2021-12-05 00:50:14 +00:00
---
hide:
- toc
---
2021-12-05 23:17:30 +00:00
# Security Overview
2021-12-04 20:11:45 +00:00
2021-12-05 00:50:14 +00:00
< link href = "https://truecharts.org/_static/trivy.css" type = "text/css" rel = "stylesheet" / >
2021-12-04 20:11:45 +00:00
## Helm-Chart
##### Scan Results
2021-12-05 00:50:14 +00:00
#### Chart Object: davos/templates/common.yaml
2021-12-04 20:11:45 +00:00
2021-12-04 20:34:35 +00:00
2021-12-05 00:50:14 +00:00
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | < details > < summary > Expand...< / summary > A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-davos' should set ' securityContext.allowPrivilegeEscalation' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv001" > https://avd.aquasec.com/appshield/ksv001< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' RELEASE-NAME-davos' of Deployment ' RELEASE-NAME-davos' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | < details > < summary > Expand...< / summary > The container should drop all default capabilities and add only those that are needed for its execution. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-davos' should add ' ALL' to ' securityContext.capabilities.drop' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/" > https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv003" > https://avd.aquasec.com/appshield/ksv003< / a > < br > < / details > |
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | < details > < summary > Expand...< / summary > Enforcing CPU limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-davos' should set ' resources.limits.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv011" > https://avd.aquasec.com/appshield/ksv011< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' RELEASE-NAME-davos' of Deployment ' RELEASE-NAME-davos' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-davos' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | < details > < summary > Expand...< / summary > ' runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-davos' should set ' securityContext.runAsNonRoot' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv012" > https://avd.aquasec.com/appshield/ksv012< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' RELEASE-NAME-davos' of Deployment ' RELEASE-NAME-davos' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-davos' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | < details > < summary > Expand...< / summary > An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-davos' should set ' securityContext.readOnlyRootFilesystem' to true < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/" > https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv014" > https://avd.aquasec.com/appshield/ksv014< / a > < br > < / details > |
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-davos' should set ' resources.requests.cpu' < / details > | < details > < summary > Expand...< / summary > < a href = "https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits" > https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv015" > https://avd.aquasec.com/appshield/ksv015< / a > < br > < / details > |
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | < details > < summary > Expand...< / summary > When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-davos' should set ' resources.requests.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv016" > https://avd.aquasec.com/appshield/ksv016< / a > < br > < / details > |
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | < details > < summary > Expand...< / summary > Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-davos' should set ' securityContext.privileged' to false < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv017" > https://avd.aquasec.com/appshield/ksv017< / a > < br > < / details > |
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | < details > < summary > Expand...< / summary > Enforcing memory limits prevents DoS via resource exhaustion. < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-davos' should set ' resources.limits.memory' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-resources-limits-memory/" > https://kubesec.io/basics/containers-resources-limits-memory/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv018" > https://avd.aquasec.com/appshield/ksv018< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ < br > < hr > < br > Container ' RELEASE-NAME-davos' of Deployment ' RELEASE-NAME-davos' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-davos' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with user ID > 10000 to avoid conflicts with the host’ < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-davos' should set ' securityContext.runAsUser' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv020" > https://avd.aquasec.com/appshield/ksv020< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ < br > < hr > < br > Container ' RELEASE-NAME-davos' of Deployment ' RELEASE-NAME-davos' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ < br > < hr > < br > Container ' autopermissions' of Deployment ' RELEASE-NAME-davos' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
2022-03-02 12:51:49 +00:00
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | < details > < summary > Expand...< / summary > Force the container to run with group ID > 10000 to avoid conflicts with the host’ < br > < hr > < br > Container ' hostpatch' of Deployment ' RELEASE-NAME-davos' should set ' securityContext.runAsGroup' > 10000 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubesec.io/basics/containers-securitycontext-runasuser/" > https://kubesec.io/basics/containers-securitycontext-runasuser/< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv021" > https://avd.aquasec.com/appshield/ksv021< / a > < br > < / details > |
| Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM | < details > < summary > Expand...< / summary > HostPath volumes must be forbidden. < br > < hr > < br > Deployment ' RELEASE-NAME-davos' should not set ' spec.template.volumes.hostPath' < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv023" > https://avd.aquasec.com/appshield/ksv023< / a > < br > < / details > |
2021-12-05 00:50:14 +00:00
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | < details > < summary > Expand...< / summary > Containers should be forbidden from running with a root primary or supplementary GID. < br > < hr > < br > Deployment ' RELEASE-NAME-davos' should set ' spec.securityContext.runAsGroup' , ' spec.securityContext.supplementalGroups[*]' and ' spec.securityContext.fsGroup' to integer greater than 0 < / details > | < details > < summary > Expand...< / summary > < a href = "https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted" > https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted< / a > < br > < a href = "https://avd.aquasec.com/appshield/ksv029" > https://avd.aquasec.com/appshield/ksv029< / a > < br > < / details > |
2021-12-04 20:11:45 +00:00
## Containers
##### Detected Containers
2022-03-26 15:30:42 +00:00
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
2021-12-04 20:11:45 +00:00
tccr.io/truecharts/davos:v2.2.1-ls76@sha256:f9359583fb20278b436e7b018ee244f2cce1480d6834775f19e9da3503dd0e9b
##### Scan Results
2022-03-26 15:30:42 +00:00
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
2021-12-05 00:50:14 +00:00
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
**alpine**
2021-12-04 20:34:35 +00:00
2022-03-30 20:23:21 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-04-12 17:24:36 +00:00
| busybox | CVE-2022-28391 | UNKNOWN | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < / details > |
| ssl_client | CVE-2022-28391 | UNKNOWN | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
2022-03-26 15:30:42 +00:00
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
2022-02-06 17:25:51 +00:00
**alpine**
2022-03-30 20:23:21 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-04-12 17:24:36 +00:00
| busybox | CVE-2022-28391 | UNKNOWN | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < / details > |
| ssl_client | CVE-2022-28391 | UNKNOWN | 1.34.1-r4 | 1.34.1-r5 | < details > < summary > Expand...< / summary > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch< / a > < br > < a href = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" > https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch< / a > < br > < a href = "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" > https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661< / a > < br > < / details > |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2022/03/25/2" > http://www.openwall.com/lists/oss-security/2022/03/25/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2022/03/26/1" > http://www.openwall.com/lists/oss-security/2022/03/26/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-25032" > https://access.redhat.com/security/cve/CVE-2018-25032< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032< / a > < br > < a href = "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" > https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531< / a > < br > < a href = "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" > https://github.com/madler/zlib/compare/v1.2.11...v1.2.12< / a > < br > < a href = "https://github.com/madler/zlib/issues/605" > https://github.com/madler/zlib/issues/605< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4" > https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4< / a > < br > < a href = "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5" > https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5< / a > < br > < a href = "https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ" > https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" > https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-25032" > https://nvd.nist.gov/vuln/detail/CVE-2018-25032< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-1" > https://ubuntu.com/security/notices/USN-5355-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5355-2" > https://ubuntu.com/security/notices/USN-5355-2< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5359-1" > https://ubuntu.com/security/notices/USN-5359-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5111" > https://www.debian.org/security/2022/dsa-5111< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/24/1" > https://www.openwall.com/lists/oss-security/2022/03/24/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/1" > https://www.openwall.com/lists/oss-security/2022/03/28/1< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2022/03/28/3" > https://www.openwall.com/lists/oss-security/2022/03/28/3< / a > < br > < / details > |
2022-02-06 17:25:51 +00:00
2021-12-05 00:50:14 +00:00
#### Container: Java
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
**jar**
2021-12-04 20:34:35 +00:00
2021-12-04 20:11:45 +00:00
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
2022-03-30 20:23:21 +00:00
| com.fasterxml.jackson.core:jackson-databind | CVE-2017-15095 | CRITICAL | 2.8.4 | 2.7.9.2, 2.8.10, 2.9.1 | < details > < summary > Expand...< / summary > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" > http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" > http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html< / a > < br > < a href = "http://www.securityfocus.com/bid/103880" > http://www.securityfocus.com/bid/103880< / a > < br > < a href = "http://www.securitytracker.com/id/1039769" > http://www.securitytracker.com/id/1039769< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3189" > https://access.redhat.com/errata/RHSA-2017:3189< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3190" > https://access.redhat.com/errata/RHSA-2017:3190< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0342" > https://access.redhat.com/errata/RHSA-2018:0342< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0478" > https://access.redhat.com/errata/RHSA-2018:0478< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0479" > https://access.redhat.com/errata/RHSA-2018:0479< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0480" > https://access.redhat.com/errata/RHSA-2018:0480< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0481" > https://access.redhat.com/errata/RHSA-2018:0481< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0576" > https://access.redhat.com/errata/RHSA-2018:0576< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0577" > https://access.redhat.com/errata/RHSA-2018:0577< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1447" > https://access.redhat.com/errata/RHSA-2018:1447< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1448" > https://access.redhat.com/errata/RHSA-2018:1448< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1449" > https://access.redhat.com/errata/RHSA-2018:1449< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1450" > https://access.redhat.com/errata/RHSA-2018:1450< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1451" > https://access.redhat.com/errata/RHSA-2018:1451< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2927" > https://access.redhat.com/errata/RHSA-2018:2927< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3892" > https://access.redhat.com/errata/RHSA-2019:3892< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2017-15095" > https://access.redhat.com/security/cve/CVE-2017-15095< / a > < br > < a href = "https://access.redhat.com/solutions/3442891" > https://access.redhat.com/solutions/3442891< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/blob/7093008aa2afe8068e120df850189ae072dfa1b2/src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java#L43" > https://github.com/FasterXML/jackson-databind/blob/7093008aa2afe8068e120df850189ae072dfa1b2/src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java#L43< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/3bfbb835" > https://github.com/FasterXML/jackson-databind/commit/3bfbb835< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/ddfddfba" > https://github.com/FasterXML/jackson-databind/commit/ddfddfba< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/e8f043d1" > https://github.com/FasterXML/jackson-databind/commit/e8f043d1< / a > < br > < a href = "https://github.com/Fa
| com.fasterxml.jackson.core:jackson-databind | CVE-2017-17485 | CRITICAL | 2.8.4 | 2.8.11, 2.9.4 | < details > < summary > Expand...< / summary > < a href = "http://www.securityfocus.com/archive/1/541652/100/0/threaded" > http://www.securityfocus.com/archive/1/541652/100/0/threaded< / a > < br > < a href = "http://www.securityfocus.com/archive/1/archive/1/541652/100/0/threaded" > http://www.securityfocus.com/archive/1/archive/1/541652/100/0/threaded< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0116" > https://access.redhat.com/errata/RHSA-2018:0116< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0342" > https://access.redhat.com/errata/RHSA-2018:0342< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0478" > https://access.redhat.com/errata/RHSA-2018:0478< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0479" > https://access.redhat.com/errata/RHSA-2018:0479< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0480" > https://access.redhat.com/errata/RHSA-2018:0480< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0481" > https://access.redhat.com/errata/RHSA-2018:0481< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1447" > https://access.redhat.com/errata/RHSA-2018:1447< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1448" > https://access.redhat.com/errata/RHSA-2018:1448< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1449" > https://access.redhat.com/errata/RHSA-2018:1449< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1450" > https://access.redhat.com/errata/RHSA-2018:1450< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1451" > https://access.redhat.com/errata/RHSA-2018:1451< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2930" > https://access.redhat.com/errata/RHSA-2018:2930< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1782" > https://access.redhat.com/errata/RHSA-2019:1782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1797" > https://access.redhat.com/errata/RHSA-2019:1797< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3892" > https://access.redhat.com/errata/RHSA-2019:3892< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2017-17485" > https://access.redhat.com/security/cve/CVE-2017-17485< / a > < br > < a href = "https://access.redhat.com/solutions/3442891" > https://access.redhat.com/solutions/3442891< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/1855" > https://github.com/FasterXML/jackson-databind/issues/1855< / a > < br > < a href = "https://github.com/advisories/GHSA-rfx6-vp9g-rh7v" > https://github.com/advisories/GHSA-rfx6-vp9g-rh7v< / a > < br > < a href = "https://github.com/irsl/jackson-rce-via-spel/" > https://github.com/irsl/jackson-rce-via-spel/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2017-17485" > https://nvd.nist.gov/vuln/detail/CVE-2017-17485< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20180201-0003/" > https://security.netapp.com/advisory/ntap-20180201-0003/< / a > < br > < a href = "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us" > https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US& docId=emr_na-hpesbhf03902en_us< / a > < br > < a href = "https://www.debian.org/security/2018/dsa-4114" > https://www.debian.org/security/2018/dsa-4114< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < / details > |
| com.fasterxml.jackson.core:jackson-databind | CVE-2017-7525 | CRITICAL | 2.8.4 | 2.6.7.1, 2.7.9.1, 2.8.9 | < details > < summary > Expand...< / summary > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" > http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" > http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html< / a > < br > < a href = "http://www.securityfocus.com/bid/99623" > http://www.securityfocus.com/bid/99623< / a > < br > < a href = "http://www.securitytracker.com/id/1039744" > http://www.securitytracker.com/id/1039744< / a > < br > < a href = "http://www.securitytracker.com/id/1039947" > http://www.securitytracker.com/id/1039947< / a > < br > < a href = "http://www.securitytracker.com/id/1040360" > http://www.securitytracker.com/id/1040360< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:1834" > https://access.redhat.com/errata/RHSA-2017:1834< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:1835" > https://access.redhat.com/errata/RHSA-2017:1835< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:1836" > https://access.redhat.com/errata/RHSA-2017:1836< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:1837" > https://access.redhat.com/errata/RHSA-2017:1837< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:1839" > https://access.redhat.com/errata/RHSA-2017:1839< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:1840" > https://access.redhat.com/errata/RHSA-2017:1840< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2477" > https://access.redhat.com/errata/RHSA-2017:2477< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2546" > https://access.redhat.com/errata/RHSA-2017:2546< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2547" > https://access.redhat.com/errata/RHSA-2017:2547< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2633" > https://access.redhat.com/errata/RHSA-2017:2633< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2635" > https://access.redhat.com/errata/RHSA-2017:2635< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2636" > https://access.redhat.com/errata/RHSA-2017:2636< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2637" > https://access.redhat.com/errata/RHSA-2017:2637< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2638" > https://access.redhat.com/errata/RHSA-2017:2638< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3141" > https://access.redhat.com/errata/RHSA-2017:3141< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3454" > https://access.redhat.com/errata/RHSA-2017:3454< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3455" > https://access.redhat.com/errata/RHSA-2017:3455< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3456" > https://access.redhat.com/errata/RHSA-2017:3456< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3458" > https://access.redhat.com/errata/RHSA-2017:3458< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0294" > https://access.redhat.com/errata/RHSA-2018:0294< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0342" > https://access.redhat.com/errata/RHSA-2018:0342< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1449" > https://access.redhat.com/errata/RHSA-2018:1449< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1450" > https://access.redhat.com/errata/RHSA-2018:1450< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0910" > https://access.redhat.com/errata/RHSA-2019:0910< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2017-7525" > https://access.redhat.com/
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-11307 | CRITICAL | 2.8.4 | 2.7.9.4, 2.8.11.2, 2.9.6 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHSA-2019:0782" > https://access.redhat.com/errata/RHSA-2019:0782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1822" > https://access.redhat.com/errata/RHSA-2019:1822< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1823" > https://access.redhat.com/errata/RHSA-2019:1823< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2804" > https://access.redhat.com/errata/RHSA-2019:2804< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3002" > https://access.redhat.com/errata/RHSA-2019:3002< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3140" > https://access.redhat.com/errata/RHSA-2019:3140< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3892" > https://access.redhat.com/errata/RHSA-2019:3892< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:4037" > https://access.redhat.com/errata/RHSA-2019:4037< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-11307" > https://access.redhat.com/security/cve/CVE-2018-11307< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2032" > https://github.com/FasterXML/jackson-databind/issues/2032< / a > < br > < a href = "https://github.com/advisories/GHSA-qr7j-h6gg-jmgc" > https://github.com/advisories/GHSA-qr7j-h6gg-jmgc< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E" > https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" > https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E< / a > < br > < a href = "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062" > https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2017-7525" > https://nvd.nist.gov/vuln/detail/CVE-2017-7525< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-11307" > https://nvd.nist.gov/vuln/detail/CVE-2018-11307< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuapr2020.html" > https://www.oracle.com/security-alerts/cpuapr2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2020.html" > https://www.oracle.com/security-alerts/cpujan2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" > https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html< / a > < br > < / details > |
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-14718 | CRITICAL | 2.8.4 | 2.6.7.2, 2.9.7 | < details > < summary > Expand...< / summary > < a href = "http://www.securityfocus.com/bid/106601" > http://www.securityfocus.com/bid/106601< / a > < br > < a href = "https://access.redhat.com/errata/RHBA-2019:0959" > https://access.redhat.com/errata/RHBA-2019:0959< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0782" > https://access.redhat.com/errata/RHSA-2019:0782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0877" > https://access.redhat.com/errata/RHSA-2019:0877< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1782" > https://access.redhat.com/errata/RHSA-2019:1782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1797" > https://access.redhat.com/errata/RHSA-2019:1797< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1822" > https://access.redhat.com/errata/RHSA-2019:1822< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1823" > https://access.redhat.com/errata/RHSA-2019:1823< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2804" > https://access.redhat.com/errata/RHSA-2019:2804< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3002" > https://access.redhat.com/errata/RHSA-2019:3002< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3140" > https://access.redhat.com/errata/RHSA-2019:3140< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3892" > https://access.redhat.com/errata/RHSA-2019:3892< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:4037" > https://access.redhat.com/errata/RHSA-2019:4037< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-14718" > https://access.redhat.com/security/cve/CVE-2018-14718< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44" > https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2097" > https://github.com/FasterXML/jackson-databind/issues/2097< / a > < br > < a href = "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7" > https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7< / a > < br > < a href = "https://github.com/advisories/GHSA-645p-88qh-w398" > https://github.com/advisories/GHSA-645p-88qh-w398< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E" > https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E" > https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E" > https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" > https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissu
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-14719 | CRITICAL | 2.8.4 | 2.6.7.2, 2.9.7 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHBA-2019:0959" > https://access.redhat.com/errata/RHBA-2019:0959< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0782" > https://access.redhat.com/errata/RHSA-2019:0782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0877" > https://access.redhat.com/errata/RHSA-2019:0877< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1782" > https://access.redhat.com/errata/RHSA-2019:1782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1797" > https://access.redhat.com/errata/RHSA-2019:1797< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1822" > https://access.redhat.com/errata/RHSA-2019:1822< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1823" > https://access.redhat.com/errata/RHSA-2019:1823< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2804" > https://access.redhat.com/errata/RHSA-2019:2804< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3002" > https://access.redhat.com/errata/RHSA-2019:3002< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3140" > https://access.redhat.com/errata/RHSA-2019:3140< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3892" > https://access.redhat.com/errata/RHSA-2019:3892< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:4037" > https://access.redhat.com/errata/RHSA-2019:4037< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-14719" > https://access.redhat.com/security/cve/CVE-2018-14719< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44" > https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2097" > https://github.com/FasterXML/jackson-databind/issues/2097< / a > < br > < a href = "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7" > https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7< / a > < br > < a href = "https://github.com/advisories/GHSA-4gq5-ch57-c2mg" > https://github.com/advisories/GHSA-4gq5-ch57-c2mg< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" > https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E" > https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" > https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html" > https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-14719" > https://nvd.nist.gov/vuln/detail/CVE-2018-14719< / a > < br > < a href = "https://seclists.org/bugtraq/2019/May/68"
