security/cve/CVE-2018-1272</a><br><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/141286">https://exchange.xforce.ibmcloud.com/vulnerabilities/141286</a><br><a href="https://github.com/advisories/GHSA-4487-x383-qpph">https://github.com/advisories/GHSA-4487-x383-qpph</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-1272">https://nvd.nist.gov/vuln/detail/CVE-2018-1272</a><br><a href="https://pivotal.io/security/cve-2018-1272">https://pivotal.io/security/cve-2018-1272</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html">https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a><br></details> |
| org.springframework:spring-core | CVE-2018-15756 | HIGH | 4.3.4.RELEASE | 4.3.20, 5.0.10, 5.1.1 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/105703">http://www.securityfocus.com/bid/105703</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-15756">https://access.redhat.com/security/cve/CVE-2018-15756</a><br><a href="https://github.com/advisories/GHSA-ffvq-7w96-97p7">https://github.com/advisories/GHSA-ffvq-7w96-97p7</a><br><a href="https://lists.apache.org/thread.html/339fd112517e4873695b5115b96acdddbfc8f83b10598528d37c7d12@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/339fd112517e4873695b5115b96acdddbfc8f83b10598528d37c7d12@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/77886fec378ee6064debb1efb6b464a4a0173b2ff0d151ed86d3a228@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/77886fec378ee6064debb1efb6b464a4a0173b2ff0d151ed86d3a228@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/7b156ee50ba3ecce87b33c06bf7a749d84ffee55e69bfb5eca88fcc3@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/7b156ee50ba3ecce87b33c06bf7a749d84ffee55e69bfb5eca88fcc3@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/8a1fe70534fc52ff5c9db5ac29c55657f802cbefd7e9d9850c7052bd@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/8a1fe70534fc52ff5c9db5ac29c55657f802cbefd7e9d9850c7052bd@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/a3071e11c6fbd593022074ec1b4693f6d948c2b02cfa4a5d854aed68@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/a3071e11c6fbd593022074ec1b4693f6d948c2b02cfa4a5d854aed68@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bb354962cb51fff65740d5fb1bc2aac56af577c06244b57c36f98e4d@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/bb354962cb51fff65740d5fb1bc2aac56af577c06244b57c36f98e4d@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/d6a84f52db89804b0ad965f3ea2b24bb880edee29107a1c5069cc3dd@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/d6a84f52db89804b0ad965f3ea2b24bb880edee29107a1c5069cc3dd@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/efaa52b0aa67aae7cbd9e6ef96945387e422d7ce0e65434570a37b1d@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/efaa52b0aa67aae7cbd9e6ef96945387e422d7ce0e65434570a37b1d@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f8905507a2c94af6b08b72d7be0c4b8c6660e585f00abfafeccc86bc@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/f8905507a2c94af6b08b72d7be0c4b8c6660e585f00abfafeccc86bc@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html">https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-15756">https://nvd.nist.gov/vuln/detail/CVE-2018-15756</a><br><a href="https://pivotal.io/security/cve-2018-15756">https://pivotal.io/security/cve-2018-15756</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2020.html">https://www.oracle.com/security-alerts/cpuapr2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br><a href="https://www.oracle.com/
| org.springframework:spring-core | CVE-2018-11039 | MEDIUM | 4.3.4.RELEASE | 4.3.18, 5.0.7 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/107984">http://www.securityfocus.com/bid/107984</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-11039">https://access.redhat.com/security/cve/CVE-2018-11039</a><br><a href="https://github.com/advisories/GHSA-9gcm-f4x3-8jpw">https://github.com/advisories/GHSA-9gcm-f4x3-8jpw</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html">https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-11039">https://nvd.nist.gov/vuln/detail/CVE-2018-11039</a><br><a href="https://pivotal.io/security/cve-2018-11039">https://pivotal.io/security/cve-2018-11039</a><br><a href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html">https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html">https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a><br></details> |
| org.springframework:spring-core | CVE-2018-11040 | MEDIUM | 4.3.4.RELEASE | 4.3.18, 5.0.7 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-11040">https://access.redhat.com/security/cve/CVE-2018-11040</a><br><a href="https://github.com/advisories/GHSA-f26x-pr96-vw86">https://github.com/advisories/GHSA-f26x-pr96-vw86</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html">https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-11040">https://nvd.nist.gov/vuln/detail/CVE-2018-11040</a><br><a href="https://pivotal.io/security/cve-2018-11040">https://pivotal.io/security/cve-2018-11040</a><br><a href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html">https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html">https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a><br></details> |
| org.springframework:spring-core | CVE-2018-1257 | MEDIUM | 4.3.4.RELEASE | 4.3.17, 5.0.6 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/104260">http://www.securityfocus.com/bid/104260</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1809">https://access.redhat.com/errata/RHSA-2018:1809</a><br><a href="https://access.redhat.com/errata/RHSA-2018:3768">https://access.redhat.com/errata/RHSA-2018:3768</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-1257">https://access.redhat.com/security/cve/CVE-2018-1257</a><br><a href="https://github.com/advisories/GHSA-rcpf-vj53-7h2m">https://github.com/advisories/GHSA-rcpf-vj53-7h2m</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-1257">https://nvd.nist.gov/vuln/detail/CVE-2018-1257</a><br><a href="https://pivotal.io/security/cve-2018-1257">https://pivotal.io/security/cve-2018-1257</a><br><a href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html">https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html">https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a><br></details> |
| org.springframework:spring-core | CVE-2018-1271 | MEDIUM | 4.3.4.RELEASE | 4.3.15, 5.0.5 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html">http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/103699">http://www.securityfocus.com/bid/103699</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1320">https://access.redhat.com/errata/RHSA-2018:1320</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2669">https://access.redhat.com/errata/RHSA-2018:2669</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2939">https://access.redhat.com/errata/RHSA-2018:2939</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-1271">https://access.redhat.com/security/cve/CVE-2018-1271</a><br><a href="https://github.com/advisories/GHSA-g8hw-794c-4j9g">https://github.com/advisories/GHSA-g8hw-794c-4j9g</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-1271">https://nvd.nist.gov/vuln/detail/CVE-2018-1271</a><br><a href="https://pivotal.io/security/cve-2018-1271">https://pivotal.io/security/cve-2018-1271</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html">https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a><br></details> |