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-14720 | CRITICAL | 2.8.4 | 2.6.7.2, 2.9.7 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHBA-2019:0959" > https://access.redhat.com/errata/RHBA-2019:0959< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0782" > https://access.redhat.com/errata/RHSA-2019:0782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1106" > https://access.redhat.com/errata/RHSA-2019:1106< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1107" > https://access.redhat.com/errata/RHSA-2019:1107< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1108" > https://access.redhat.com/errata/RHSA-2019:1108< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1140" > https://access.redhat.com/errata/RHSA-2019:1140< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1822" > https://access.redhat.com/errata/RHSA-2019:1822< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1823" > https://access.redhat.com/errata/RHSA-2019:1823< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3892" > https://access.redhat.com/errata/RHSA-2019:3892< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:4037" > https://access.redhat.com/errata/RHSA-2019:4037< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-14720" > https://access.redhat.com/security/cve/CVE-2018-14720< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44" > https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2097" > https://github.com/FasterXML/jackson-databind/issues/2097< / a > < br > < a href = "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7" > https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7< / a > < br > < a href = "https://github.com/advisories/GHSA-x2w5-5m2g-7h5m" > https://github.com/advisories/GHSA-x2w5-5m2g-7h5m< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E" > https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E" > https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E" > https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" > https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E" > https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E< / a > < br > < a href = "https://lists.a
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-14721 | CRITICAL | 2.8.4 | 2.6.7.2, 2.9.7 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHBA-2019:0959" > https://access.redhat.com/errata/RHBA-2019:0959< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0782" > https://access.redhat.com/errata/RHSA-2019:0782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1106" > https://access.redhat.com/errata/RHSA-2019:1106< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1107" > https://access.redhat.com/errata/RHSA-2019:1107< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1108" > https://access.redhat.com/errata/RHSA-2019:1108< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1140" > https://access.redhat.com/errata/RHSA-2019:1140< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1822" > https://access.redhat.com/errata/RHSA-2019:1822< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1823" > https://access.redhat.com/errata/RHSA-2019:1823< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3892" > https://access.redhat.com/errata/RHSA-2019:3892< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:4037" > https://access.redhat.com/errata/RHSA-2019:4037< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-14721" > https://access.redhat.com/security/cve/CVE-2018-14721< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44" > https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2097" > https://github.com/FasterXML/jackson-databind/issues/2097< / a > < br > < a href = "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7" > https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7< / a > < br > < a href = "https://github.com/advisories/GHSA-9mxf-g3x6-wv74" > https://github.com/advisories/GHSA-9mxf-g3x6-wv74< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" > https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E" > https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" > https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html" > https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-14721" > https://nvd.nist.gov/vuln/detail/CVE-2018-14721< / a > < br > < a href = "https://seclists.org/bugtraq/2019/May/68" > https://seclists.org/bugtraq/2019/May/68< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20190530-0003/" > https://security.netapp.com/advisory/ntap-20190530-0003/< / a > < br > < a href = "https://www.debian.org/security/2019/
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-19360 | CRITICAL | 2.8.4 | 2.6.7.3, 2.7.9.5, 2.8.11.3, 2.9.8 | < details > < summary > Expand...< / summary > < a href = "http://www.securityfocus.com/bid/107985" > http://www.securityfocus.com/bid/107985< / a > < br > < a href = "https://access.redhat.com/errata/RHBA-2019:0959" > https://access.redhat.com/errata/RHBA-2019:0959< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0782" > https://access.redhat.com/errata/RHSA-2019:0782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0877" > https://access.redhat.com/errata/RHSA-2019:0877< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1782" > https://access.redhat.com/errata/RHSA-2019:1782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1797" > https://access.redhat.com/errata/RHSA-2019:1797< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1822" > https://access.redhat.com/errata/RHSA-2019:1822< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1823" > https://access.redhat.com/errata/RHSA-2019:1823< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2804" > https://access.redhat.com/errata/RHSA-2019:2804< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3002" > https://access.redhat.com/errata/RHSA-2019:3002< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3140" > https://access.redhat.com/errata/RHSA-2019:3140< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3892" > https://access.redhat.com/errata/RHSA-2019:3892< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:4037" > https://access.redhat.com/errata/RHSA-2019:4037< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-19360" > https://access.redhat.com/security/cve/CVE-2018-19360< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b" > https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2186" > https://github.com/FasterXML/jackson-databind/issues/2186< / a > < br > < a href = "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8" > https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8< / a > < br > < a href = "https://github.com/advisories/GHSA-f9hv-mg5h-xcw9" > https://github.com/advisories/GHSA-f9hv-mg5h-xcw9< / a > < br > < a href = "https://issues.apache.org/jira/browse/TINKERPOP-2121" > https://issues.apache.org/jira/browse/TINKERPOP-2121< / a > < br > < a href = "https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E" > https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E" > https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E" > https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-19361 | CRITICAL | 2.8.4 | 2.6.7.3, 2.7.9.5, 2.8.11.3, 2.9.8 | < details > < summary > Expand...< / summary > < a href = "http://www.securityfocus.com/bid/107985" > http://www.securityfocus.com/bid/107985< / a > < br > < a href = "https://access.redhat.com/errata/RHBA-2019:0959" > https://access.redhat.com/errata/RHBA-2019:0959< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0782" > https://access.redhat.com/errata/RHSA-2019:0782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0877" > https://access.redhat.com/errata/RHSA-2019:0877< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1782" > https://access.redhat.com/errata/RHSA-2019:1782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1797" > https://access.redhat.com/errata/RHSA-2019:1797< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1822" > https://access.redhat.com/errata/RHSA-2019:1822< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1823" > https://access.redhat.com/errata/RHSA-2019:1823< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2804" > https://access.redhat.com/errata/RHSA-2019:2804< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3002" > https://access.redhat.com/errata/RHSA-2019:3002< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3140" > https://access.redhat.com/errata/RHSA-2019:3140< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3892" > https://access.redhat.com/errata/RHSA-2019:3892< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:4037" > https://access.redhat.com/errata/RHSA-2019:4037< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-19361" > https://access.redhat.com/security/cve/CVE-2018-19361< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b" > https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2186" > https://github.com/FasterXML/jackson-databind/issues/2186< / a > < br > < a href = "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8" > https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8< / a > < br > < a href = "https://github.com/advisories/GHSA-mx9v-gmh4-mgqw" > https://github.com/advisories/GHSA-mx9v-gmh4-mgqw< / a > < br > < a href = "https://issues.apache.org/jira/browse/TINKERPOP-2121" > https://issues.apache.org/jira/browse/TINKERPOP-2121< / a > < br > < a href = "https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E" > https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E" > https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E" > https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-19362 | CRITICAL | 2.8.4 | 2.6.7.3, 2.7.9.5, 2.8.11.3, 2.9.8 | < details > < summary > Expand...< / summary > < a href = "http://www.securityfocus.com/bid/107985" > http://www.securityfocus.com/bid/107985< / a > < br > < a href = "https://access.redhat.com/errata/RHBA-2019:0959" > https://access.redhat.com/errata/RHBA-2019:0959< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0782" > https://access.redhat.com/errata/RHSA-2019:0782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0877" > https://access.redhat.com/errata/RHSA-2019:0877< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1782" > https://access.redhat.com/errata/RHSA-2019:1782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1797" > https://access.redhat.com/errata/RHSA-2019:1797< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1822" > https://access.redhat.com/errata/RHSA-2019:1822< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1823" > https://access.redhat.com/errata/RHSA-2019:1823< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2804" > https://access.redhat.com/errata/RHSA-2019:2804< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3002" > https://access.redhat.com/errata/RHSA-2019:3002< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3140" > https://access.redhat.com/errata/RHSA-2019:3140< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3892" > https://access.redhat.com/errata/RHSA-2019:3892< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:4037" > https://access.redhat.com/errata/RHSA-2019:4037< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-19362" > https://access.redhat.com/security/cve/CVE-2018-19362< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b" > https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2186" > https://github.com/FasterXML/jackson-databind/issues/2186< / a > < br > < a href = "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8" > https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8< / a > < br > < a href = "https://github.com/advisories/GHSA-c8hm-7hpq-7jhg" > https://github.com/advisories/GHSA-c8hm-7hpq-7jhg< / a > < br > < a href = "https://issues.apache.org/jira/browse/TINKERPOP-2121" > https://issues.apache.org/jira/browse/TINKERPOP-2121< / a > < br > < a href = "https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E" > https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E" > https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E" > https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-7489 | CRITICAL | 2.8.4 | 2.7.9.3, 2.8.11.1, 2.9.5 | < details > < summary > Expand...< / summary > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" > http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" > http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html< / a > < br > < a href = "http://www.securityfocus.com/bid/103203" > http://www.securityfocus.com/bid/103203< / a > < br > < a href = "http://www.securitytracker.com/id/1040693" > http://www.securitytracker.com/id/1040693< / a > < br > < a href = "http://www.securitytracker.com/id/1041890" > http://www.securitytracker.com/id/1041890< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1447" > https://access.redhat.com/errata/RHSA-2018:1447< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1448" > https://access.redhat.com/errata/RHSA-2018:1448< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1449" > https://access.redhat.com/errata/RHSA-2018:1449< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1450" > https://access.redhat.com/errata/RHSA-2018:1450< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1451" > https://access.redhat.com/errata/RHSA-2018:1451< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1786" > https://access.redhat.com/errata/RHSA-2018:1786< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2088" > https://access.redhat.com/errata/RHSA-2018:2088< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2089" > https://access.redhat.com/errata/RHSA-2018:2089< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2090" > https://access.redhat.com/errata/RHSA-2018:2090< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2938" > https://access.redhat.com/errata/RHSA-2018:2938< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2939" > https://access.redhat.com/errata/RHSA-2018:2939< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-7489" > https://access.redhat.com/security/cve/CVE-2018-7489< / a > < br > < a href = "https://access.redhat.com/solutions/3442891" > https://access.redhat.com/solutions/3442891< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7489" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7489< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/6799f8f10cc78e9af6d443ed6982d00a13f2e7d2" > https://github.com/FasterXML/jackson-databind/commit/6799f8f10cc78e9af6d443ed6982d00a13f2e7d2< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/1931" > https://github.com/FasterXML/jackson-databind/issues/1931< / a > < br > < a href = "https://github.com/advisories/GHSA-cggj-fvv3-cqwv" > https://github.com/advisories/GHSA-cggj-fvv3-cqwv< / a > < br > < a href = "https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E" > https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-7489" > https://nvd.nist.gov/vuln/detail/CVE-2018-7489< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20180328-0001/" > https://security.netapp.com/advisory/ntap-20180328-0001/< / a > < br > < a href = "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us" > https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US& docId=emr_na-hpesbhf03902en_us< / a > < br > < a href = "https://www.debian.org/security/2018/dsa-4190" > https://www.debian.org/security/2018/dsa-4190< / a > < br
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-14379 | CRITICAL | 2.8.4 | 2.7.9.6, 2.8.11.4, 2.9.9.2 | < details > < summary > Expand...< / summary > < a href = "http://seclists.org/fulldisclosure/2022/Mar/23" > http://seclists.org/fulldisclosure/2022/Mar/23< / a > < br > < a href = "https://access.redhat.com/errata/RHBA-2019:2824" > https://access.redhat.com/errata/RHBA-2019:2824< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2743" > https://access.redhat.com/errata/RHSA-2019:2743< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2935" > https://access.redhat.com/errata/RHSA-2019:2935< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2936" > https://access.redhat.com/errata/RHSA-2019:2936< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2937" > https://access.redhat.com/errata/RHSA-2019:2937< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2938" > https://access.redhat.com/errata/RHSA-2019:2938< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2998" > https://access.redhat.com/errata/RHSA-2019:2998< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3044" > https://access.redhat.com/errata/RHSA-2019:3044< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3045" > https://access.redhat.com/errata/RHSA-2019:3045< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3046" > https://access.redhat.com/errata/RHSA-2019:3046< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3050" > https://access.redhat.com/errata/RHSA-2019:3050< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3200" > https://access.redhat.com/errata/RHSA-2019:3200< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3292" > https://access.redhat.com/errata/RHSA-2019:3292< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3297" > https://access.redhat.com/errata/RHSA-2019:3297< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3901" > https://access.redhat.com/errata/RHSA-2019:3901< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0727" > https://access.redhat.com/errata/RHSA-2020:0727< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-14379" > https://access.redhat.com/security/cve/CVE-2019-14379< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b" > https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2" > https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2387" > https://github.com/FasterXML/jackson-databind/issues/2387< / a > < br > < a href = "https://github.com/advisories/GHSA-6fpp-rgj9-8rwc" > https://github.com/advisories/GHSA-6fpp-rgj9-8rwc< / a > < br > < a href = "https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E" > https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/2766188be238a446a250ef76801037d452979152d85bce5e46805815@%3Cissues.iceberg.apache.org%3E" > https://lists.apache.org/thread.html/2766188be238a446a250ef76801037d452979152d85bce5e46805815@%3Cissues.iceberg.apache.org%3E< / a > < br > < a href = "https://lists.apache.
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-14540 | CRITICAL | 2.8.4 | 2.9.10 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHSA-2019:3200" > https://access.redhat.com/errata/RHSA-2019:3200< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0159" > https://access.redhat.com/errata/RHSA-2020:0159< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0160" > https://access.redhat.com/errata/RHSA-2020:0160< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0161" > https://access.redhat.com/errata/RHSA-2020:0161< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0164" > https://access.redhat.com/errata/RHSA-2020:0164< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0445" > https://access.redhat.com/errata/RHSA-2020:0445< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-14540" > https://access.redhat.com/security/cve/CVE-2019-14540< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/blob/master/release-notes/VERSION-2.x" > https://github.com/FasterXML/jackson-databind/blob/master/release-notes/VERSION-2.x< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2410" > https://github.com/FasterXML/jackson-databind/issues/2410< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2449" > https://github.com/FasterXML/jackson-databind/issues/2449< / a > < br > < a href = "https://github.com/advisories/GHSA-h822-r4r5-v8jg" > https://github.com/advisories/GHSA-h822-r4r5-v8jg< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2019-14540.html" > https://linux.oracle.com/cve/CVE-2019-14540.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2020-1644.html" > https://linux.oracle.com/errata/ELSA-2020-1644.html< / a > < br > < a href = "https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E" > https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E" > https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E" > https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/a4f2c9fb36642a48912cdec6836ec00e497427717c5d377f8d7ccce6@%3Cnotifications.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/a4f2c9fb36642a48912cdec6836ec00e497427717c5d377f8d7ccce6@%3Cnotifications.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E" > https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E" > https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E" > https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed11638949
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-14892 | CRITICAL | 2.8.4 | 2.6.7.3, 2.8.11.5, 2.9.10 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHSA-2020:0729" > https://access.redhat.com/errata/RHSA-2020:0729< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-14892" > https://access.redhat.com/security/cve/CVE-2019-14892< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14892" > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14892< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14892" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14892< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/41b7f9b90149e9d44a65a8261a8deedc7186f6af" > https://github.com/FasterXML/jackson-databind/commit/41b7f9b90149e9d44a65a8261a8deedc7186f6af< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/819cdbcab51c6da9fb896380f2d46e9b7d4fdc3b" > https://github.com/FasterXML/jackson-databind/commit/819cdbcab51c6da9fb896380f2d46e9b7d4fdc3b< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2462" > https://github.com/FasterXML/jackson-databind/issues/2462< / a > < br > < a href = "https://github.com/advisories/GHSA-cf6r-3wgc-h863" > https://github.com/advisories/GHSA-cf6r-3wgc-h863< / a > < br > < a href = "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" > https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" > https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-14892" > https://nvd.nist.gov/vuln/detail/CVE-2019-14892< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20200904-0005/" > https://security.netapp.com/advisory/ntap-20200904-0005/< / a > < br > < / details > |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-14893 | CRITICAL | 2.8.4 | 2.8.11.5, 2.9.10 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHSA-2020:0729" > https://access.redhat.com/errata/RHSA-2020:0729< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-14893" > https://access.redhat.com/security/cve/CVE-2019-14893< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14893" > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14893< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14893" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14893< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/998efd708284778f29d83d7962a9bd935c228317" > https://github.com/FasterXML/jackson-databind/commit/998efd708284778f29d83d7962a9bd935c228317< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2469" > https://github.com/FasterXML/jackson-databind/issues/2469< / a > < br > < a href = "https://github.com/advisories/GHSA-qmqc-x3r4-6v39" > https://github.com/advisories/GHSA-qmqc-x3r4-6v39< / a > < br > < a href = "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" > https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" > https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-14893" > https://nvd.nist.gov/vuln/detail/CVE-2019-14893< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20200327-0006/" > https://security.netapp.com/advisory/ntap-20200327-0006/< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujul2020.html" > https://www.oracle.com/security-alerts/cpujul2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < / details > |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-16335 | CRITICAL | 2.8.4 | 2.9.10 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHSA-2019:3200" > https://access.redhat.com/errata/RHSA-2019:3200< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0159" > https://access.redhat.com/errata/RHSA-2020:0159< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0160" > https://access.redhat.com/errata/RHSA-2020:0160< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0161" > https://access.redhat.com/errata/RHSA-2020:0161< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0164" > https://access.redhat.com/errata/RHSA-2020:0164< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0445" > https://access.redhat.com/errata/RHSA-2020:0445< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0729" > https://access.redhat.com/errata/RHSA-2020:0729< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-16335" > https://access.redhat.com/security/cve/CVE-2019-16335< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2449" > https://github.com/FasterXML/jackson-databind/issues/2449< / a > < br > < a href = "https://github.com/advisories/GHSA-85cw-hj65-qqv9" > https://github.com/advisories/GHSA-85cw-hj65-qqv9< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2019-16335.html" > https://linux.oracle.com/cve/CVE-2019-16335.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2020-1644.html" > https://linux.oracle.com/errata/ELSA-2020-1644.html< / a > < br > < a href = "https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E" > https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E" > https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E" > https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E" > https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E" > https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E" > https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E" > https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" > https://lists.apache.org/th
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-16942 | CRITICAL | 2.8.4 | 2.9.10.1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHSA-2019:3901" > https://access.redhat.com/errata/RHSA-2019:3901< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0159" > https://access.redhat.com/errata/RHSA-2020:0159< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0160" > https://access.redhat.com/errata/RHSA-2020:0160< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0161" > https://access.redhat.com/errata/RHSA-2020:0161< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0164" > https://access.redhat.com/errata/RHSA-2020:0164< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0445" > https://access.redhat.com/errata/RHSA-2020:0445< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-16942" > https://access.redhat.com/security/cve/CVE-2019-16942< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2478" > https://github.com/FasterXML/jackson-databind/issues/2478< / a > < br > < a href = "https://github.com/advisories/GHSA-mx7p-6679-8g3q" > https://github.com/advisories/GHSA-mx7p-6679-8g3q< / a > < br > < a href = "https://issues.apache.org/jira/browse/GEODE-7255" > https://issues.apache.org/jira/browse/GEODE-7255< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2019-16942.html" > https://linux.oracle.com/cve/CVE-2019-16942.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2020-1644.html" > https://linux.oracle.com/errata/ELSA-2020-1644.html< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/7782a937c9259a58337ee36b2961f00e2d744feafc13084e176d0df5@%3Cissues.geode.apache.org%3E" > https://lists.apache.org/thread.html/7782a937c9259a58337ee36b2961f00e2d744feafc13084e176d0df5@%3Cissues.geode.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/a430dbc9be874c41314cc69e697384567a9a24025e819d9485547954@%3Cissues.geode.apache.org%3E" > https://lists.apache.org/thread.html/a430dbc9be874c41314cc69e697384567a9a24025e819d9485547954@%3Cissues.geode.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b2e23c94f9dfef53e04c492e5d02e5c75201734be7adc73a49ef2370@%3Cissues.geode.apache.org%3E" > https://lists.apache.org/thread.html/b2e23c94f9dfef53e04c492e5d02e5c75201734be7adc73a49ef2370@%3Cissues.geode.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" > https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" > https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" > https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html" > https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/< /
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-16943 | CRITICAL | 2.8.4 | 2.9.10.1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHSA-2020:0159" > https://access.redhat.com/errata/RHSA-2020:0159< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0160" > https://access.redhat.com/errata/RHSA-2020:0160< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0161" > https://access.redhat.com/errata/RHSA-2020:0161< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0164" > https://access.redhat.com/errata/RHSA-2020:0164< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0445" > https://access.redhat.com/errata/RHSA-2020:0445< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-16943" > https://access.redhat.com/security/cve/CVE-2019-16943< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2478" > https://github.com/FasterXML/jackson-databind/issues/2478< / a > < br > < a href = "https://github.com/advisories/GHSA-fmmc-742q-jg75" > https://github.com/advisories/GHSA-fmmc-742q-jg75< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2019-16943.html" > https://linux.oracle.com/cve/CVE-2019-16943.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2020-1644.html" > https://linux.oracle.com/errata/ELSA-2020-1644.html< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/5ec8d8d485c2c8ac55ea425f4cd96596ef37312532712639712ebcdd@%3Ccommits.iceberg.apache.org%3E" > https://lists.apache.org/thread.html/5ec8d8d485c2c8ac55ea425f4cd96596ef37312532712639712ebcdd@%3Ccommits.iceberg.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6@%3Cissues.iceberg.apache.org%3E" > https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6@%3Cissues.iceberg.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" > https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" > https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E" > https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" > https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html" > https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-17267 | CRITICAL | 2.8.4 | 2.9.10 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHSA-2019:3200" > https://access.redhat.com/errata/RHSA-2019:3200< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0159" > https://access.redhat.com/errata/RHSA-2020:0159< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0160" > https://access.redhat.com/errata/RHSA-2020:0160< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0161" > https://access.redhat.com/errata/RHSA-2020:0161< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0164" > https://access.redhat.com/errata/RHSA-2020:0164< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0445" > https://access.redhat.com/errata/RHSA-2020:0445< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-17267" > https://access.redhat.com/security/cve/CVE-2019-17267< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10" > https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2460" > https://github.com/FasterXML/jackson-databind/issues/2460< / a > < br > < a href = "https://github.com/advisories/GHSA-f3j5-rmmp-3fc5" > https://github.com/advisories/GHSA-f3j5-rmmp-3fc5< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" > https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" > https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E" > https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r9d727fc681fb3828794acbefcaee31393742b4d73a29461ccd9597a8@%3Cdev.skywalking.apache.org%3E" > https://lists.apache.org/thread.html/r9d727fc681fb3828794acbefcaee31393742b4d73a29461ccd9597a8@%3Cdev.skywalking.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" > https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html" > https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-17267" > https://nvd.nist.gov/vuln/detail/CVE-2019-17267< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20191017-0006/" > https://security.netapp.com/advisory/ntap-20191017-0006/< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2020.html" > https://www.oracle.com/security-alerts/cpujan2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujul2020.html" > https://www.oracle.com/security-alerts/cpujul2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < / details > |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-17531 | CRITICAL | 2.8.4 | 2.9.10.1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHSA-2019:4192" > https://access.redhat.com/errata/RHSA-2019:4192< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0159" > https://access.redhat.com/errata/RHSA-2020:0159< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0160" > https://access.redhat.com/errata/RHSA-2020:0160< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0161" > https://access.redhat.com/errata/RHSA-2020:0161< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0164" > https://access.redhat.com/errata/RHSA-2020:0164< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2020:0445" > https://access.redhat.com/errata/RHSA-2020:0445< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-17531" > https://access.redhat.com/security/cve/CVE-2019-17531< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2498" > https://github.com/FasterXML/jackson-databind/issues/2498< / a > < br > < a href = "https://github.com/advisories/GHSA-gjmw-vf9h-g25v" > https://github.com/advisories/GHSA-gjmw-vf9h-g25v< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2019-17531.html" > https://linux.oracle.com/cve/CVE-2019-17531.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2020-1644.html" > https://linux.oracle.com/errata/ELSA-2020-1644.html< / a > < br > < a href = "https://lists.apache.org/thread.html/b3c90d38f99db546de60fea65f99a924d540fae2285f014b79606ca5@%3Ccommits.pulsar.apache.org%3E" > https://lists.apache.org/thread.html/b3c90d38f99db546de60fea65f99a924d540fae2285f014b79606ca5@%3Ccommits.pulsar.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" > https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E" > https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" > https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html" > https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html< / a > < br > < a href = "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062" > https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-17531" > https://nvd.nist.gov/vuln/detail/CVE-2019-17531< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20191024-0005/" > https://security.netapp.com/advisory/ntap-20191024-0005/< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuapr2020.html" > https://www.oracle.com/security-alerts/cpuapr2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2020.html" > https://www.oracle.com/security-alerts/cpujan2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujul2020.html" > https://www.oracle.com/security-alerts/cpujul2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < / details > |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-20330 | CRITICAL | 2.8.4 | 2.8.11.5, 2.9.10.2 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2019-20330" > https://access.redhat.com/security/cve/CVE-2019-20330< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.10.1...jackson-databind-2.9.10.2" > https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.10.1...jackson-databind-2.9.10.2< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2526" > https://github.com/FasterXML/jackson-databind/issues/2526< / a > < br > < a href = "https://github.com/advisories/GHSA-gww7-p5w4-wrfv" > https://github.com/advisories/GHSA-gww7-p5w4-wrfv< / a > < br > < a href = "https://lists.apache.org/thread.html/r107c8737db39ec9ec4f4e7147b249e29be79170b9ef4b80528105a2d@%3Cdev.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r107c8737db39ec9ec4f4e7147b249e29be79170b9ef4b80528105a2d@%3Cdev.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" > https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r2c77dd6ab8344285bd8e481b57cf3029965a4b0036eefccef74cdd44@%3Cnotifications.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r2c77dd6ab8344285bd8e481b57cf3029965a4b0036eefccef74cdd44@%3Cnotifications.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E" > https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r3f8180d0d25a7c6473ebb9714b0c1d19a73f455ae70d0c5fefc17e6c@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r3f8180d0d25a7c6473ebb9714b0c1d19a73f455ae70d0c5fefc17e6c@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r428735963bee7cb99877b88d3228e28ec28af64646455c4f3e7a3c94@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r428735963bee7cb99877b88d3228e28ec28af64646455c4f3e7a3c94@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r50f513772f12e1babf65c7c2b9c16425bac2d945351879e2e267517f@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r50f513772f12e1babf65c7c2b9c16425bac2d945351879e2e267517f@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r5c14fdcabdeaba258857bcb67198652e4dce1d33ddc590cd81d82393@%3Cdev.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r5c14fdcabdeaba258857bcb67198652e4dce1d33ddc590cd81d82393@%3Cdev.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r5c3644c97f0434d1ceb48ff48897a67bdbf3baf7efbe7d04625425b3@%3Ccommits.druid.apache.org%3E" > https://lists.apache.org/thread.html/r5c3644c97f0434d1ceb48ff48897a67bdbf3baf7efbe7d04625425b3@%3Ccommits.druid.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r5d3d10fdf28110da3f9ac1b7d08d7e252f98d7d37ce0a6bd139a2e4f@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r5d3d10fdf28110da3f9ac1b7d08d7e252f98d7d37ce0a6bd139a2e4f@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r67f4d4c48197454b83d62afbed8bebbda3764e6e3a6e26a848961764@%3Ccommits.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r67f4d4c48197454b83d62afbed8bebbda3764e6e3a6e26a848961764@%3Ccommits.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r707d23bb9ee245f50aa909add0da6e8d8f24719b1278ddd99d2428b2@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r707d23bb9ee245f50aa909add0da6e8d8f24719b1278ddd99d2428b2@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/
2022-04-12 17:24:36 +00:00
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-8840 | CRITICAL | 2.8.4 | 2.7.9.7, 2.8.11.5, 2.9.10.3 | < details > < summary > Expand...< / summary > < a href = "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en" > http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2020-8840" > https://access.redhat.com/security/cve/CVE-2020-8840< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8840" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8840< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/74aba4042fce35ee0b91bd2847e788c10040d78b" > https://github.com/FasterXML/jackson-databind/commit/74aba4042fce35ee0b91bd2847e788c10040d78b< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/914e7c9f2cb8ce66724bf26a72adc7e958992497" > https://github.com/FasterXML/jackson-databind/commit/914e7c9f2cb8ce66724bf26a72adc7e958992497< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/9bb52c7122271df75435ec7e66ecf6b02b1ee14f" > https://github.com/FasterXML/jackson-databind/commit/9bb52c7122271df75435ec7e66ecf6b02b1ee14f< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2620" > https://github.com/FasterXML/jackson-databind/issues/2620< / a > < br > < a href = "https://github.com/advisories/GHSA-4w82-r329-3q67" > https://github.com/advisories/GHSA-4w82-r329-3q67< / a > < br > < a href = "https://lists.apache.org/thread.html/r078e68a926ea6be12e8404e47f45aabf04bb4668e8265c0de41db6db@%3Ccommits.druid.apache.org%3E" > https://lists.apache.org/thread.html/r078e68a926ea6be12e8404e47f45aabf04bb4668e8265c0de41db6db@%3Ccommits.druid.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" > https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1c09b9551f6953dbeca190a4c4b78198cdbb9825fce36f96fe3d8218@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/r1c09b9551f6953dbeca190a4c4b78198cdbb9825fce36f96fe3d8218@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1efc776fc6ce3387593deaa94bbdd296733b1b01408a39c8d1ab9e0e@%3Cdev.ranger.apache.org%3E" > https://lists.apache.org/thread.html/r1efc776fc6ce3387593deaa94bbdd296733b1b01408a39c8d1ab9e0e@%3Cdev.ranger.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r2fa8046bd47fb407ca09b5107a80fa6147ba4ebe879caae5c98b7657@%3Cdev.ranger.apache.org%3E" > https://lists.apache.org/thread.html/r2fa8046bd47fb407ca09b5107a80fa6147ba4ebe879caae5c98b7657@%3Cdev.ranger.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r319f19c74e06c201b9d4e8b282a4e4b2da6dcda022fb46f007dd00d3@%3Ccommits.druid.apache.org%3E" > https://lists.apache.org/thread.html/r319f19c74e06c201b9d4e8b282a4e4b2da6dcda022fb46f007dd00d3@%3Ccommits.druid.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r3539bd3a377991217d724879d239e16e86001c54160076408574e1da@%3Cnotifications.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r3539bd3a377991217d724879d239e16e86001c54160076408574e1da@%3Cnotifications.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r3d20a2660b36551fd8257d479941782af4a7169582449fac1704bde2@%3Ccommits.druid.apache.org%3E" > https://lists.apache.org/thread.html/r3d20a2660b36551fd8257d479941782af4a7169582449fac1704bde2@%3Ccommits.druid.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r428d068b2a4923f1a5a4f5fc6381b95205cfe7620169d16db78e9c71@%3Cnotifications.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r428d068b2a4923f1a5a4f5fc6381b95205cfe7620169d16db78e9c71@%3Cnotifications.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r446646c5588b10f5e02409ad580b12f314869009cdfbf844ca395cec@%3Cdev.ranger.apache.org%3E" > https://lists.apache.org/threa
2022-03-30 20:23:21 +00:00
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-9546 | CRITICAL | 2.8.4 | 2.7.9.7, 2.8.11.6, 2.9.10.4 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2020-9546" > https://access.redhat.com/security/cve/CVE-2020-9546< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2631" > https://github.com/FasterXML/jackson-databind/issues/2631< / a > < br > < a href = "https://github.com/advisories/GHSA-5p34-5m6p-p58g" > https://github.com/advisories/GHSA-5p34-5m6p-p58g< / a > < br > < a href = "https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" > https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html" > https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html< / a > < br > < a href = "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062" > https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-9546" > https://nvd.nist.gov/vuln/detail/CVE-2020-9546< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20200904-0006/" > https://security.netapp.com/advisory/ntap-20200904-0006/< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2021.html" > https://www.oracle.com/security-alerts/cpujan2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujul2020.html" > https://www.oracle.com/security-alerts/cpujul2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-9547 | CRITICAL | 2.8.4 | 2.7.9.7, 2.8.11.6, 2.9.10.4 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2020-9547" > https://access.redhat.com/security/cve/CVE-2020-9547< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2634" > https://github.com/FasterXML/jackson-databind/issues/2634< / a > < br > < a href = "https://github.com/advisories/GHSA-q93h-jc49-78gg" > https://github.com/advisories/GHSA-q93h-jc49-78gg< / a > < br > < a href = "https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r4accb2e0de9679174efd3d113a059bab71ff3ec53e882790d21c1cc1@%3Cnotifications.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r4accb2e0de9679174efd3d113a059bab71ff3ec53e882790d21c1cc1@%3Cnotifications.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r742ef70d126548dcf7de5be5779355c9d76a9aec71d7a9ef02c6398a@%3Cnotifications.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r742ef70d126548dcf7de5be5779355c9d76a9aec71d7a9ef02c6398a@%3Cnotifications.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ra3e90712f2d59f8cef03fa796f5adf163d32b81fe7b95385f21790e6@%3Cnotifications.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/ra3e90712f2d59f8cef03fa796f5adf163d32b81fe7b95385f21790e6@%3Cnotifications.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rc0d5d0f72da1ed6fc5e438b1ddb3fa090c73006b55f873cf845375ab@%3Cnotifications.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/rc0d5d0f72da1ed6fc5e438b1ddb3fa090c73006b55f873cf845375ab@%3Cnotifications.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rd0e958d6d5c5ee16efed73314cd0e445c8dbb4bdcc80fc9d1d6c11fc@%3Cdev.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/rd0e958d6d5c5ee16efed73314cd0e445c8dbb4bdcc80fc9d1d6c11fc@%3Cdev.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/rdd4df698d5d8e635144d
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-9548 | CRITICAL | 2.8.4 | 2.7.9.7, 2.8.11.6, 2.9.10.4 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2020-9548" > https://access.redhat.com/security/cve/CVE-2020-9548< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2634" > https://github.com/FasterXML/jackson-databind/issues/2634< / a > < br > < a href = "https://github.com/advisories/GHSA-p43x-xfjf-5jhr" > https://github.com/advisories/GHSA-p43x-xfjf-5jhr< / a > < br > < a href = "https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" > https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html" > https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html< / a > < br > < a href = "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062" > https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-9548" > https://nvd.nist.gov/vuln/detail/CVE-2020-9548< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20200904-0006/" > https://security.netapp.com/advisory/ntap-20200904-0006/< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2021.html" > https://www.oracle.com/security-alerts/cpujan2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujul2020.html" > https://www.oracle.com/security-alerts/cpujul2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-12022 | HIGH | 2.8.4 | 2.7.9.4, 2.8.11.2, 2.9.6 | < details > < summary > Expand...< / summary > < a href = "http://www.securityfocus.com/bid/107585" > http://www.securityfocus.com/bid/107585< / a > < br > < a href = "https://access.redhat.com/errata/RHBA-2019:0959" > https://access.redhat.com/errata/RHBA-2019:0959< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0782" > https://access.redhat.com/errata/RHSA-2019:0782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0877" > https://access.redhat.com/errata/RHSA-2019:0877< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1106" > https://access.redhat.com/errata/RHSA-2019:1106< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1107" > https://access.redhat.com/errata/RHSA-2019:1107< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1108" > https://access.redhat.com/errata/RHSA-2019:1108< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1140" > https://access.redhat.com/errata/RHSA-2019:1140< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1782" > https://access.redhat.com/errata/RHSA-2019:1782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1797" > https://access.redhat.com/errata/RHSA-2019:1797< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1822" > https://access.redhat.com/errata/RHSA-2019:1822< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1823" > https://access.redhat.com/errata/RHSA-2019:1823< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2804" > https://access.redhat.com/errata/RHSA-2019:2804< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3002" > https://access.redhat.com/errata/RHSA-2019:3002< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3140" > https://access.redhat.com/errata/RHSA-2019:3140< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3892" > https://access.redhat.com/errata/RHSA-2019:3892< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:4037" > https://access.redhat.com/errata/RHSA-2019:4037< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-12022" > https://access.redhat.com/security/cve/CVE-2018-12022< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=1671098" > https://bugzilla.redhat.com/show_bug.cgi?id=1671098< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a" > https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2052" > https://github.com/FasterXML/jackson-databind/issues/2052< / a > < br > < a href = "https://github.com/advisories/GHSA-cjjf-94ff-43w7" > https://github.com/advisories/GHSA-cjjf-94ff-43w7< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E" > https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" > https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E< / a > < br > < a href = "https://lists.fedoraproject.org/archives/li
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-12023 | HIGH | 2.8.4 | 2.7.9.4, 2.8.11.2, 2.9.6 | < details > < summary > Expand...< / summary > < a href = "http://www.securityfocus.com/bid/105659" > http://www.securityfocus.com/bid/105659< / a > < br > < a href = "https://access.redhat.com/errata/RHBA-2019:0959" > https://access.redhat.com/errata/RHBA-2019:0959< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0782" > https://access.redhat.com/errata/RHSA-2019:0782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0877" > https://access.redhat.com/errata/RHSA-2019:0877< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1106" > https://access.redhat.com/errata/RHSA-2019:1106< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1107" > https://access.redhat.com/errata/RHSA-2019:1107< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1108" > https://access.redhat.com/errata/RHSA-2019:1108< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1140" > https://access.redhat.com/errata/RHSA-2019:1140< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1782" > https://access.redhat.com/errata/RHSA-2019:1782< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1797" > https://access.redhat.com/errata/RHSA-2019:1797< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1822" > https://access.redhat.com/errata/RHSA-2019:1822< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1823" > https://access.redhat.com/errata/RHSA-2019:1823< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2804" > https://access.redhat.com/errata/RHSA-2019:2804< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3002" > https://access.redhat.com/errata/RHSA-2019:3002< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3140" > https://access.redhat.com/errata/RHSA-2019:3140< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3892" > https://access.redhat.com/errata/RHSA-2019:3892< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:4037" > https://access.redhat.com/errata/RHSA-2019:4037< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-12023" > https://access.redhat.com/security/cve/CVE-2018-12023< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a" > https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2058" > https://github.com/FasterXML/jackson-databind/issues/2058< / a > < br > < a href = "https://github.com/advisories/GHSA-6wqp-v4v6-c87c" > https://github.com/advisories/GHSA-6wqp-v4v6-c87c< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E" > https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" > https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC/" > https://lists.fedoraproject.org/ar
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-5968 | HIGH | 2.8.4 | 2.7.9.5, 2.8.11.1, 2.9.4 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHSA-2018:0478" > https://access.redhat.com/errata/RHSA-2018:0478< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0479" > https://access.redhat.com/errata/RHSA-2018:0479< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0480" > https://access.redhat.com/errata/RHSA-2018:0480< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0481" > https://access.redhat.com/errata/RHSA-2018:0481< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1525" > https://access.redhat.com/errata/RHSA-2018:1525< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-5968" > https://access.redhat.com/security/cve/CVE-2018-5968< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5968" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5968< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/1899" > https://github.com/FasterXML/jackson-databind/issues/1899< / a > < br > < a href = "https://github.com/GulajavaMinistudio/jackson-databind/pull/92/commits/038b471e2efde2e8f96b4e0be958d3e5a1ff1d05" > https://github.com/GulajavaMinistudio/jackson-databind/pull/92/commits/038b471e2efde2e8f96b4e0be958d3e5a1ff1d05< / a > < br > < a href = "https://github.com/advisories/GHSA-w3f4-3q6j-rh82" > https://github.com/advisories/GHSA-w3f4-3q6j-rh82< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-5968" > https://nvd.nist.gov/vuln/detail/CVE-2018-5968< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20180423-0002/" > https://security.netapp.com/advisory/ntap-20180423-0002/< / a > < br > < a href = "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us" > https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US& docId=emr_na-hpesbhf03902en_us< / a > < br > < a href = "https://www.debian.org/security/2018/dsa-4114" > https://www.debian.org/security/2018/dsa-4114< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < / details > |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-12086 | HIGH | 2.8.4 | 2.7.9.6, 2.8.11.4, 2.9.9 | < details > < summary > Expand...< / summary > < a href = "http://russiansecurity.expert/2016/04/20/mysql-connect-file-read/" > http://russiansecurity.expert/2016/04/20/mysql-connect-file-read/< / a > < br > < a href = "http://www.securityfocus.com/bid/109227" > http://www.securityfocus.com/bid/109227< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2935" > https://access.redhat.com/errata/RHSA-2019:2935< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2936" > https://access.redhat.com/errata/RHSA-2019:2936< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2937" > https://access.redhat.com/errata/RHSA-2019:2937< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2938" > https://access.redhat.com/errata/RHSA-2019:2938< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2998" > https://access.redhat.com/errata/RHSA-2019:2998< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3044" > https://access.redhat.com/errata/RHSA-2019:3044< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3045" > https://access.redhat.com/errata/RHSA-2019:3045< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3046" > https://access.redhat.com/errata/RHSA-2019:3046< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3050" > https://access.redhat.com/errata/RHSA-2019:3050< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3200" > https://access.redhat.com/errata/RHSA-2019:3200< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-12086" > https://access.redhat.com/security/cve/CVE-2019-12086< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2326" > https://github.com/FasterXML/jackson-databind/issues/2326< / a > < br > < a href = "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.9" > https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.9< / a > < br > < a href = "https://github.com/advisories/GHSA-5ww9-j83m-q7qx" > https://github.com/advisories/GHSA-5ww9-j83m-q7qx< / a > < br > < a href = "https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E" > https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/88cd25375805950ae7337e669b0cb0eeda98b9604c1b8d806dccbad2@%3Creviews.spark.apache.org%3E" > https://lists.apache.org/thread.html/88cd25375805950ae7337e669b0cb0eeda98b9604c1b8d806dccbad2@%3Creviews.spark.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E" > https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" > https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925a
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-14439 | HIGH | 2.8.4 | 2.7.9.6, 2.8.11.4, 2.9.9.2 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHSA-2019:3200" > https://access.redhat.com/errata/RHSA-2019:3200< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-14439" > https://access.redhat.com/security/cve/CVE-2019-14439< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b" > https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2" > https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2389" > https://github.com/FasterXML/jackson-databind/issues/2389< / a > < br > < a href = "https://github.com/advisories/GHSA-gwp4-hfv6-p7hw" > https://github.com/advisories/GHSA-gwp4-hfv6-p7hw< / a > < br > < a href = "https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E" > https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E" > https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-10969 | HIGH | 2.8.4 | 2.7.9.7, 2.8.11.6, 2.9.10.4 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2020-10969" > https://access.redhat.com/security/cve/CVE-2020-10969< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2642" > https://github.com/FasterXML/jackson-databind/issues/2642< / a > < br > < a href = "https://github.com/advisories/GHSA-758m-v56v-grj4" > https://github.com/advisories/GHSA-758m-v56v-grj4< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html" > https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html< / a > < br > < a href = "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062" > https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-10969" > https://nvd.nist.gov/vuln/detail/CVE-2020-10969< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20200403-0002/" > https://security.netapp.com/advisory/ntap-20200403-0002/< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2021.html" > https://www.oracle.com/security-alerts/cpujan2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujul2020.html" > https://www.oracle.com/security-alerts/cpujul2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-35490 | HIGH | 2.8.4 | 2.9.10.8 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2020-35490" > https://access.redhat.com/security/cve/CVE-2020-35490< / a > < br > < a href = "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062" > https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35490" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35490< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d" > https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2986" > https://github.com/FasterXML/jackson-databind/issues/2986< / a > < br > < a href = "https://github.com/advisories/GHSA-wh8g-3j2c-rqj5" > https://github.com/advisories/GHSA-wh8g-3j2c-rqj5< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html" > https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-35490" > https://nvd.nist.gov/vuln/detail/CVE-2020-35490< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210122-0005/" > https://security.netapp.com/advisory/ntap-20210122-0005/< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuApr2021.html" > https://www.oracle.com/security-alerts/cpuApr2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-35491 | HIGH | 2.8.4 | 2.9.10.8 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2020-35491" > https://access.redhat.com/security/cve/CVE-2020-35491< / a > < br > < a href = "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062" > https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35491" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35491< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d" > https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2986" > https://github.com/FasterXML/jackson-databind/issues/2986< / a > < br > < a href = "https://github.com/advisories/GHSA-r3gr-cxrf-hg25" > https://github.com/advisories/GHSA-r3gr-cxrf-hg25< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html" > https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-35491" > https://nvd.nist.gov/vuln/detail/CVE-2020-35491< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210122-0005/" > https://security.netapp.com/advisory/ntap-20210122-0005/< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuApr2021.html" > https://www.oracle.com/security-alerts/cpuApr2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-36518 | HIGH | 2.8.4 | 2.12.6.1, 2.13.2.1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2020-36518" > https://access.redhat.com/security/cve/CVE-2020-36518< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b" > https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2816" > https://github.com/FasterXML/jackson-databind/issues/2816< / a > < br > < a href = "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12" > https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12< / a > < br > < a href = "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13" > https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13< / a > < br > < a href = "https://github.com/advisories/GHSA-57j2-w4cx-62h2" > https://github.com/advisories/GHSA-57j2-w4cx-62h2< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-36518" > https://nvd.nist.gov/vuln/detail/CVE-2020-36518< / a > < br > < / details > |
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-1000873 | MEDIUM | 2.8.4 | 2.9.8 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2018-1000873" > https://access.redhat.com/security/cve/CVE-2018-1000873< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=1665601" > https://bugzilla.redhat.com/show_bug.cgi?id=1665601< / a > < br > < a href = "https://github.com/FasterXML/jackson-modules-java8/issues/90" > https://github.com/FasterXML/jackson-modules-java8/issues/90< / a > < br > < a href = "https://github.com/FasterXML/jackson-modules-java8/pull/87" > https://github.com/FasterXML/jackson-modules-java8/pull/87< / a > < br > < a href = "https://github.com/advisories/GHSA-h4x4-5qp2-wp46" > https://github.com/advisories/GHSA-h4x4-5qp2-wp46< / a > < br > < a href = "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" > https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E" > https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" > https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E" > https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E" > https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-1000873" > https://nvd.nist.gov/vuln/detail/CVE-2018-1000873< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20200904-0004/" > https://security.netapp.com/advisory/ntap-20200904-0004/< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuapr2020.html" > https://www.oracle.com/security-alerts/cpuapr2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" > https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" > https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html< / a > < br > < / details > |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-12384 | MEDIUM | 2.8.4 | 2.7.9.6, 2.8.11.4, 2.9.9.1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHSA-2019:1820" > https://access.redhat.com/errata/RHSA-2019:1820< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2720" > https://access.redhat.com/errata/RHSA-2019:2720< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2935" > https://access.redhat.com/errata/RHSA-2019:2935< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2936" > https://access.redhat.com/errata/RHSA-2019:2936< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2937" > https://access.redhat.com/errata/RHSA-2019:2937< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2938" > https://access.redhat.com/errata/RHSA-2019:2938< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2998" > https://access.redhat.com/errata/RHSA-2019:2998< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3200" > https://access.redhat.com/errata/RHSA-2019:3200< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3292" > https://access.redhat.com/errata/RHSA-2019:3292< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3297" > https://access.redhat.com/errata/RHSA-2019:3297< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3901" > https://access.redhat.com/errata/RHSA-2019:3901< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:4352" > https://access.redhat.com/errata/RHSA-2019:4352< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-12384" > https://access.redhat.com/security/cve/CVE-2019-12384< / a > < br > < a href = "https://blog.doyensec.com/2019/07/22/jackson-gadgets.html" > https://blog.doyensec.com/2019/07/22/jackson-gadgets.html< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12384" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12384< / a > < br > < a href = "https://doyensec.com/research.html" > https://doyensec.com/research.html< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/c9ef4a10d6f6633cf470d6a469514b68fa2be234" > https://github.com/FasterXML/jackson-databind/commit/c9ef4a10d6f6633cf470d6a469514b68fa2be234< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/compare/74b90a4...a977aad" > https://github.com/FasterXML/jackson-databind/compare/74b90a4...a977aad< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2334" > https://github.com/FasterXML/jackson-databind/issues/2334< / a > < br > < a href = "https://github.com/advisories/GHSA-mph4-vhrx-mv67" > https://github.com/advisories/GHSA-mph4-vhrx-mv67< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2019-12384.html" > https://linux.oracle.com/cve/CVE-2019-12384.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2019-2720.html" > https://linux.oracle.com/errata/ELSA-2019-2720.html< / a > < br > < a href = "https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E" > https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-12814 | MEDIUM | 2.8.4 | 2.7.9.6, 2.8.11.4, 2.9.9.1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHSA-2019:2858" > https://access.redhat.com/errata/RHSA-2019:2858< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2935" > https://access.redhat.com/errata/RHSA-2019:2935< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2936" > https://access.redhat.com/errata/RHSA-2019:2936< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2937" > https://access.redhat.com/errata/RHSA-2019:2937< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2938" > https://access.redhat.com/errata/RHSA-2019:2938< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3044" > https://access.redhat.com/errata/RHSA-2019:3044< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3045" > https://access.redhat.com/errata/RHSA-2019:3045< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3046" > https://access.redhat.com/errata/RHSA-2019:3046< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3050" > https://access.redhat.com/errata/RHSA-2019:3050< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3149" > https://access.redhat.com/errata/RHSA-2019:3149< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3200" > https://access.redhat.com/errata/RHSA-2019:3200< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3292" > https://access.redhat.com/errata/RHSA-2019:3292< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3297" > https://access.redhat.com/errata/RHSA-2019:3297< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-12814" > https://access.redhat.com/security/cve/CVE-2019-12814< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12814" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12814< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/commit/5f7c69bba07a7155adde130d9dee2e54a54f1fa5" > https://github.com/FasterXML/jackson-databind/commit/5f7c69bba07a7155adde130d9dee2e54a54f1fa5< / a > < br > < a href = "https://github.com/FasterXML/jackson-databind/issues/2341" > https://github.com/FasterXML/jackson-databind/issues/2341< / a > < br > < a href = "https://github.com/advisories/GHSA-cmfg-87vq-g5g4" > https://github.com/advisories/GHSA-cmfg-87vq-g5g4< / a > < br > < a href = "https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/129da0204c876f746636018751a086cc581e0e07bcdeb3ee22ff5731@%3Cdev.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/129da0204c876f746636018751a086cc581e0e07bcdeb3ee22ff5731@%3Cdev.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/15a55e1d837fa686db493137cc0330c7ee1089ed9a9eea7ae7151ef1@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/15a55e1d837fa686db493137cc0330c7ee1089ed9a9eea7ae7151ef1@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/1e04d9381c801b31ab28dec813c31c304b2a596b2a3707fa5462c5c0@%3Cnotifications.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/1e04d9381c801b31ab28dec813c31c304b2a596b2a3707fa5462c5c0@%3Cnotifications.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/28be28ffd6471d230943a255c36fe196a54ef5afc494a4781d16e37c@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/28be28ffd6471d230943a255c36fe196a54ef5afc494a4781d16e37c@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/2ff264b6a94c5363a35c4c88fa93216f60ec54d1d973ed6b76a9f560@%3Cissues.zookeeper
| com.h2database:h2 | CVE-2021-23463 | CRITICAL | 1.4.193 | 2.0.202 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-23463" > https://access.redhat.com/security/cve/CVE-2021-23463< / a > < br > < a href = "https://github.com/advisories/GHSA-7rpj-hg47-cx62" > https://github.com/advisories/GHSA-7rpj-hg47-cx62< / a > < br > < a href = "https://github.com/h2database/h2database/commit/d83285fd2e48fb075780ee95badee6f5a15ea7f8%23diff-008c2e4462609982199cd83e7cf6f1d6b41296b516783f6752c44b9f15dc7bc3" > https://github.com/h2database/h2database/commit/d83285fd2e48fb075780ee95badee6f5a15ea7f8%23diff-008c2e4462609982199cd83e7cf6f1d6b41296b516783f6752c44b9f15dc7bc3< / a > < br > < a href = "https://github.com/h2database/h2database/issues/3195" > https://github.com/h2database/h2database/issues/3195< / a > < br > < a href = "https://github.com/h2database/h2database/pull/3199" > https://github.com/h2database/h2database/pull/3199< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-23463" > https://nvd.nist.gov/vuln/detail/CVE-2021-23463< / a > < br > < a href = "https://snyk.io/vuln/SNYK-JAVA-COMH2DATABASE-1769238" > https://snyk.io/vuln/SNYK-JAVA-COMH2DATABASE-1769238< / a > < br > < / details > |
2022-04-12 17:24:36 +00:00
| com.h2database:h2 | CVE-2021-42392 | CRITICAL | 1.4.193 | 2.0.206 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-42392" > https://access.redhat.com/security/cve/CVE-2021-42392< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42392" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42392< / a > < br > < a href = "https://github.com/advisories/GHSA-h376-j262-vhq6" > https://github.com/advisories/GHSA-h376-j262-vhq6< / a > < br > < a href = "https://github.com/h2database/h2database/releases/tag/version-2.0.206" > https://github.com/h2database/h2database/releases/tag/version-2.0.206< / a > < br > < a href = "https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6" > https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6< / a > < br > < a href = "https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console/" > https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console/< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html" > https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-42392" > https://nvd.nist.gov/vuln/detail/CVE-2021-42392< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220119-0001/" > https://security.netapp.com/advisory/ntap-20220119-0001/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5365-1" > https://ubuntu.com/security/notices/USN-5365-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5076" > https://www.debian.org/security/2022/dsa-5076< / a > < br > < / details > |
| com.h2database:h2 | CVE-2022-23221 | CRITICAL | 1.4.193 | 2.1.210 | < details > < summary > Expand...< / summary > < a href = "http://packetstormsecurity.com/files/165676/H2-Database-Console-Remote-Code-Execution.html" > http://packetstormsecurity.com/files/165676/H2-Database-Console-Remote-Code-Execution.html< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/Jan/39" > http://seclists.org/fulldisclosure/2022/Jan/39< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2022-23221" > https://access.redhat.com/security/cve/CVE-2022-23221< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23221" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23221< / a > < br > < a href = "https://github.com/advisories/GHSA-45hx-wfhj-473x" > https://github.com/advisories/GHSA-45hx-wfhj-473x< / a > < br > < a href = "https://github.com/h2database/h2database/releases/tag/version-2.1.210" > https://github.com/h2database/h2database/releases/tag/version-2.1.210< / a > < br > < a href = "https://github.com/h2database/h2database/security/advisories" > https://github.com/h2database/h2database/security/advisories< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html" > https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-23221" > https://nvd.nist.gov/vuln/detail/CVE-2022-23221< / a > < br > < a href = "https://twitter.com/d0nkey_man/status/1483824727936450564" > https://twitter.com/d0nkey_man/status/1483824727936450564< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5365-1" > https://ubuntu.com/security/notices/USN-5365-1< / a > < br > < a href = "https://www.debian.org/security/2022/dsa-5076" > https://www.debian.org/security/2022/dsa-5076< / a > < br > < / details > |
2022-02-06 17:25:51 +00:00
| com.h2database:h2 | GMS-2022-7 | UNKNOWN | 1.4.193 | 2.0.206 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-h376-j262-vhq6" > https://github.com/advisories/GHSA-h376-j262-vhq6< / a > < br > < a href = "https://github.com/h2database/h2database/releases/tag/version-2.0.206" > https://github.com/h2database/h2database/releases/tag/version-2.0.206< / a > < br > < a href = "https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6" > https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6< / a > < br > < / details > |
2022-03-30 20:23:21 +00:00
| commons-io:commons-io | CVE-2021-29425 | MEDIUM | 2.4 | 2.7 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2021-29425" > https://access.redhat.com/security/cve/CVE-2021-29425< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425< / a > < br > < a href = "https://github.com/advisories/GHSA-gwrp-pvrq-jmwv" > https://github.com/advisories/GHSA-gwrp-pvrq-jmwv< / a > < br > < a href = "https://issues.apache.org/jira/browse/IO-556" > https://issues.apache.org/jira/browse/IO-556< / a > < br > < a href = "https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1@%3Cnotifications.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1@%3Cnotifications.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5@%3Cnotifications.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5@%3Cnotifications.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436@%3Ccommits.pulsar.apache.org%3E" > https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436@%3Ccommits.pulsar.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E" > https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346@%3Cnotifications.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346@%3Cnotifications.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db@%3Cnotifications.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db@%3Cnotifications.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E" > https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E" > https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19@%3Cdev.creadur.apache.org%3E" > https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19@%3Cdev.creadur.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e@%3Cpluto-scm.portals.apache.org%3E" > https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e@%3Cpluto-scm.portals.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a@%3Cdev.creadur.apache.org%3E" > https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a@%3Cdev.creadur.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2@%3Ccommits.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2@%3Ccommits.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046@%3Cnotifications.zookeeper.apache.org%3E" > https://lists.apache.org/thre
| org.apache.httpcomponents:httpclient | CVE-2020-13956 | MEDIUM | 4.5.2 | 4.5.13 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2020-13956" > https://access.redhat.com/security/cve/CVE-2020-13956< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=1886587" > https://bugzilla.redhat.com/show_bug.cgi?id=1886587< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13956" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13956< / a > < br > < a href = "https://github.com/advisories/GHSA-7r82-7xv7-xcpj" > https://github.com/advisories/GHSA-7r82-7xv7-xcpj< / a > < br > < a href = "https://lists.apache.org/thread.html/r03bbc318c81be21f5c8a9b85e34f2ecc741aa804a8e43b0ef2c37749@%3Cissues.maven.apache.org%3E" > https://lists.apache.org/thread.html/r03bbc318c81be21f5c8a9b85e34f2ecc741aa804a8e43b0ef2c37749@%3Cissues.maven.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r043a75acdeb52b15dd5e9524cdadef4202e6a5228644206acf9363f9@%3Cdev.hive.apache.org%3E" > https://lists.apache.org/thread.html/r043a75acdeb52b15dd5e9524cdadef4202e6a5228644206acf9363f9@%3Cdev.hive.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r06cf3ca5c8ceb94b39cd24a73d4e96153b485a7dac88444dd876accb@%3Cissues.drill.apache.org%3E" > https://lists.apache.org/thread.html/r06cf3ca5c8ceb94b39cd24a73d4e96153b485a7dac88444dd876accb@%3Cissues.drill.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r0a75b8f0f72f3e18442dc56d33f3827b905f2fe5b7ba48997436f5d1@%3Cissues.solr.apache.org%3E" > https://lists.apache.org/thread.html/r0a75b8f0f72f3e18442dc56d33f3827b905f2fe5b7ba48997436f5d1@%3Cissues.solr.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r0bebe6f9808ac7bdf572873b4fa96a29c6398c90dab29f131f3ebffe@%3Cissues.solr.apache.org%3E" > https://lists.apache.org/thread.html/r0bebe6f9808ac7bdf572873b4fa96a29c6398c90dab29f131f3ebffe@%3Cissues.solr.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r12cb62751b35bdcda0ae2a08b67877d665a1f4d41eee0fa7367169e0@%3Cdev.ranger.apache.org%3E" > https://lists.apache.org/thread.html/r12cb62751b35bdcda0ae2a08b67877d665a1f4d41eee0fa7367169e0@%3Cdev.ranger.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r132e4c6a560cfc519caa1aaee63bdd4036327610eadbd89f76dd5457@%3Cdev.creadur.apache.org%3E" > https://lists.apache.org/thread.html/r132e4c6a560cfc519caa1aaee63bdd4036327610eadbd89f76dd5457@%3Cdev.creadur.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r2835543ef0f91adcc47da72389b816e36936f584c7be584d2314fac3@%3Cissues.lucene.apache.org%3E" > https://lists.apache.org/thread.html/r2835543ef0f91adcc47da72389b816e36936f584c7be584d2314fac3@%3Cissues.lucene.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r2a03dc210231d7e852ef73015f71792ac0fcaca6cccc024c522ef17d@%3Ccommits.creadur.apache.org%3E" > https://lists.apache.org/thread.html/r2a03dc210231d7e852ef73015f71792ac0fcaca6cccc024c522ef17d@%3Ccommits.creadur.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r2dc7930b43eadc78220d269b79e13ecd387e4bee52db67b2f47d4303@%3Cgitbox.hive.apache.org%3E" > https://lists.apache.org/thread.html/r2dc7930b43eadc78220d269b79e13ecd387e4bee52db67b2f47d4303@%3Cgitbox.hive.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r34178ab6ef106bc940665fd3f4ba5026fac3603b3fa2aefafa0b619d@%3Cdev.ranger.apache.org%3E" > https://lists.apache.org/thread.html/r34178ab6ef106bc940665fd3f4ba5026fac3603b3fa2aefafa0b619d@%3Cdev.ranger.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r34efec51cb817397ccf9f86e25a75676d435ba5f83ee7b2eabdad707@%3Ccommits.creadur.apache.org%3E" > https://lists.apache.org/thread.html/r34efec51cb817397ccf9f86e25a75676d435ba5f83ee7b2eabdad707@%3Ccommits.creadur.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r3cecd59fba74404cbf4eb430135e1080897fb376f111406a78bed13a@%3Cissues.lucene.apache.org%3E" > https://lists.apache.org/thread.html/r3cecd59fba74404cbf4eb430135e1080897fb376f111406a78bed13a@%3Cissues.lucene.apache.org%
| org.apache.logging.log4j:log4j-core | CVE-2017-5645 | CRITICAL | 2.4.1 | 2.8.2 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2019/12/19/2" > http://www.openwall.com/lists/oss-security/2019/12/19/2< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" > http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" > http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" > http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html< / a > < br > < a href = "http://www.securityfocus.com/bid/97702" > http://www.securityfocus.com/bid/97702< / a > < br > < a href = "http://www.securitytracker.com/id/1040200" > http://www.securitytracker.com/id/1040200< / a > < br > < a href = "http://www.securitytracker.com/id/1041294" > http://www.securitytracker.com/id/1041294< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:1417" > https://access.redhat.com/errata/RHSA-2017:1417< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:1801" > https://access.redhat.com/errata/RHSA-2017:1801< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:1802" > https://access.redhat.com/errata/RHSA-2017:1802< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2423" > https://access.redhat.com/errata/RHSA-2017:2423< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2633" > https://access.redhat.com/errata/RHSA-2017:2633< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2635" > https://access.redhat.com/errata/RHSA-2017:2635< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2636" > https://access.redhat.com/errata/RHSA-2017:2636< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2637" > https://access.redhat.com/errata/RHSA-2017:2637< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2638" > https://access.redhat.com/errata/RHSA-2017:2638< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2808" > https://access.redhat.com/errata/RHSA-2017:2808< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2809" > https://access.redhat.com/errata/RHSA-2017:2809< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2810" > https://access.redhat.com/errata/RHSA-2017:2810< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2811" > https://access.redhat.com/errata/RHSA-2017:2811< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2888" > https://access.redhat.com/errata/RHSA-2017:2888< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2889" > https://access.redhat.com/errata/RHSA-2017:2889< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3244" > https://access.redhat.com/errata/RHSA-2017:3244< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3399" > https://access.redhat.com/errata/RHSA-2017:3399< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3400" > https://access.redhat.com/errata/RHSA-2017:3400< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1545" > https://access.redhat.com/errata/RHSA-2019:1545< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2017-5645" > https://access.redhat.com/security/cve/CVE-2017-5645< / a > < br > < a href = "https://github.com/advisories/GHSA-fxph-q3j8-mv87" > https://github.com/advisories/GHSA-fxph-q3j8-mv87< / a > < br > < a href = "https://issues.apache.org/jira/browse/LOG4J2-1863" > https://issues.apache.org/jira/browse/LOG4J2-1863< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2017-5645.html" > https://linux.oracle.com/cve/CVE-2017-5645.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2017-2423.html" > https://linux.oracle.com/errata/ELSA-2017-2423.html< / a > < br > < a href = "https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9@%3Cdev.logging.
| org.apache.logging.log4j:log4j-core | CVE-2021-44228 | CRITICAL | 2.4.1 | 2.12.2, 2.3.1, 2.15.0 | < details > < summary > Expand...< / summary > < a href = "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html" > http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html< / a > < br > < a href = "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html" > http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html< / a > < br > < a href = "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html" > http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html< / a > < br > < a href = "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html" > http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html< / a > < br > < a href = "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html" > http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html< / a > < br > < a href = "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html" > http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html< / a > < br > < a href = "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html" > http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html< / a > < br > < a href = "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html" > http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html< / a > < br > < a href = "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html" > http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html< / a > < br > < a href = "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html" > http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html< / a > < br > < a href = "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html" > http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html< / a > < br > < a href = "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html" > http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html< / a > < br > < a href = "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html" > http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html< / a > < br > < a href = "http://seclists.org/fulldisclosure/2022/Mar/23" > http://seclists.org/fulldisclosure/2022/Mar/23< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2021/12/10/1" > http://www.openwall.com/lists/oss-security/2021/12/10/1< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2021/12/10/2" > http://www.openwall.com/lists/oss-security/2021/12/10/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2021/12/10/3" > http://www.openwall.com/lists/oss-security/2021/12/10/3< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2021/12/13/1" > http://www.openwall.com/lists/oss-security/2021/12/13/1< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2021/12/13/2" > http://www.openwall.com/lists/oss-security/2021/12/13/2< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2021/12/14/4" > http://www.openwall.com/lists/oss-security/2021/12/14/4< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2021/12/15/3" > http://www.openwall.com/lists/oss-security/2021/12/15/3< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2021-44228" > https://access.redhat.com/security/cve/CVE-2021-44228< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pd
| org.apache.logging.log4j:log4j-core | CVE-2021-45046 | CRITICAL | 2.4.1 | 2.12.2, 2.16.0 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2021/12/14/4" > http://www.openwall.com/lists/oss-security/2021/12/14/4< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2021/12/15/3" > http://www.openwall.com/lists/oss-security/2021/12/15/3< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2021/12/18/1" > http://www.openwall.com/lists/oss-security/2021/12/18/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2021-44228" > https://access.redhat.com/security/cve/CVE-2021-44228< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2021-45046" > https://access.redhat.com/security/cve/CVE-2021-45046< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046< / a > < br > < a href = "https://github.com/advisories/GHSA-7rjr-3q55-vv33" > https://github.com/advisories/GHSA-7rjr-3q55-vv33< / a > < br > < a href = "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q" > https://github.com/advisories/GHSA-jfh8-c2jp-5v3q< / a > < br > < a href = "https://issues.apache.org/jira/browse/LOG4J2-3221" > https://issues.apache.org/jira/browse/LOG4J2-3221< / a > < br > < a href = "https://lists.apache.org/thread/83y7dx5xvn3h5290q1twn16tltolv88f" > https://lists.apache.org/thread/83y7dx5xvn3h5290q1twn16tltolv88f< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/< / a > < br > < a href = "https://logging.apache.org/log4j/2.x/security.html" > https://logging.apache.org/log4j/2.x/security.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-45046" > https://nvd.nist.gov/vuln/detail/CVE-2021-45046< / a > < br > < a href = "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032" > https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032< / a > < br > < a href = "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd" > https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5197-1" > https://ubuntu.com/security/notices/USN-5197-1< / a > < br > < a href = "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Log4Shell" > https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Log4Shell< / a > < br > < a href = "https://www.cve.org/CVERecord?id=CVE-2021-44228" > https://www.cve.org/CVERecord?id=CVE-2021-44228< / a > < br > < a href = "https://www.cve.org/CVERecord?id=CVE-2021-45046" > https://www.cve.org/CVERecord?id=CVE-2021-45046< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-5022" > https://www.debian.org/security/2021/dsa-5022< / a > < br > < a href = "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html" > https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html< / a > < br > < a href = "https://www.kb.cert.org/vuls/id/930724" > https://www.kb.cert.org/vuls/id/930724< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2021/12/14/4" > https://www.openwall
2022-04-12 17:24:36 +00:00
| org.apache.logging.log4j:log4j-core | CVE-2021-45105 | HIGH | 2.4.1 | 2.3.1, 2.17.0, 2.12.3 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2021/12/19/1" > http://www.openwall.com/lists/oss-security/2021/12/19/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2021-45105" > https://access.redhat.com/security/cve/CVE-2021-45105< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105< / a > < br > < a href = "https://github.com/advisories/GHSA-p6xc-xr62-6r2g" > https://github.com/advisories/GHSA-p6xc-xr62-6r2g< / a > < br > < a href = "https://issues.apache.org/jira/browse/LOG4J2-3230" > https://issues.apache.org/jira/browse/LOG4J2-3230< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2021/12/msg00017.html" > https://lists.debian.org/debian-lts-announce/2021/12/msg00017.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/< / a > < br > < a href = "https://logging.apache.org/log4j/2.x/security.html" > https://logging.apache.org/log4j/2.x/security.html< / a > < br > < a href = "https://logging.apache.org/log4j/2.x/security.html#CVE-2021-45105" > https://logging.apache.org/log4j/2.x/security.html#CVE-2021-45105< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-45105" > https://nvd.nist.gov/vuln/detail/CVE-2021-45105< / a > < br > < a href = "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032" > https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20211218-0001/" > https://security.netapp.com/advisory/ntap-20211218-0001/< / a > < br > < a href = "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd" > https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5203-1" > https://ubuntu.com/security/notices/USN-5203-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5222-1" > https://ubuntu.com/security/notices/USN-5222-1< / a > < br > < a href = "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Log4Shell" > https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Log4Shell< / a > < br > < a href = "https://www.cve.org/CVERecord?id=CVE-2021-45105" > https://www.cve.org/CVERecord?id=CVE-2021-45105< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-5024" > https://www.debian.org/security/2021/dsa-5024< / a > < br > < a href = "https://www.kb.cert.org/vuls/id/930724" > https://www.kb.cert.org/vuls/id/930724< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2021/12/19/1" > https://www.openwall.com/lists/oss-security/2021/12/19/1< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < a href = "https://www.zerodayinitiative.com/advisories/ZDI-21-1541/" > https://www.zerodayinitiative.com/advisories/ZDI-21-1541/< / a > < br > < / details > |
2022-03-30 20:23:21 +00:00
| org.apache.logging.log4j:log4j-core | CVE-2021-44832 | MEDIUM | 2.4.1 | 2.17.1, 2.12.4, 2.3.2 | < details > < summary > Expand...< / summary > < a href = "http://www.openwall.com/lists/oss-security/2021/12/28/1" > http://www.openwall.com/lists/oss-security/2021/12/28/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2021-44832" > https://access.redhat.com/security/cve/CVE-2021-44832< / a > < br > < a href = "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf" > https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832< / a > < br > < a href = "https://github.com/advisories/GHSA-8489-44mv-ggj8" > https://github.com/advisories/GHSA-8489-44mv-ggj8< / a > < br > < a href = "https://github.com/apache/logging-log4j2/commit/05db5f9527254632b59aed2a1d78a32c5ab74f16" > https://github.com/apache/logging-log4j2/commit/05db5f9527254632b59aed2a1d78a32c5ab74f16< / a > < br > < a href = "https://issues.apache.org/jira/browse/LOG4J2-3293" > https://issues.apache.org/jira/browse/LOG4J2-3293< / a > < br > < a href = "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143" > https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html" > https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-44832" > https://nvd.nist.gov/vuln/detail/CVE-2021-44832< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20220104-0001/" > https://security.netapp.com/advisory/ntap-20220104-0001/< / a > < br > < a href = "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd" > https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5222-1" > https://ubuntu.com/security/notices/USN-5222-1< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < / details > |
| org.apache.logging.log4j:log4j-core | CVE-2020-9488 | LOW | 2.4.1 | 2.13.2 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2020-9488" > https://access.redhat.com/security/cve/CVE-2020-9488< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9488" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9488< / a > < br > < a href = "https://gitbox.apache.org/repos/asf?p=logging-log4j2.git;h=6851b5083ef9610bae320bf07e1f24d2aa08851b (release-2.x)" > https://gitbox.apache.org/repos/asf?p=logging-log4j2.git;h=6851b5083ef9610bae320bf07e1f24d2aa08851b (release-2.x)< / a > < br > < a href = "https://gitbox.apache.org/repos/asf?p=logging-log4j2.git;h=fb91a3d71e2f3dadad6fd1beb2ab857f44fe8bbb (master)" > https://gitbox.apache.org/repos/asf?p=logging-log4j2.git;h=fb91a3d71e2f3dadad6fd1beb2ab857f44fe8bbb (master)< / a > < br > < a href = "https://github.com/advisories/GHSA-vwqq-5vrc-xw9h" > https://github.com/advisories/GHSA-vwqq-5vrc-xw9h< / a > < br > < a href = "https://issues.apache.org/jira/browse/LOG4J2-2819" > https://issues.apache.org/jira/browse/LOG4J2-2819< / a > < br > < a href = "https://lists.apache.org/thread.html/r0a2699f724156a558afd1abb6c044fb9132caa66dce861b82699722a@%3Cjira.kafka.apache.org%3E" > https://lists.apache.org/thread.html/r0a2699f724156a558afd1abb6c044fb9132caa66dce861b82699722a@%3Cjira.kafka.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r0df3d7a5acb98c57e64ab9266aa21eeee1d9b399addb96f9cf1cbe05@%3Cdev.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r0df3d7a5acb98c57e64ab9266aa21eeee1d9b399addb96f9cf1cbe05@%3Cdev.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1fc73f0e16ec2fa249d3ad39a5194afb9cc5afb4c023dc0bab5a5881@%3Cissues.hive.apache.org%3E" > https://lists.apache.org/thread.html/r1fc73f0e16ec2fa249d3ad39a5194afb9cc5afb4c023dc0bab5a5881@%3Cissues.hive.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r22a56beb76dd8cf18e24fda9072f1e05990f49d6439662d3782a392f@%3Cissues.hive.apache.org%3E" > https://lists.apache.org/thread.html/r22a56beb76dd8cf18e24fda9072f1e05990f49d6439662d3782a392f@%3Cissues.hive.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E" > https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r2f209d271349bafd91537a558a279c08ebcff8fa3e547357d58833e6@%3Cdev.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r2f209d271349bafd91537a558a279c08ebcff8fa3e547357d58833e6@%3Cdev.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r33864a0fc171c1c4bf680645ebb6d4f8057899ab294a43e1e4fe9d04@%3Cissues.hive.apache.org%3E" > https://lists.apache.org/thread.html/r33864a0fc171c1c4bf680645ebb6d4f8057899ab294a43e1e4fe9d04@%3Cissues.hive.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r393943de452406f0f6f4b3def9f8d3c071f96323c1f6ed1a098f7fe4@%3Ctorque-dev.db.apache.org%3E" > https://lists.apache.org/thread.html/r393943de452406f0f6f4b3def9f8d3c071f96323c1f6ed1a098f7fe4@%3Ctorque-dev.db.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r3d1d00441c55144a4013adda74b051ae7864128ebcfb6ee9721a2eb3@%3Cissues.hive.apache.org%3E" > https://lists.apache.org/thread.html/r3d1d00441c55144a4013adda74b051ae7864128ebcfb6ee9721a2eb3@%3Cissues.hive.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r4285398e5585a0456d3d9db021a4fce6e6fcf3ec027dfa13a450ec98@%3Cissues.zookeeper.apache.org%3E" > https://lists.apache.org/thread.html/r4285398e5585a0456d3d9db021a4fce6e6fcf3ec027dfa13a450ec98@%3Cissues.zookeeper.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r45916179811a32cbaa500f972de9098e6ee80ee81c7f134fce83e03a@%3Cissues.flink.apache.org%3E" > https://lists.apache.org/thread.html/r45916179811a32cbaa500f972de9098e6ee80ee81c7f134fce83e03a@%3Cissues.flink.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r48
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2017-5648 | CRITICAL | 8.5.6 | 7.0.76, 8.0.42, 8.5.12, 9.0.1 | < details > < summary > Expand...< / summary > < a href = "http://www.debian.org/security/2017/dsa-3842" > http://www.debian.org/security/2017/dsa-3842< / a > < br > < a href = "http://www.debian.org/security/2017/dsa-3843" > http://www.debian.org/security/2017/dsa-3843< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2017/04/10/23" > http://www.openwall.com/lists/oss-security/2017/04/10/23< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2020/07/20/8" > http://www.openwall.com/lists/oss-security/2020/07/20/8< / a > < br > < a href = "http://www.securityfocus.com/bid/97530" > http://www.securityfocus.com/bid/97530< / a > < br > < a href = "http://www.securitytracker.com/id/1038220" > http://www.securitytracker.com/id/1038220< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:1801" > https://access.redhat.com/errata/RHSA-2017:1801< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:1802" > https://access.redhat.com/errata/RHSA-2017:1802< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:1809" > https://access.redhat.com/errata/RHSA-2017:1809< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2017-5648" > https://access.redhat.com/security/cve/CVE-2017-5648< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2017-5648.html" > https://linux.oracle.com/cve/CVE-2017-5648.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2017-1809.html" > https://linux.oracle.com/errata/ELSA-2017-1809.html< / a > < br > < a href = "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r48c1444845fe15a
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2017-5651 | CRITICAL | 8.5.6 | 8.5.13, 9.0.1 | < details > < summary > Expand...< / summary > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" > http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html< / a > < br > < a href = "http://www.securityfocus.com/bid/97544" > http://www.securityfocus.com/bid/97544< / a > < br > < a href = "http://www.securitytracker.com/id/1038219" > http://www.securitytracker.com/id/1038219< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2017-5651" > https://access.redhat.com/security/cve/CVE-2017-5651< / a > < br > < a href = "https://bz.apache.org/bugzilla/show_bug.cgi?id=60918" > https://bz.apache.org/bugzilla/show_bug.cgi?id=60918< / a > < br > < a href = "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/6694538826b87522fb723d2dcedd537e14ebe0a381d92e5525a531d8@%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/6694538826b87522fb723d2dcedd537e14ebe0a381d92e5525a531d8@%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2017-5651" > https://nvd.nist.gov/vuln/detail/CVE-2017-5651< / a > < br > < a href = "https://security.gentoo.org/glsa/201705-09" > https://security.gentoo.org/glsa/201705-09< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20180614-0001/" > https://security.netapp.com/advisory/ntap-20180614-0001/< / a > < br > < / details > |
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2018-8014 | CRITICAL | 8.5.6 | 9.0.9, 9.0.9, 9.0.9, 9.0.9, 8.0.53, 7.0.88 | < details > < summary > Expand...< / summary > < a href = "http://tomcat.apache.org/security-7.html" > http://tomcat.apache.org/security-7.html< / a > < br > < a href = "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.89" > http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.89< / a > < br > < a href = "http://tomcat.apache.org/security-8.html" > http://tomcat.apache.org/security-8.html< / a > < br > < a href = "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.53" > http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.53< / a > < br > < a href = "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.32" > http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.32< / a > < br > < a href = "http://tomcat.apache.org/security-9.html" > http://tomcat.apache.org/security-9.html< / a > < br > < a href = "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.9" > http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.9< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html< / a > < br > < a href = "http://www.securityfocus.com/bid/104203" > http://www.securityfocus.com/bid/104203< / a > < br > < a href = "http://www.securitytracker.com/id/1040998" > http://www.securitytracker.com/id/1040998< / a > < br > < a href = "http://www.securitytracker.com/id/1041888" > http://www.securitytracker.com/id/1041888< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2469" > https://access.redhat.com/errata/RHSA-2018:2469< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2470" > https://access.redhat.com/errata/RHSA-2018:2470< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:3768" > https://access.redhat.com/errata/RHSA-2018:3768< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0450" > https://access.redhat.com/errata/RHSA-2019:0450< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0451" > https://access.redhat.com/errata/RHSA-2019:0451< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1529" > https://access.redhat.com/errata/RHSA-2019:1529< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2205" > https://access.redhat.com/errata/RHSA-2019:2205< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-8014" > https://access.redhat.com/security/cve/CVE-2018-8014< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8014< / a > < br > < a href = "https://github.com/advisories/GHSA-r4x2-3cq5-hqvp" > https://github.com/advisories/GHSA-r4x2-3cq5-hqvp< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2018-8014.html" > https://linux.oracle.com/cve/CVE-2018-8014.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2019-2205.html" > https://linux.oracle.com/errata/ELSA-2019-2205.html< / a > < br > < a href = "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf9
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2020-1938 | CRITICAL | 8.5.6 | 9.0.31, 9.0.31, 9.0.31, 7.0.100 | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html" > http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html" > http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html< / a > < br > < a href = "http://support.blackberry.com/kb/articleDetail?articleNumber=000062739" > http://support.blackberry.com/kb/articleDetail?articleNumber=000062739< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2020-1938" > https://access.redhat.com/security/cve/CVE-2020-1938< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938< / a > < br > < a href = "https://github.com/advisories/GHSA-c9hw-wf7x-jp9j" > https://github.com/advisories/GHSA-c9hw-wf7x-jp9j< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-1938.html" > https://linux.oracle.com/cve/CVE-2020-1938.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2020-0912.html" > https://linux.oracle.com/errata/ELSA-2020-0912.html< / a > < br > < a href = "https://lists.apache.org/thread.html/r089dc67c0358a1556dd279c762c74f32d7a254a54836b7ee2d839d8e@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/r089dc67c0358a1556dd279c762c74f32d7a254a54836b7ee2d839d8e@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E" > https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r17aaa3a05b5b7fe9075613dd0c681efa60a4f8c8fbad152c61371b6e@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r17aaa3a05b5b7fe9075613dd0c681efa60a4f8c8fbad152c61371b6e@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r38a5b7943b9a62ecb853acc22ef08ff586a7b3c66e08f949f0396ab1@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r38a5b7943b9a62ecb853acc22ef08ff586a7b3c66e08f949f0396ab1@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r43faacf64570b1d9a4bada407a5af3b2738b0c007b905f1b6b608c65@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r43faacf64570b1d9a4bada407a5af3b2738b0c007b905f1b6b608c65@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r47caef01f663106c2bb81d116b8380d62beac9e543dd3f3bc2c2beda@%3Ccommits.tomee.apache.org%3E" > https://lists.apache.org/thread.html/r47caef01f663106c2bb81d116b8380d62beac9e543dd3f3bc2c2beda@%3Ccommits.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r4afa11e0464408e68f0e9560e90b185749363a66398b1491254f7864@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r4afa11e0464408e68f0e9560e90b185749363a66398b1491254f7864@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r4f86cb260196e5cfcbbe782822c225ddcc70f54560f14a8f11c6926f@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r4f86cb260196e5cfcbbe782822c225ddcc70f54560f14a8f11c6926f@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r549b43509e387a42656f0641fa311bf27c127c244fe02007d5b8d6f6@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r549b43509e387a42656f0641fa311bf27c127c244fe02007d5b8d6f6@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r57f5e4ced436ace518a9e222fabe27fb785f09f5bf974814cc48ca97@%3Ccommits.tomee.apache.org%3E" > https://lists.apache.org/thread.html/r57f5e4ced436ace518a9e222fabe27fb785f09f5bf974814cc48ca97@%3Ccommits.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r5e2f1201b92ee05a0527cfc076a81ea0c270be299b87895c0ddbe02b@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thre
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2016-8745 | HIGH | 8.5.6 | 7.0.75, 8.0.41, 8.5.9, 9.0.1 | < details > < summary > Expand...< / summary > < a href = "http://rhn.redhat.com/errata/RHSA-2017-0457.html" > http://rhn.redhat.com/errata/RHSA-2017-0457.html< / a > < br > < a href = "http://rhn.redhat.com/errata/RHSA-2017-0527.html" > http://rhn.redhat.com/errata/RHSA-2017-0527.html< / a > < br > < a href = "http://www.debian.org/security/2017/dsa-3754" > http://www.debian.org/security/2017/dsa-3754< / a > < br > < a href = "http://www.debian.org/security/2017/dsa-3755" > http://www.debian.org/security/2017/dsa-3755< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2016/12/12/1" > http://www.openwall.com/lists/oss-security/2016/12/12/1< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" > http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html< / a > < br > < a href = "http://www.securityfocus.com/bid/94828" > http://www.securityfocus.com/bid/94828< / a > < br > < a href = "http://www.securitytracker.com/id/1037432" > http://www.securitytracker.com/id/1037432< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:0455" > https://access.redhat.com/errata/RHSA-2017:0455< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:0456" > https://access.redhat.com/errata/RHSA-2017:0456< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:0935" > https://access.redhat.com/errata/RHSA-2017:0935< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2016-8745" > https://access.redhat.com/security/cve/CVE-2016-8745< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2016-8745.html" > https://linux.oracle.com/cve/CVE-2016-8745.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2017-0935.html" > https://linux.oracle.com/errata/ELSA-2017-0935.html< / a > < br > < a href = "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/4113c05d37f37c12b8033205684f04033c5f7a9bae117d4af23b32b4@%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/4113c05d37f37c12b8033205684f04033c5f7a9bae117d4af23b32b4@%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.o
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2017-12617 | HIGH | 8.5.6 | 7.0.52, 7.0.78, 7.0.82, 8.0.3, 8.0.5, 8.0.8, 8.0.47, 8.5.23, 9.0.1 | < details > < summary > Expand...< / summary > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" > http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" > http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" > http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html< / a > < br > < a href = "http://www.securityfocus.com/bid/100954" > http://www.securityfocus.com/bid/100954< / a > < br > < a href = "http://www.securitytracker.com/id/1039552" > http://www.securitytracker.com/id/1039552< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3080" > https://access.redhat.com/errata/RHSA-2017:3080< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3081" > https://access.redhat.com/errata/RHSA-2017:3081< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3113" > https://access.redhat.com/errata/RHSA-2017:3113< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3114" > https://access.redhat.com/errata/RHSA-2017:3114< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0268" > https://access.redhat.com/errata/RHSA-2018:0268< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0269" > https://access.redhat.com/errata/RHSA-2018:0269< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0270" > https://access.redhat.com/errata/RHSA-2018:0270< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0271" > https://access.redhat.com/errata/RHSA-2018:0271< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0275" > https://access.redhat.com/errata/RHSA-2018:0275< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0465" > https://access.redhat.com/errata/RHSA-2018:0465< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0466" > https://access.redhat.com/errata/RHSA-2018:0466< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2939" > https://access.redhat.com/errata/RHSA-2018:2939< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2017-12617" > https://access.redhat.com/security/cve/CVE-2017-12617< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2017-12617.html" > https://linux.oracle.com/cve/CVE-2017-12617.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2017-3081.html" > https://linux.oracle.com/errata/ELSA-2017-3081.html< / a > < br > < a href = "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb@%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb@%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https:/
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2017-5650 | HIGH | 8.5.6 | 8.5.13, 9.0.1 | < details > < summary > Expand...< / summary > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" > http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html< / a > < br > < a href = "http://www.securityfocus.com/bid/97531" > http://www.securityfocus.com/bid/97531< / a > < br > < a href = "http://www.securitytracker.com/id/1038217" > http://www.securitytracker.com/id/1038217< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2017-5650" > https://access.redhat.com/security/cve/CVE-2017-5650< / a > < br > < a href = "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/d24303fb095db072740d8154b0f0db3f2b8f67bc91a0562dbe89c738@%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/d24303fb095db072740d8154b0f0db3f2b8f67bc91a0562dbe89c738@%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2017-5650" > https://nvd.nist.gov/vuln/detail/CVE-2017-5650< / a > < br > < a href = "https://security.gentoo.org/glsa/201705-09" > https://security.gentoo.org/glsa/201705-09< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20180614-0001/" > https://security.netapp.com/advisory/ntap-20180614-0001/< / a > < br > < / details > |
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2017-5664 | HIGH | 8.5.6 | 7.0.52, 7.0.78, 8.0.8, 8.0.44, 8.5.15, 9.0.1 | < details > < summary > Expand...< / summary > < a href = "http://apt.inguza.net/wheezy-security/tomcat/tomcat8-CVE-2017-5664.patch" > http://apt.inguza.net/wheezy-security/tomcat/tomcat8-CVE-2017-5664.patch< / a > < br > < a href = "http://www.debian.org/security/2017/dsa-3891" > http://www.debian.org/security/2017/dsa-3891< / a > < br > < a href = "http://www.debian.org/security/2017/dsa-3892" > http://www.debian.org/security/2017/dsa-3892< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" > http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" > http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" > http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html< / a > < br > < a href = "http://www.securityfocus.com/bid/98888" > http://www.securityfocus.com/bid/98888< / a > < br > < a href = "http://www.securitytracker.com/id/1038641" > http://www.securitytracker.com/id/1038641< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:1801" > https://access.redhat.com/errata/RHSA-2017:1801< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:1802" > https://access.redhat.com/errata/RHSA-2017:1802< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:1809" > https://access.redhat.com/errata/RHSA-2017:1809< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2493" > https://access.redhat.com/errata/RHSA-2017:2493< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2494" > https://access.redhat.com/errata/RHSA-2017:2494< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2633" > https://access.redhat.com/errata/RHSA-2017:2633< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2635" > https://access.redhat.com/errata/RHSA-2017:2635< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2636" > https://access.redhat.com/errata/RHSA-2017:2636< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2637" > https://access.redhat.com/errata/RHSA-2017:2637< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2638" > https://access.redhat.com/errata/RHSA-2017:2638< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3080" > https://access.redhat.com/errata/RHSA-2017:3080< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2017-5664" > https://access.redhat.com/security/cve/CVE-2017-5664< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5664< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2017-5664.html" > https://linux.oracle.com/cve/CVE-2017-5664.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2017-3080.html" > https://linux.oracle.com/errata/ELSA-2017-3080.html< / a > < br > < a href = "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E" > https://lists.
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2017-7675 | HIGH | 8.5.6 | 8.5.16, 9.0.1 | < details > < summary > Expand...< / summary > < a href = "http://www.debian.org/security/2017/dsa-3974" > http://www.debian.org/security/2017/dsa-3974< / a > < br > < a href = "http://www.securityfocus.com/bid/100256" > http://www.securityfocus.com/bid/100256< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2017-7675" > https://access.redhat.com/security/cve/CVE-2017-7675< / a > < br > < a href = "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/5f8ab8a02f3610bd56ea2b0d69af25cbde451d79c46276c350e05a15@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/5f8ab8a02f3610bd56ea2b0d69af25cbde451d79c46276c350e05a15@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/d3a5818e8af731bde6a05ef031ed3acc093c6dd7c4bfcc4936eafd6c@%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/d3a5818e8af731bde6a05ef031ed3acc093c6dd7c4bfcc4936eafd6c@%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2017-7675" > https://nvd.nist.gov/vuln/detail/CVE-2017-7675< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20180614-0003/" > https://security.netapp.com/advisory/ntap-20180614-0003/< / a > < br > < a href = "https://tomcat.apache.org/security-8.html" > https://tomcat.apache.org/security-8.html< / a > < br > < / details > |
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2018-1336 | HIGH | 8.5.6 | 9.0.8, 9.0.8, 9.0.8, 9.0.8, 8.0.51, 7.0.87 | < details > < summary > Expand...< / summary > < a href = "http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090435.GA60759%40minotaur.apache.org%3E" > http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090435.GA60759%40minotaur.apache.org%3E< / a > < br > < a href = "http://www.securityfocus.com/bid/104898" > http://www.securityfocus.com/bid/104898< / a > < br > < a href = "http://www.securitytracker.com/id/1041375" > http://www.securitytracker.com/id/1041375< / a > < br > < a href = "https://access.redhat.com/errata/RHEA-2018:2188" > https://access.redhat.com/errata/RHEA-2018:2188< / a > < br > < a href = "https://access.redhat.com/errata/RHEA-2018:2189" > https://access.redhat.com/errata/RHEA-2018:2189< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2700" > https://access.redhat.com/errata/RHSA-2018:2700< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2701" > https://access.redhat.com/errata/RHSA-2018:2701< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2740" > https://access.redhat.com/errata/RHSA-2018:2740< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2741" > https://access.redhat.com/errata/RHSA-2018:2741< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2742" > https://access.redhat.com/errata/RHSA-2018:2742< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2743" > https://access.redhat.com/errata/RHSA-2018:2743< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2921" > https://access.redhat.com/errata/RHSA-2018:2921< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2930" > https://access.redhat.com/errata/RHSA-2018:2930< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2939" > https://access.redhat.com/errata/RHSA-2018:2939< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2945" > https://access.redhat.com/errata/RHSA-2018:2945< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:3768" > https://access.redhat.com/errata/RHSA-2018:3768< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-1336" > https://access.redhat.com/security/cve/CVE-2018-1336< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1336< / a > < br > < a href = "https://github.com/advisories/GHSA-m59c-jpc8-m2x4" > https://github.com/advisories/GHSA-m59c-jpc8-m2x4< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2018-1336.html" > https://linux.oracle.com/cve/CVE-2018-1336.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2018-2921.html" > https://linux.oracle.com/errata/ELSA-2018-2921.html< / a > < br > < a href = "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2018-8034 | HIGH | 8.5.6 | 9.0.10, 9.0.10, 9.0.10, 9.0.10, 8.0.53, 7.0.90 | < details > < summary > Expand...< / summary > < a href = "http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722091057.GA70283@minotaur.apache.org%3E" > http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722091057.GA70283@minotaur.apache.org%3E< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html< / a > < br > < a href = "http://www.securityfocus.com/bid/104895" > http://www.securityfocus.com/bid/104895< / a > < br > < a href = "http://www.securitytracker.com/id/1041374" > http://www.securitytracker.com/id/1041374< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0130" > https://access.redhat.com/errata/RHSA-2019:0130< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0131" > https://access.redhat.com/errata/RHSA-2019:0131< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0450" > https://access.redhat.com/errata/RHSA-2019:0450< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0451" > https://access.redhat.com/errata/RHSA-2019:0451< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1159" > https://access.redhat.com/errata/RHSA-2019:1159< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1160" > https://access.redhat.com/errata/RHSA-2019:1160< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1161" > https://access.redhat.com/errata/RHSA-2019:1161< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1162" > https://access.redhat.com/errata/RHSA-2019:1162< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1529" > https://access.redhat.com/errata/RHSA-2019:1529< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2205" > https://access.redhat.com/errata/RHSA-2019:2205< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3892" > https://access.redhat.com/errata/RHSA-2019:3892< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-8034" > https://access.redhat.com/security/cve/CVE-2018-8034< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8034" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8034< / a > < br > < a href = "https://github.com/advisories/GHSA-46j3-r4pj-4835" > https://github.com/advisories/GHSA-46j3-r4pj-4835< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2018-8034.html" > https://linux.oracle.com/cve/CVE-2018-8034.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2019-2205.html" > https://linux.oracle.com/errata/ELSA-2019-2205.html< / a > < br > < a href = "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E" > ht
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2019-0199 | HIGH | 8.5.6 | 9.0.16, 9.0.16 | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00090.html" > http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00090.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00013.html" > http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00013.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html" > http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html< / a > < br > < a href = "http://www.securityfocus.com/bid/107674" > http://www.securityfocus.com/bid/107674< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3929" > https://access.redhat.com/errata/RHSA-2019:3929< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3931" > https://access.redhat.com/errata/RHSA-2019:3931< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-0199" > https://access.redhat.com/security/cve/CVE-2019-0199< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0199" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0199< / a > < br > < a href = "https://github.com/advisories/GHSA-qcxh-w3j9-58qr" > https://github.com/advisories/GHSA-qcxh-w3j9-58qr< / a > < br > < a href = "https://lists.apache.org/thread.html/158ab719cf60448ddbb074798f09152fdb572fc8f781e70a56118d1a@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/158ab719cf60448ddbb074798f09152fdb572fc8f781e70a56118d1a@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/4c438fa4c78cb1ce8979077f668ab7145baf83e7c59f2faf7eccf094@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/4c438fa4c78cb1ce8979077f668ab7145baf83e7c59f2faf7eccf094@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/7bb193bc68b28d21ff1c726fd38bea164deb6333b59eec2eb3661da6@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/7bb193bc68b28d21ff1c726fd38bea164deb6333b59eec2eb3661da6@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/9fe25f98bac6d66f8a663a15c37a98bc2d8f8bbed1d408791a3e4067@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/9fe25f98bac6d66f8a663a15c37a98bc2d8f8bbed1d408791a3e4067@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/a7a201bd23e67fd3326c9b22b814dd0537d3270b3b54a768e2e7ef50@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/a7a201bd23e67fd3326c9b22b814dd0537d3270b3b54a768e2e7ef50@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ac0185ce240a711b542a55bccf9349ab0c2f343d70cf7835e08fabc9@%3Cannounce.apache.org%3E" > https://lists.apache.org/thread.html/ac0185ce240a711b542a55bccf9349ab0c2f343d70cf7835e08fabc9@%3Cannounce.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/cf4eb2bd2083cebb3602a293c653f9a7faa96c86f672c876f25b37ef@%3Cannounce.apache.org%3E" > https://lists.apache.org/thread.html/cf4eb2bd2083cebb3602a293c653f9a7faa96c86f672c876f25b37ef@%3Cannounce.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/dddb3590bac28fbe89f69f5ccbe26283d014ddc691abdd042de14600@%3Cannounce.tomcat.apache.org%3
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2019-0232 | HIGH | 8.5.6 | 9.0.17, 9.0.17, 9.0.17, 7.0.94 | < details > < summary > Expand...< / summary > < a href = "http://packetstormsecurity.com/files/153506/Apache-Tomcat-CGIServlet-enableCmdLineArguments-Remote-Code-Execution.html" > http://packetstormsecurity.com/files/153506/Apache-Tomcat-CGIServlet-enableCmdLineArguments-Remote-Code-Execution.html< / a > < br > < a href = "http://seclists.org/fulldisclosure/2019/May/4" > http://seclists.org/fulldisclosure/2019/May/4< / a > < br > < a href = "http://www.securityfocus.com/bid/107906" > http://www.securityfocus.com/bid/107906< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1712" > https://access.redhat.com/errata/RHSA-2019:1712< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-0232" > https://access.redhat.com/security/cve/CVE-2019-0232< / a > < br > < a href = "https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat/" > https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat/< / a > < br > < a href = "https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html" > https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html< / a > < br > < a href = "https://github.com/advisories/GHSA-8vmx-qmch-mpqg" > https://github.com/advisories/GHSA-8vmx-qmch-mpqg< / a > < br > < a href = "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/52ffb9fbf661245386a83a661183d13f1de2e5779fa23837a08e02ac@%3Ccommits.ofbiz.apache.org%3E" > https://lists.apache.org/thread.html/52ffb9fbf661245386a83a661183d13f1de2e5779fa23837a08e02ac@%3Ccommits.ofbiz.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/5f297a4b9080b5f65a05bc139596d0e437d6a539b25e31d29d028767@%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/5f297a4b9080b5f65a05bc139596d0e437d6a539b25e31d29d028767@%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/673b6148d92cd7bc99ea2dcf85ad75d57da44fc322d51f37fb529a2a@%3Ccommits.ofbiz.apache.org%3E" > https://lists.apache.org/thread.html/673b6148d92cd7bc99ea2dcf85ad75d57da44fc322d51f37fb529a2a@%3Ccommits.ofbiz.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/96849486813a95dfd542e1618b7923ca945508aaf4a4341f674d83e3@%3Cnotifications.ofbiz.apache.org%3E" > https://lists.apache.org/thread.html/96849486813a95dfd542e1618b7923ca945508aaf4a4341f674d83e3@%3Cnotifications.ofbiz.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/a6c87a09a71162fd563ab1c4e70a08a103e0b7c199fc391f1c9c4c35@%3Ccommits.ofbiz.apache.org%3E" > https://lists.apache.org/thread.html/a6c87a09a71162fd563ab1c4e70a08a103e0b7c199fc391f1c9c4c35@%3Ccommits.ofbiz.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/dd4b325cdb261183dbf5ce913c102920a8f09c26dae666a98309165b@%3Cnotifications.ofbiz.apache.org%3E" > https://lists.apache.org/thread.html/dd4b325cdb261183dbf5ce913c102920a8f09c26dae666a98309165b@%3Cnotifications.ofbiz.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f4d48b32ef2b6aa49c8830241a9475da5b46e451f964b291c7a0a715@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/f4d48b32ef2b6aa49c8830241a9475da5b46e
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2019-10072 | HIGH | 8.5.6 | 8.5.40, 9.0.20 | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html" > http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html< / a > < br > < a href = "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.41" > http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.41< / a > < br > < a href = "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.20" > http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.20< / a > < br > < a href = "http://www.securityfocus.com/bid/108874" > http://www.securityfocus.com/bid/108874< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3929" > https://access.redhat.com/errata/RHSA-2019:3929< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3931" > https://access.redhat.com/errata/RHSA-2019:3931< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-10072" > https://access.redhat.com/security/cve/CVE-2019-10072< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10072" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10072< / a > < br > < a href = "https://github.com/advisories/GHSA-q4hg-rmq2-52q9" > https://github.com/advisories/GHSA-q4hg-rmq2-52q9< / a > < br > < a href = "https://lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a@%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a@%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-10072" > https://nvd.nist.gov/vuln/detail/CVE-2019-10072< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20190625-0002/" > https://security.netapp.com/advisory/ntap-20190625-0002/< / a > < br > < a href = "https://support.f5.com/csp/article/K17321505" > https://support.f5.com/csp/article/K17321505< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-4128-1" > https://ubuntu.com/security/notices/USN-4128-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-4128-2" > https://ubuntu.com/security/notices/USN-4128-2< / a > < br > < a href = "https://usn.ubuntu.com/4128-1/" > https://usn.ubuntu.com/4128-1/< / a > < br > < a href = "https://usn.ubuntu.com/4128-2/" > https://usn.ubuntu.com/4128-2/< / a > < br > < a href = "https://www.debian.org/security/2020/dsa-4680" > https://www.debian.org/security/2020/dsa-4680< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuApr2021.html" > https://www.oracle.com/security-alerts/cpuApr2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuapr2020.html" > https://www.oracle.com/security-alerts/cpuapr2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2020.html" > https://www.oracle.com/security-alerts/cpujan2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.htm
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2019-12418 | HIGH | 8.5.6 | 7.0.99, 8.5.49, 9.0.29 | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html" > http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html< / a > < br > < a href = "http://mail-archives.apache.org/mod_mbox/tomcat-users/201912.mbox/%3C3f42d82c-d9e9-8893-9820-df4e420e5c4e@apache.org%3E" > http://mail-archives.apache.org/mod_mbox/tomcat-users/201912.mbox/%3C3f42d82c-d9e9-8893-9820-df4e420e5c4e@apache.org%3E< / a > < br > < a href = "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.49" > http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.49< / a > < br > < a href = "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.29" > http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.29< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-12418" > https://access.redhat.com/security/cve/CVE-2019-12418< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418< / a > < br > < a href = "https://github.com/advisories/GHSA-hh3j-x4mc-g48r" > https://github.com/advisories/GHSA-hh3j-x4mc-g48r< / a > < br > < a href = "https://lists.apache.org/thread.html/43530b91506e2e0c11cfbe691173f5df8c48f51b98262426d7493b67%40%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/43530b91506e2e0c11cfbe691173f5df8c48f51b98262426d7493b67%40%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html" > https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2020/03/msg00029.html" > https://lists.debian.org/debian-lts-announce/2020/03/msg00029.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-12418" > https://nvd.nist.gov/vuln/detail/CVE-2019-12418< / a > < br > < a href = "https://seclists.org/bugtraq/2019/Dec/43" > https://seclists.org/bugtraq/2019/Dec/43< / a > < br > < a href = "https://security.gentoo.org/glsa/202003-43" > https://security.gentoo.org/glsa/202003-43< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20200107-0001/" > https://security.netapp.com/advisory/ntap-20200107-0001/< / a > < br > < a href = "https://support.f5.com/csp/article/K10107360?utm_source=f5support&amp;utm_medium=RSS" > https://support.f5.com/csp/article/K10107360?utm_source=f5support& amp;utm_medium=RSS< / a > < br > < a href = "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.99" > https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.99< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-4251-1" > https://ubuntu.com/security/notices/USN-4251-1< / a > < br > < a href =
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2019-17563 | HIGH | 8.5.6 | 7.0.99, 8.5.50, 9.0.30 | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html" > http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html< / a > < br > < a href = "http://mail-archives.apache.org/mod_mbox/www-announce/201912.mbox/%3C21b7a375-7297-581b-1f8e-06622d36775b@apache.org%3E" > http://mail-archives.apache.org/mod_mbox/www-announce/201912.mbox/%3C21b7a375-7297-581b-1f8e-06622d36775b@apache.org%3E< / a > < br > < a href = "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.30" > http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.30< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-17563" > https://access.redhat.com/security/cve/CVE-2019-17563< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563< / a > < br > < a href = "https://github.com/advisories/GHSA-9xcj-c8cr-8c3c" > https://github.com/advisories/GHSA-9xcj-c8cr-8c3c< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2019-17563.html" > https://linux.oracle.com/cve/CVE-2019-17563.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2020-4004.html" > https://linux.oracle.com/errata/ELSA-2020-4004.html< / a > < br > < a href = "https://lists.apache.org/thread.html/8b4c1db8300117b28a0f3f743c0b9e3f964687a690cdf9662a884bbd%40%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/8b4c1db8300117b28a0f3f743c0b9e3f964687a690cdf9662a884bbd%40%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/reb9a66f176df29b9a832caa95ebd9ffa3284e8f4922ec4fa3ad8eb2e@%3Cissues.cxf.apache.org%3E" > https://lists.apache.org/thread.html/reb9a66f176df29b9a832caa95ebd9ffa3284e8f4922ec4fa3ad8eb2e@%3Cissues.cxf.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html" > https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html" > https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2019-17563" > https://nvd.nist.gov/vuln/detail/CVE-2019-17563< / a > < br > < a href = "https://seclists.org/bugtraq/2019/Dec/43" > https://seclists.org/bugtraq/2019/Dec/43< / a > < br > < a href = "https://security.gentoo.org/glsa/202003-43" > https://security.gentoo.org/glsa/202003-43< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20200107-0001/" > https://security.netapp.com/advisory/ntap-20200107-0001/< / a > < br > < a href = "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.99" > https://tomcat.apache.org/security-7.html#Fixed_in_Ap
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2020-13934 | HIGH | 8.5.6 | 8.5.57, 9.0.37 | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html" > http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html" > http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html< / a > < br > < a href = "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202007.mbox/%3Cad62f54e-8fd7-e326-25f1-3bdf1ffa3818%40apache.org%3E" > http://mail-archives.apache.org/mod_mbox/tomcat-announce/202007.mbox/%3Cad62f54e-8fd7-e326-25f1-3bdf1ffa3818%40apache.org%3E< / a > < br > < a href = "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M7" > http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M7< / a > < br > < a href = "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.105" > http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.105< / a > < br > < a href = "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57" > http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57< / a > < br > < a href = "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.37" > http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.37< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2020-13934" > https://access.redhat.com/security/cve/CVE-2020-13934< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934< / a > < br > < a href = "https://github.com/advisories/GHSA-vf77-8h7g-gghp" > https://github.com/advisories/GHSA-vf77-8h7g-gghp< / a > < br > < a href = "https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html" > https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-13934" > https://nvd.nist.gov/vuln/detail/CVE-2020-13934< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20200724-0003/" > https://security.netapp.com/advisory/ntap-20200724-0003/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-4596-1" > https://ubuntu.com/security/notices/USN-4596-1< / a > < br > < a href = "https://usn.ubuntu.com/4596-1/" > https://usn.ubuntu.com/4596-1/< / a > < br > < a href = "https://www.debian.org/security/2020/dsa-4727" > https://www.debian.org/security/2020/dsa-4727< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2020/07/14/4" > https://www.openwall.com/lists/oss-security/2020/07/14/4< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuApr2021.html" > https://www.oracle.com/security-alerts/cpuApr2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2021.html" > https://www.oracle.com/security-alerts/cpujan2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2020.html" > https://www.oracle.com/security-alerts/cpuoct2020.html< / a > < br > < / details > |
2022-04-03 16:31:59 +00:00
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2020-17527 | HIGH | 8.5.6 | 8.5.60, 9.0.40, 10.0.2 | < details > < summary > Expand...< / summary > < a href = "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M10" > http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M10< / a > < br > < a href = "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60" > http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60< / a > < br > < a href = "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40" > http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2020/12/03/3" > http://www.openwall.com/lists/oss-security/2020/12/03/3< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2020-17527" > https://access.redhat.com/security/cve/CVE-2020-17527< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17527< / a > < br > < a href = "https://github.com/advisories/GHSA-vvw4-rfwf-p6hx" > https://github.com/advisories/GHSA-vvw4-rfwf-p6hx< / a > < br > < a href = "https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29 (8.5.60)" > https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29 (8.5.60)< / a > < br > < a href = "https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65 (9.0.40)" > https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65 (9.0.40)< / a > < br > < a href = "https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784@%3Ccommits.tomee.apache.org%3E" > https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784@%3Ccommits.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20@%3Ccommits.tomee.apache.org%3E" > https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20@%3Ccommits.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa@%3Ccommits.tomee.apache.org%3E" > https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa@%3Ccommits.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee@%3Cissues.guacamole.apache.org%3E" > https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee@%3Cissues.guacamole.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.apache.org%3E" > https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d@%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rabbe6b3ae6a9795641d7a05c00d2378d5bbbe4240b7e20f09b092cce@%3Cissues.guacamole.apache.org%3E" > htt
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2020-9484 | HIGH | 8.5.6 | 7.0.104, 8.5.55, 9.0.35, 10.0.0-M5 | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00057.html" > http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00057.html< / a > < br > < a href = "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202005.mbox/%3Ce3a0a517-bf82-ba62-0af6-24b83ea0e4e2%40apache.org%3E" > http://mail-archives.apache.org/mod_mbox/tomcat-announce/202005.mbox/%3Ce3a0a517-bf82-ba62-0af6-24b83ea0e4e2%40apache.org%3E< / a > < br > < a href = "http://packetstormsecurity.com/files/157924/Apache-Tomcat-CVE-2020-9484-Proof-Of-Concept.html" > http://packetstormsecurity.com/files/157924/Apache-Tomcat-CVE-2020-9484-Proof-Of-Concept.html< / a > < br > < a href = "http://seclists.org/fulldisclosure/2020/Jun/6" > http://seclists.org/fulldisclosure/2020/Jun/6< / a > < br > < a href = "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M5" > http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M5< / a > < br > < a href = "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.104" > http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.104< / a > < br > < a href = "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.55" > http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.55< / a > < br > < a href = "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.35" > http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.35< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2021/03/01/2" > http://www.openwall.com/lists/oss-security/2021/03/01/2< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2020-9484" > https://access.redhat.com/security/cve/CVE-2020-9484< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484< / a > < br > < a href = "https://github.com/advisories/GHSA-344f-f5vg-2jfj" > https://github.com/advisories/GHSA-344f-f5vg-2jfj< / a > < br > < a href = "https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222 (9.0.35)" > https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222 (9.0.35)< / a > < br > < a href = "https://github.com/apache/tomcat/commit/53e30390943c18fca0c9e57dbcc14f1c623cfd06 (7.0.104)" > https://github.com/apache/tomcat/commit/53e30390943c18fca0c9e57dbcc14f1c623cfd06 (7.0.104)< / a > < br > < a href = "https://github.com/apache/tomcat/commit/bb33048e3f9b4f2b70e4da2e6c4e34ca89023b1b (10.0.0-M5)" > https://github.com/apache/tomcat/commit/bb33048e3f9b4f2b70e4da2e6c4e34ca89023b1b (10.0.0-M5)< / a > < br > < a href = "https://github.com/apache/tomcat/commit/ec08af18d0f9ddca3f2d800ef66fe7fd20afef2f (8.5.55)" > https://github.com/apache/tomcat/commit/ec08af18d0f9ddca3f2d800ef66fe7fd20afef2f (8.5.55)< / a > < br > < a href = "https://kc.mcafee.com/corporate/index?page=content&id=SB10332" > https://kc.mcafee.com/corporate/index?page=content& id=SB10332< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-9484.html" > https://linux.oracle.com/cve/CVE-2020-9484.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2020-2530.html" > https://linux.oracle.com/errata/ELSA-2020-2530.html< / a > < br > < a href = "https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r123b3ebe389f46f9d337923f393cdae4d3e9b78d982d706712f0898c@%3Ccommits.tomee.apache.org%3E" > https://lists.apache.org/thread.html/r123b3ebe389f46f9d337923f393cdae4d3e9b78d982d706712f0898c@%3Ccommits.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r26950738f4b4ca2d256597cf391d52d3450fa665c297ea5ca38f5469@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r26950738f4b4ca2d256597cf391d52d3450fa665c297ea5ca38f5469@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.ht
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2021-25122 | HIGH | 8.5.6 | 8.5.63, 9.0.43, 10.0.2 | < details > < summary > Expand...< / summary > < a href = "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3Cb7626398-5e6d-1639-4e9e-e41b34af84de%40apache.org%3E" > http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3Cb7626398-5e6d-1639-4e9e-e41b34af84de%40apache.org%3E< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2021/03/01/1" > http://www.openwall.com/lists/oss-security/2021/03/01/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2021-25122" > https://access.redhat.com/security/cve/CVE-2021-25122< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25122< / a > < br > < a href = "https://github.com/advisories/GHSA-j39c-c8hj-x4j3" > https://github.com/advisories/GHSA-j39c-c8hj-x4j3< / a > < br > < a href = "https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.apache.org%3E" > https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rcd90bf36b1877e1310b87ecd14ed7bbb15da52b297efd9f0e7253a3b@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/rcd90bf36b1877e1310b87ecd14ed7bbb15da52b297efd9f0e7253a3b@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rd0463f9a5cbc02a485404c4b990f0da452e5ac5c237808edba11c947@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/rd0463f9a5cbc02a485404c4b990f0da452e5ac5c237808edba11c947@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html" > https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-25122" > https://nvd.nist.gov/vuln/detail/CVE-2021-25122< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210409-0002/" > https://security.netapp.com/advisory/ntap-20210409-0002/< / a > < br > < a href = "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.2" > https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.2< / a > < br > < a href = "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.63" > https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.63< / a > < br > < a href = "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.43" > https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.43< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-5360-1" > https://ubuntu.com/security/notices/USN-5360-1< / a > < br > < a href = "https://www.debian.org/
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2021-25329 | HIGH | 8.5.6 | 7.0.108, 8.5.63, 9.0.43, 10.0.2 | < details > < summary > Expand...< / summary > < a href = "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3C811bba77-e74e-9f9b-62ca-5253a09ba84f%40apache.org%3E" > http://mail-archives.apache.org/mod_mbox/tomcat-announce/202103.mbox/%3C811bba77-e74e-9f9b-62ca-5253a09ba84f%40apache.org%3E< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2021/03/01/2" > http://www.openwall.com/lists/oss-security/2021/03/01/2< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2021-25329" > https://access.redhat.com/security/cve/CVE-2021-25329< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25329< / a > < br > < a href = "https://github.com/advisories/GHSA-jgwr-3qm3-26f3" > https://github.com/advisories/GHSA-jgwr-3qm3-26f3< / a > < br > < a href = "https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4" > https://github.com/apache/tomcat/commit/6d66e99ef85da93e4d2c2a536ca51aa3418bfaf4< / a > < br > < a href = "https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r732b2ca289dc02df2de820e8775559abd6c207f159e39f559547a085@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r732b2ca289dc02df2de820e8775559abd6c207f159e39f559547a085@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r8a2ac0e476dbfc1e6440b09dcc782d444ad635d6da26f0284725a5dc@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r8a2ac0e476dbfc1e6440b09dcc782d444ad635d6da26f0284725a5dc@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rb51ccd58b2152fc75125b2406fc93e04ca9d34e737263faa6ff0f41f@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/rb51ccd58b2152fc75125b2406fc93e04ca9d34e737263faa6ff0f41f@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.apache.org%3E" > https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html" > https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-25329" > https://nvd.nist.gov/vuln/detail/CVE-2021-25329< / a > < br > < a href = "https://security.netapp.com/
2022-03-30 20:23:21 +00:00
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2018-11784 | MEDIUM | 8.5.6 | 8.5.34, 8.5.34, 9.0.12 | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html" > http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html" > http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html< / a > < br > < a href = "http://packetstormsecurity.com/files/163456/Apache-Tomcat-9.0.0M1-Open-Redirect.html" > http://packetstormsecurity.com/files/163456/Apache-Tomcat-9.0.0M1-Open-Redirect.html< / a > < br > < a href = "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.91" > http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.91< / a > < br > < a href = "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.34" > http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.34< / a > < br > < a href = "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.12" > http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.12< / a > < br > < a href = "http://www.securityfocus.com/bid/105524" > http://www.securityfocus.com/bid/105524< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0130" > https://access.redhat.com/errata/RHSA-2019:0130< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0131" > https://access.redhat.com/errata/RHSA-2019:0131< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:0485" > https://access.redhat.com/errata/RHSA-2019:0485< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1529" > https://access.redhat.com/errata/RHSA-2019:1529< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-11784" > https://access.redhat.com/security/cve/CVE-2018-11784< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11784" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11784< / a > < br > < a href = "https://github.com/advisories/GHSA-5q99-f34m-67gc" > https://github.com/advisories/GHSA-5q99-f34m-67gc< / a > < br > < a href = "https://kc.mcafee.com/corporate/index?page=content&id=SB10284" > https://kc.mcafee.com/corporate/index?page=content& id=SB10284< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2018-11784.html" > https://linux.oracle.com/cve/CVE-2018-11784.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2019-1529.html" > https://linux.oracle.com/errata/ELSA-2019-1529.html< / a > < br > < a href = "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/23134c9b5a23892a205dc140cdd8c9c0add233600f76b313dda6bd75@%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/23134c9b5a23892a205dc140cdd8c9c0add233600f76b313dda6bd75@%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2018-1304 | MEDIUM | 8.5.6 | 9.0.5, 9.0.5, 9.0.5, 9.0.5, 8.0.51, 7.0.86 | < details > < summary > Expand...< / summary > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" > http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html< / a > < br > < a href = "http://www.securityfocus.com/bid/103170" > http://www.securityfocus.com/bid/103170< / a > < br > < a href = "http://www.securitytracker.com/id/1040427" > http://www.securitytracker.com/id/1040427< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0465" > https://access.redhat.com/errata/RHSA-2018:0465< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0466" > https://access.redhat.com/errata/RHSA-2018:0466< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1320" > https://access.redhat.com/errata/RHSA-2018:1320< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1447" > https://access.redhat.com/errata/RHSA-2018:1447< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1448" > https://access.redhat.com/errata/RHSA-2018:1448< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1449" > https://access.redhat.com/errata/RHSA-2018:1449< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1450" > https://access.redhat.com/errata/RHSA-2018:1450< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1451" > https://access.redhat.com/errata/RHSA-2018:1451< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2939" > https://access.redhat.com/errata/RHSA-2018:2939< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2205" > https://access.redhat.com/errata/RHSA-2019:2205< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-1304" > https://access.redhat.com/security/cve/CVE-2018-1304< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1304" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1304< / a > < br > < a href = "https://github.com/advisories/GHSA-6rxj-58jh-436r" > https://github.com/advisories/GHSA-6rxj-58jh-436r< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2018-1304.html" > https://linux.oracle.com/cve/CVE-2018-1304.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2019-2205.html" > https://linux.oracle.com/errata/ELSA-2019-2205.html< / a > < br > < a href = "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/845312a10aabbe2c499fca9400
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2018-1305 | MEDIUM | 8.5.6 | 9.0.5, 9.0.5, 9.0.5, 7.0.85 | < details > < summary > Expand...< / summary > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" > http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html< / a > < br > < a href = "http://www.securityfocus.com/bid/103144" > http://www.securityfocus.com/bid/103144< / a > < br > < a href = "http://www.securitytracker.com/id/1040428" > http://www.securitytracker.com/id/1040428< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0465" > https://access.redhat.com/errata/RHSA-2018:0465< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:0466" > https://access.redhat.com/errata/RHSA-2018:0466< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1320" > https://access.redhat.com/errata/RHSA-2018:1320< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2939" > https://access.redhat.com/errata/RHSA-2018:2939< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:2205" > https://access.redhat.com/errata/RHSA-2019:2205< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-1305" > https://access.redhat.com/security/cve/CVE-2018-1305< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305< / a > < br > < a href = "https://github.com/advisories/GHSA-jx6h-3fjx-cgv5" > https://github.com/advisories/GHSA-jx6h-3fjx-cgv5< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2018-1305.html" > https://linux.oracle.com/cve/CVE-2018-1305.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2019-2205.html" > https://linux.oracle.com/errata/ELSA-2019-2205.html< / a > < br > < a href = "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2018-8037 | MEDIUM | 8.5.6 | 9.0.10, 9.0.10 | < details > < summary > Expand...< / summary > < a href = "http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090623.GA92700%40minotaur.apache.org%3E" > http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090623.GA92700%40minotaur.apache.org%3E< / a > < br > < a href = "http://mail-archives.us.apache.org/mod_mbox/www-announce/201808.mbox/%3C0c616b4d-4e81-e7f8-b81d-1bb4c575aa33%40apache.org%3E" > http://mail-archives.us.apache.org/mod_mbox/www-announce/201808.mbox/%3C0c616b4d-4e81-e7f8-b81d-1bb4c575aa33%40apache.org%3E< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html< / a > < br > < a href = "http://www.securityfocus.com/bid/104894" > http://www.securityfocus.com/bid/104894< / a > < br > < a href = "http://www.securitytracker.com/id/1041376" > http://www.securitytracker.com/id/1041376< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2867" > https://access.redhat.com/errata/RHSA-2018:2867< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2868" > https://access.redhat.com/errata/RHSA-2018:2868< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:1529" > https://access.redhat.com/errata/RHSA-2019:1529< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-8037" > https://access.redhat.com/security/cve/CVE-2018-8037< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8037" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8037< / a > < br > < a href = "https://github.com/advisories/GHSA-6v52-mj5r-7j2m" > https://github.com/advisories/GHSA-6v52-mj5r-7j2m< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2018-8037.html" > https://linux.oracle.com/cve/CVE-2018-8037.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2019-1529.html" > https://linux.oracle.com/errata/ELSA-2019-1529.html< / a > < br > < a href = "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/2ee3af8a43cb019e7898c9330cc8e73306553a27f2e4735dfb522d39@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/2ee3af8a43cb019e7898c9330cc8e73306553a27f2e4735dfb522d39@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/5d15316dfb4adf75d96d394745f8037533fa3bcc1ac8f619bf5c044c@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/5d15316dfb4adf75d96d394745f8037533fa3bcc1ac8f619bf5c044c@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E< / a > < br > < a hre
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2019-0221 | MEDIUM | 8.5.6 | 9.0.17, 9.0.17, 9.0.17, 7.0.94 | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00090.html" > http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00090.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html" > http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html< / a > < br > < a href = "http://packetstormsecurity.com/files/163457/Apache-Tomcat-9.0.0.M1-Cross-Site-Scripting.html" > http://packetstormsecurity.com/files/163457/Apache-Tomcat-9.0.0.M1-Cross-Site-Scripting.html< / a > < br > < a href = "http://seclists.org/fulldisclosure/2019/May/50" > http://seclists.org/fulldisclosure/2019/May/50< / a > < br > < a href = "http://www.securityfocus.com/bid/108545" > http://www.securityfocus.com/bid/108545< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3929" > https://access.redhat.com/errata/RHSA-2019:3929< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2019:3931" > https://access.redhat.com/errata/RHSA-2019:3931< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2019-0221" > https://access.redhat.com/security/cve/CVE-2019-0221< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221< / a > < br > < a href = "https://github.com/advisories/GHSA-jjpq-gp5q-8q6w" > https://github.com/advisories/GHSA-jjpq-gp5q-8q6w< / a > < br > < a href = "https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c@%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c@%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E" > https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2019/05/msg00044.html" > https://lists.debian.org/debian-lts-announce/2019/05/msg00044.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html" > https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3/" > https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3/< / a > < br > < a href = "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46/" > https://lists.fedo
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2020-1935 | MEDIUM | 8.5.6 | 7.0.100, 8.5.51, 9.0.31 | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html" > http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2020-1935" > https://access.redhat.com/security/cve/CVE-2020-1935< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935< / a > < br > < a href = "https://github.com/advisories/GHSA-qxf4-chvg-4r8r" > https://github.com/advisories/GHSA-qxf4-chvg-4r8r< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-1935.html" > https://linux.oracle.com/cve/CVE-2020-1935.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2020-5020.html" > https://linux.oracle.com/errata/ELSA-2020-5020.html< / a > < br > < a href = "https://lists.apache.org/thread.html/r127f76181aceffea2bd4711b03c595d0f115f63e020348fe925a916c%40%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r127f76181aceffea2bd4711b03c595d0f115f63e020348fe925a916c%40%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r441c1f30a252bf14b07396286f6abd8089ce4240e91323211f1a2d75@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r441c1f30a252bf14b07396286f6abd8089ce4240e91323211f1a2d75@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r660cd379afe346f10d72c0eaa8459ccc95d83aff181671b7e9076919@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r660cd379afe346f10d72c0eaa8459ccc95d83aff181671b7e9076919@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E" > https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78@%3Ccommits.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r80e9c8417c77d52c62809168b96912bda70ddf7748f19f8210f745b1@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r80e9c8417c77d52c62809168b96912bda70ddf7748f19f8210f745b1@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r9ce7918faf347e7aac32be930bf26c233b0b140fe37af0bb294158b6@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r9ce7918faf347e7aac32be930bf26c233b0b140fe37af0bb294158b6@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ra5dee390ad2d60307b8362505c059cd6a726de4d146d63dfce1e05e7@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/ra5dee390ad2d60307b8362505c059cd6a726de4d146d63dfce1e05e7@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E" > https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743@%3Ccommits.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rd547be0c9d821b4b1000a694b8e58ef9f5e2d66db03a31dfe77c4b18@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/rd547be0c9d821b4b1000a694b8e58ef9f5e2d66db03a31dfe77c4b18@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html" > https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html" > https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-1935" > https://nvd.nist.gov/vuln/detail/CVE-2020-1935< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20200327-0005/" > https://security.netapp.com/advisory/ntap-20200327-0005/< / a > < br > < a href = "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100" > https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100< / a > < br > < a href = "https://tomcat.apache.org/s
| org.apache.tomcat.embed:tomcat-embed-core | CVE-2021-24122 | MEDIUM | 8.5.6 | 10.0.0-M10, 9.0.40, 8.5.60, 7.0.107 | < details > < summary > Expand...< / summary > < a href = "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202101.mbox/%3Cf3765f21-969d-7f21-e34a-efc106175373%40apache.org%3E" > http://mail-archives.apache.org/mod_mbox/tomcat-announce/202101.mbox/%3Cf3765f21-969d-7f21-e34a-efc106175373%40apache.org%3E< / a > < br > < a href = "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.107" > http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.107< / a > < br > < a href = "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60" > http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60< / a > < br > < a href = "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40" > http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2021/01/14/1" > http://www.openwall.com/lists/oss-security/2021/01/14/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2021-24122" > https://access.redhat.com/security/cve/CVE-2021-24122< / a > < br > < a href = "https://github.com/advisories/GHSA-2rvv-w9r2-rg7m" > https://github.com/advisories/GHSA-2rvv-w9r2-rg7m< / a > < br > < a href = "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E" > https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html" > https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-24122" > https://nvd.nist.gov/vuln/detail/CVE-2021-24122< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210212-0008/" > https://security.netapp.com/advisory/ntap-20210212-0008/< / a > < br > < / details > |
| org.apache.tomcat.embed:tomcat-embed-websocket | CVE-2020-13935 | HIGH | 8.5.6 | 7.0.105, 8.5.57, 9.0.37, 10.0.2 | < details > < summary > Expand...< / summary > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html" > http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html< / a > < br > < a href = "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html" > http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html< / a > < br > < a href = "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202007.mbox/%3C39e4200c-6f4e-b85d-fe4b-a9c2bd5fdc3d%40apache.org%3E" > http://mail-archives.apache.org/mod_mbox/tomcat-announce/202007.mbox/%3C39e4200c-6f4e-b85d-fe4b-a9c2bd5fdc3d%40apache.org%3E< / a > < br > < a href = "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M7" > http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M7< / a > < br > < a href = "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.105" > http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.105< / a > < br > < a href = "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57" > http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57< / a > < br > < a href = "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.37" > http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.37< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2020-13935" > https://access.redhat.com/security/cve/CVE-2020-13935< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935< / a > < br > < a href = "https://github.com/advisories/GHSA-m7jv-hq7h-mq7c" > https://github.com/advisories/GHSA-m7jv-hq7h-mq7c< / a > < br > < a href = "https://kc.mcafee.com/corporate/index?page=content&id=SB10332" > https://kc.mcafee.com/corporate/index?page=content& id=SB10332< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2020-13935.html" > https://linux.oracle.com/cve/CVE-2020-13935.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2020-4004.html" > https://linux.oracle.com/errata/ELSA-2020-4004.html< / a > < br > < a href = "https://lists.apache.org/thread.html/r4e5d3c09f4dd2923191e972408b40fb8b42dbff0bc7904d44b651e50@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r4e5d3c09f4dd2923191e972408b40fb8b42dbff0bc7904d44b651e50@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rd48c72bd3255bda87564d4da3791517c074d94f8a701f93b85752651%40%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/rd48c72bd3255bda87564d4da3791517c074d94f8a701f93b85752651%40%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html" > https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-13935" > https://nvd.nist.gov/vuln/detail/CVE-2020-13935< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20200724-0003/" > https://security.netapp.com/advisory/ntap-20200724-0003/< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-4448-1" > https://ubuntu.com/security/notices/USN-4448-1< / a > < br > < a href = "https://ubuntu.com/security/notices/USN-4596-1" > https://ubuntu.com/security/notices/USN-4596-1< / a > < br > < a href = "https://usn.ubuntu.com/4448-1/" > https://usn.ubuntu.com/4448-1/< / a > < br > < a href = "https://usn.ubuntu.com/4596-1/" > https://usn.ubuntu.com/4596-1/< / a > < br > < a href = "https://www.debian.org/security/2020/dsa-4727" > https://www.debian.org/security/2020/dsa-4727< / a > < br > < a href = "https://www.openwall.com/lists/oss-security/2020/07/14/3" > https://www.openwall.com/lists/oss-security/2020/07/14/3< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuApr2021.html" > https://www.oracle.com/security-alerts/cpuApr2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2021.html" > https://www.oracle.com/securi
| org.apache.tomcat.embed:tomcat-embed-websocket | CVE-2021-24122 | MEDIUM | 8.5.6 | 10.0.0-M10, 9.0.40, 8.5.60, 7.0.107 | < details > < summary > Expand...< / summary > < a href = "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202101.mbox/%3Cf3765f21-969d-7f21-e34a-efc106175373%40apache.org%3E" > http://mail-archives.apache.org/mod_mbox/tomcat-announce/202101.mbox/%3Cf3765f21-969d-7f21-e34a-efc106175373%40apache.org%3E< / a > < br > < a href = "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.107" > http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.107< / a > < br > < a href = "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60" > http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.60< / a > < br > < a href = "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40" > http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.40< / a > < br > < a href = "http://www.openwall.com/lists/oss-security/2021/01/14/1" > http://www.openwall.com/lists/oss-security/2021/01/14/1< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2021-24122" > https://access.redhat.com/security/cve/CVE-2021-24122< / a > < br > < a href = "https://github.com/advisories/GHSA-2rvv-w9r2-rg7m" > https://github.com/advisories/GHSA-2rvv-w9r2-rg7m< / a > < br > < a href = "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E" > https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E" > https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E" > https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html" > https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2021-24122" > https://nvd.nist.gov/vuln/detail/CVE-2021-24122< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20210212-0008/" > https://security.netapp.com/advisory/ntap-20210212-0008/< / a > < br > < / details > |
| org.codehaus.groovy:groovy | CVE-2020-17521 | MEDIUM | 2.4.7 | 2.4.21, 2.5.14, 3.0.7 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2020-17521" > https://access.redhat.com/security/cve/CVE-2020-17521< / a > < br > < a href = "https://github.com/advisories/GHSA-rcjj-h6gh-jf3r" > https://github.com/advisories/GHSA-rcjj-h6gh-jf3r< / a > < br > < a href = "https://github.com/apache/groovy/commit/bcbe5c4c76db83736166530647c024ac1e47ef28" > https://github.com/apache/groovy/commit/bcbe5c4c76db83736166530647c024ac1e47ef28< / a > < br > < a href = "https://github.com/apache/groovy/pull/1425" > https://github.com/apache/groovy/pull/1425< / a > < br > < a href = "https://groovy-lang.org/security.html#CVE-2020-17521" > https://groovy-lang.org/security.html#CVE-2020-17521< / a > < br > < a href = "https://lists.apache.org/thread.html/r4b2f13c302eec98838ff7475253091fb9b75bc1038016ba00ebf6c08@%3Cdev.atlas.apache.org%3E" > https://lists.apache.org/thread.html/r4b2f13c302eec98838ff7475253091fb9b75bc1038016ba00ebf6c08@%3Cdev.atlas.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ra9dab34bf8625511f23692ad0fcee2725f782e9aad6c5cdff6cf4465@%3Cnotifications.groovy.apache.org%3E" > https://lists.apache.org/thread.html/ra9dab34bf8625511f23692ad0fcee2725f782e9aad6c5cdff6cf4465@%3Cnotifications.groovy.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rea63a4666ba245d2892471307772a2d8ce0f0741f341d6576625c1b3@%3Cdev.atlas.apache.org%3E" > https://lists.apache.org/thread.html/rea63a4666ba245d2892471307772a2d8ce0f0741f341d6576625c1b3@%3Cdev.atlas.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-17521" > https://nvd.nist.gov/vuln/detail/CVE-2020-17521< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20201218-0006/" > https://security.netapp.com/advisory/ntap-20201218-0006/< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuApr2021.html" > https://www.oracle.com/security-alerts/cpuApr2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2021.html" > https://www.oracle.com/security-alerts/cpujan2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2022.html" > https://www.oracle.com/security-alerts/cpujan2022.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < / details > |
| org.hibernate:hibernate-core | CVE-2020-25638 | HIGH | 5.0.11.Final | 5.3.20.Final, 5.4.24.Final | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2020-25638" > https://access.redhat.com/security/cve/CVE-2020-25638< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=1881353" > https://bugzilla.redhat.com/show_bug.cgi?id=1881353< / a > < br > < a href = "https://github.com/advisories/GHSA-j8jw-g6fq-mp7h" > https://github.com/advisories/GHSA-j8jw-g6fq-mp7h< / a > < br > < a href = "https://lists.apache.org/thread.html/r833c1276e41334fa675848a08daf0c61f39009f9f9a400d9f7006d44@%3Cdev.turbine.apache.org%3E" > https://lists.apache.org/thread.html/r833c1276e41334fa675848a08daf0c61f39009f9f9a400d9f7006d44@%3Cdev.turbine.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rf2378209c676a28b71f9b604a3b3517c448540b85367160e558ef9df@%3Ccommits.turbine.apache.org%3E" > https://lists.apache.org/thread.html/rf2378209c676a28b71f9b604a3b3517c448540b85367160e558ef9df@%3Ccommits.turbine.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2021/01/msg00000.html" > https://lists.debian.org/debian-lts-announce/2021/01/msg00000.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-25638" > https://nvd.nist.gov/vuln/detail/CVE-2020-25638< / a > < br > < a href = "https://www.debian.org/security/2021/dsa-4908" > https://www.debian.org/security/2021/dsa-4908< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < / details > |
| org.hibernate:hibernate-validator | CVE-2017-7536 | HIGH | 5.2.4.Final | 5.2.5.Final, 5.3.6.Final, 5.4.2.Final | < details > < summary > Expand...< / summary > < a href = "http://www.securityfocus.com/bid/101048" > http://www.securityfocus.com/bid/101048< / a > < br > < a href = "http://www.securitytracker.com/id/1039744" > http://www.securitytracker.com/id/1039744< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2808" > https://access.redhat.com/errata/RHSA-2017:2808< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2809" > https://access.redhat.com/errata/RHSA-2017:2809< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2810" > https://access.redhat.com/errata/RHSA-2017:2810< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:2811" > https://access.redhat.com/errata/RHSA-2017:2811< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3141" > https://access.redhat.com/errata/RHSA-2017:3141< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3454" > https://access.redhat.com/errata/RHSA-2017:3454< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3455" > https://access.redhat.com/errata/RHSA-2017:3455< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3456" > https://access.redhat.com/errata/RHSA-2017:3456< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3458" > https://access.redhat.com/errata/RHSA-2017:3458< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2740" > https://access.redhat.com/errata/RHSA-2018:2740< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2741" > https://access.redhat.com/errata/RHSA-2018:2741< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2742" > https://access.redhat.com/errata/RHSA-2018:2742< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2743" > https://access.redhat.com/errata/RHSA-2018:2743< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2927" > https://access.redhat.com/errata/RHSA-2018:2927< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:3817" > https://access.redhat.com/errata/RHSA-2018:3817< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2017-7536" > https://access.redhat.com/security/cve/CVE-2017-7536< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=1465573" > https://bugzilla.redhat.com/show_bug.cgi?id=1465573< / a > < br > < a href = "https://github.com/advisories/GHSA-xxgp-pcfc-3vgc" > https://github.com/advisories/GHSA-xxgp-pcfc-3vgc< / a > < br > < a href = "https://github.com/hibernate/hibernate-validator/commit/0778a5c98b817771a645c6f4ba0b28dd8b5437b" > https://github.com/hibernate/hibernate-validator/commit/0778a5c98b817771a645c6f4ba0b28dd8b5437b< / a > < br > < a href = "https://github.com/hibernate/hibernate-validator/commit/0886e89900d343ea20fde5137c9a3086e6da9ac" > https://github.com/hibernate/hibernate-validator/commit/0886e89900d343ea20fde5137c9a3086e6da9ac< / a > < br > < a href = "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E" > https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2017-7536" > https://nvd.nist.gov/vuln/detail/CVE-2017-7536< / a > < br > < / details > |
| org.hibernate:hibernate-validator | CVE-2020-10693 | MEDIUM | 5.2.4.Final | 6.0.20.Final, 6.1.5.Final, 7.0.0.CR1 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2020-10693" > https://access.redhat.com/security/cve/CVE-2020-10693< / a > < br > < a href = "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10693" > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10693< / a > < br > < a href = "https://github.com/advisories/GHSA-rmrm-75hp-phr2" > https://github.com/advisories/GHSA-rmrm-75hp-phr2< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2020-10693" > https://nvd.nist.gov/vuln/detail/CVE-2020-10693< / a > < br > < a href = "https://www.ibm.com/support/pages/node/6348216" > https://www.ibm.com/support/pages/node/6348216< / a > < br > < / details > |
| org.springframework.boot:spring-boot | CVE-2017-8046 | CRITICAL | 1.4.2.RELEASE | 1.5.9.RELEASE | < details > < summary > Expand...< / summary > < a href = "http://www.securityfocus.com/bid/100948" > http://www.securityfocus.com/bid/100948< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2405" > https://access.redhat.com/errata/RHSA-2018:2405< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2017-8046" > https://access.redhat.com/security/cve/CVE-2017-8046< / a > < br > < a href = "https://jira.spring.io/browse/DATAREST-1127" > https://jira.spring.io/browse/DATAREST-1127< / a > < br > < a href = "https://jira.spring.io/browse/DATAREST-1152" > https://jira.spring.io/browse/DATAREST-1152< / a > < br > < a href = "https://pivotal.io/security/cve-2017-8046" > https://pivotal.io/security/cve-2017-8046< / a > < br > < a href = "https://www.exploit-db.com/exploits/44289/" > https://www.exploit-db.com/exploits/44289/< / a > < br > < / details > |
| org.springframework.boot:spring-boot | CVE-2018-1196 | MEDIUM | 1.4.2.RELEASE | 1.5.10.RELEASE | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2018-1196" > https://access.redhat.com/security/cve/CVE-2018-1196< / a > < br > < a href = "https://github.com/advisories/GHSA-xx65-cc7g-9pfp" > https://github.com/advisories/GHSA-xx65-cc7g-9pfp< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-1196" > https://nvd.nist.gov/vuln/detail/CVE-2018-1196< / a > < br > < a href = "https://pivotal.io/security/cve-2018-1196" > https://pivotal.io/security/cve-2018-1196< / a > < br > < / details > |
2022-04-03 16:31:59 +00:00
| org.springframework.boot:spring-boot | GMS-2022-560 | UNKNOWN | 1.4.2.RELEASE | 2.5.12, 2.6.6 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-36p3-wjmg-h94x" > https://github.com/advisories/GHSA-36p3-wjmg-h94x< / a > < br > < a href = "https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12" > https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12< / a > < br > < a href = "https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6" > https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6< / a > < br > < a href = "https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15" > https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15< / a > < br > < a href = "https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE" > https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE< / a > < br > < a href = "https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18" > https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22965" > https://nvd.nist.gov/vuln/detail/CVE-2022-22965< / a > < br > < a href = "https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement" > https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement< / a > < br > < a href = "https://tanzu.vmware.com/security/cve-2022-22965" > https://tanzu.vmware.com/security/cve-2022-22965< / a > < br > < / details > |
| org.springframework.boot:spring-boot | GMS-2022-561 | UNKNOWN | 1.4.2.RELEASE | 2.5.12, 2.6.6 | < details > < summary > Expand...< / summary > < a href = "https://github.com/advisories/GHSA-36p3-wjmg-h94x" > https://github.com/advisories/GHSA-36p3-wjmg-h94x< / a > < br > < a href = "https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12" > https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12< / a > < br > < a href = "https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6" > https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6< / a > < br > < a href = "https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15" > https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15< / a > < br > < a href = "https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE" > https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE< / a > < br > < a href = "https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18" > https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22965" > https://nvd.nist.gov/vuln/detail/CVE-2022-22965< / a > < br > < a href = "https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement" > https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement< / a > < br > < a href = "https://tanzu.vmware.com/security/cve-2022-22965" > https://tanzu.vmware.com/security/cve-2022-22965< / a > < br > < / details > |
| org.springframework.boot:spring-boot-starter-web | CVE-2022-22965 | CRITICAL | 1.4.2.RELEASE | 2.6.6, 2.5.12 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22965" > https://access.redhat.com/security/cve/CVE-2022-22965< / a > < br > < a href = "https://github.com/advisories/GHSA-36p3-wjmg-h94x" > https://github.com/advisories/GHSA-36p3-wjmg-h94x< / a > < br > < a href = "https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12" > https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12< / a > < br > < a href = "https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6" > https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6< / a > < br > < a href = "https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15" > https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15< / a > < br > < a href = "https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE" > https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE< / a > < br > < a href = "https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18" > https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22965" > https://nvd.nist.gov/vuln/detail/CVE-2022-22965< / a > < br > < a href = "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005" > https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005< / a > < br > < a href = "https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement" > https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement< / a > < br > < a href = "https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds" > https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds< / a > < br > < a href = "https://tanzu.vmware.com/security/cve-2022-22965" > https://tanzu.vmware.com/security/cve-2022-22965< / a > < br > < a href = "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67" > https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67< / a > < br > < a href = "https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html" > https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html< / a > < br > < a href = "https://www.praetorian.com/blog/spring-core-jdk9-rce/" > https://www.praetorian.com/blog/spring-core-jdk9-rce/< / a > < br > < / details > |
2022-03-30 20:23:21 +00:00
| org.springframework.data:spring-data-commons | CVE-2018-1273 | CRITICAL | 1.12.5.RELEASE | 2.0.6.RELEASE | < details > < summary > Expand...< / summary > < a href = "http://mail-archives.apache.org/mod_mbox/ignite-dev/201807.mbox/%3CCAK0qHnqzfzmCDFFi6c5Jok19zNkVCz5Xb4sU%3D0f2J_1i4p46zQ%40mail.gmail.com%3E" > http://mail-archives.apache.org/mod_mbox/ignite-dev/201807.mbox/%3CCAK0qHnqzfzmCDFFi6c5Jok19zNkVCz5Xb4sU%3D0f2J_1i4p46zQ%40mail.gmail.com%3E< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-1273" > https://access.redhat.com/security/cve/CVE-2018-1273< / a > < br > < a href = "https://github.com/advisories/GHSA-4fq3-mr56-cg6r" > https://github.com/advisories/GHSA-4fq3-mr56-cg6r< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-1273" > https://nvd.nist.gov/vuln/detail/CVE-2018-1273< / a > < br > < a href = "https://pivotal.io/security/cve-2018-1273" > https://pivotal.io/security/cve-2018-1273< / a > < br > < / details > |
2022-04-03 16:31:59 +00:00
| org.springframework:spring-beans | CVE-2022-22965 | CRITICAL | 4.3.4.RELEASE | 5.3.18, 5.2.20 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22965" > https://access.redhat.com/security/cve/CVE-2022-22965< / a > < br > < a href = "https://github.com/advisories/GHSA-36p3-wjmg-h94x" > https://github.com/advisories/GHSA-36p3-wjmg-h94x< / a > < br > < a href = "https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12" > https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12< / a > < br > < a href = "https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6" > https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6< / a > < br > < a href = "https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15" > https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15< / a > < br > < a href = "https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE" > https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE< / a > < br > < a href = "https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18" > https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22965" > https://nvd.nist.gov/vuln/detail/CVE-2022-22965< / a > < br > < a href = "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005" > https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005< / a > < br > < a href = "https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement" > https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement< / a > < br > < a href = "https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds" > https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds< / a > < br > < a href = "https://tanzu.vmware.com/security/cve-2022-22965" > https://tanzu.vmware.com/security/cve-2022-22965< / a > < br > < a href = "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67" > https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67< / a > < br > < a href = "https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html" > https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html< / a > < br > < a href = "https://www.praetorian.com/blog/spring-core-jdk9-rce/" > https://www.praetorian.com/blog/spring-core-jdk9-rce/< / a > < br > < / details > |
2022-03-30 20:23:21 +00:00
| org.springframework:spring-core | CVE-2018-1270 | CRITICAL | 4.3.4.RELEASE | 4.3.16, 5.0.5 | < details > < summary > Expand...< / summary > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" > http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html< / a > < br > < a href = "http://www.securityfocus.com/bid/103696" > http://www.securityfocus.com/bid/103696< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2939" > https://access.redhat.com/errata/RHSA-2018:2939< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-1270" > https://access.redhat.com/security/cve/CVE-2018-1270< / a > < br > < a href = "https://bugs.launchpad.net/ubuntu/+source/saaj/+bug/1814133" > https://bugs.launchpad.net/ubuntu/+source/saaj/+bug/1814133< / a > < br > < a href = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1270" > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1270< / a > < br > < a href = "https://github.com/advisories/GHSA-p5hg-3xm3-gcjg" > https://github.com/advisories/GHSA-p5hg-3xm3-gcjg< / a > < br > < a href = "https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" > https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html" > https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-1270" > https://nvd.nist.gov/vuln/detail/CVE-2018-1270< / a > < br > < a href = "https://pivotal.io/security/cve-2018-1270" > https://pivotal.io/security/cve-2018-1270< / a > < br > < a href = "https://www.exploit-db.com/exploits/44796/" > https://www.exploit-db.com/exploits/44796/< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujul2020.html" > https://www.oracle.com/security-alerts/cpujul2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" > https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" > https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html< / a > < br > < / details > |
| org.springframework:spring-core | CVE-2018-1275 | CRITICAL | 4.3.4.RELEASE | 5.0.5, 4.3.16 | < details > < summary > Expand...< / summary > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" > http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html< / a > < br > < a href = "http://www.securityfocus.com/bid/103771" > http://www.securityfocus.com/bid/103771< / a > < br > < a href = "http://www.securitytracker.com/id/1041301" > http://www.securitytracker.com/id/1041301< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1320" > https://access.redhat.com/errata/RHSA-2018:1320< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2939" > https://access.redhat.com/errata/RHSA-2018:2939< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-1275" > https://access.redhat.com/security/cve/CVE-2018-1275< / a > < br > < a href = "https://github.com/advisories/GHSA-3rmv-2pg5-xvqj" > https://github.com/advisories/GHSA-3rmv-2pg5-xvqj< / a > < br > < a href = "https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-1275" > https://nvd.nist.gov/vuln/detail/CVE-2018-1275< / a > < br > < a href = "https://pivotal.io/security/cve-2018-1275" > https://pivotal.io/security/cve-2018-1275< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujul2020.html" > https://www.oracle.com/security-alerts/cpujul2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" > https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" > https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html< / a > < br > < / details > |
| org.springframework:spring-core | CVE-2016-9878 | HIGH | 4.3.4.RELEASE | 4.3.5, 4.2.9, 3.2.18 | < details > < summary > Expand...< / summary > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" > http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" > http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" > http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html< / a > < br > < a href = "http://www.securityfocus.com/bid/95072" > http://www.securityfocus.com/bid/95072< / a > < br > < a href = "http://www.securitytracker.com/id/1040698" > http://www.securitytracker.com/id/1040698< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2017:3115" > https://access.redhat.com/errata/RHSA-2017:3115< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2016-9878" > https://access.redhat.com/security/cve/CVE-2016-9878< / a > < br > < a href = "https://github.com/advisories/GHSA-2m8h-fgr8-2q9w" > https://github.com/advisories/GHSA-2m8h-fgr8-2q9w< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2019/07/msg00012.html" > https://lists.debian.org/debian-lts-announce/2019/07/msg00012.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2016-9878" > https://nvd.nist.gov/vuln/detail/CVE-2016-9878< / a > < br > < a href = "https://pivotal.io/security/cve-2016-9878" > https://pivotal.io/security/cve-2016-9878< / a > < br > < a href = "https://security.netapp.com/advisory/ntap-20180419-0002/" > https://security.netapp.com/advisory/ntap-20180419-0002/< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" > https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html< / a > < br > < / details > |
| org.springframework:spring-core | CVE-2018-1199 | HIGH | 4.3.4.RELEASE | 5.0.3, 4.3.14 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/errata/RHSA-2018:2405" > https://access.redhat.com/errata/RHSA-2018:2405< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-1199" > https://access.redhat.com/security/cve/CVE-2018-1199< / a > < br > < a href = "https://github.com/advisories/GHSA-v596-fwhq-8x48" > https://github.com/advisories/GHSA-v596-fwhq-8x48< / a > < br > < a href = "https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-1199" > https://nvd.nist.gov/vuln/detail/CVE-2018-1199< / a > < br > < a href = "https://pivotal.io/security/cve-2018-1199" > https://pivotal.io/security/cve-2018-1199< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujul2020.html" > https://www.oracle.com/security-alerts/cpujul2020.html< / a > < br > < / details > |
| org.springframework:spring-core | CVE-2018-1272 | HIGH | 4.3.4.RELEASE | 5.0.5, 4.3.15 | < details > < summary > Expand...< / summary > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" > http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html< / a > < br > < a href = "http://www.securityfocus.com/bid/103697" > http://www.securityfocus.com/bid/103697< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1320" > https://access.redhat.com/errata/RHSA-2018:1320< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2669" > https://access.redhat.com/errata/RHSA-2018:2669< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-1272" > https://access.redhat.com/security/cve/CVE-2018-1272< / a > < br > < a href = "https://exchange.xforce.ibmcloud.com/vulnerabilities/141286" > https://exchange.xforce.ibmcloud.com/vulnerabilities/141286< / a > < br > < a href = "https://github.com/advisories/GHSA-4487-x383-qpph" > https://github.com/advisories/GHSA-4487-x383-qpph< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-1272" > https://nvd.nist.gov/vuln/detail/CVE-2018-1272< / a > < br > < a href = "https://pivotal.io/security/cve-2018-1272" > https://pivotal.io/security/cve-2018-1272< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujul2020.html" > https://www.oracle.com/security-alerts/cpujul2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" > https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" > https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html< / a > < br > < / details > |
| org.springframework:spring-core | CVE-2018-15756 | HIGH | 4.3.4.RELEASE | 4.3.20, 5.0.10, 5.1.1 | < details > < summary > Expand...< / summary > < a href = "http://www.securityfocus.com/bid/105703" > http://www.securityfocus.com/bid/105703< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-15756" > https://access.redhat.com/security/cve/CVE-2018-15756< / a > < br > < a href = "https://github.com/advisories/GHSA-ffvq-7w96-97p7" > https://github.com/advisories/GHSA-ffvq-7w96-97p7< / a > < br > < a href = "https://lists.apache.org/thread.html/339fd112517e4873695b5115b96acdddbfc8f83b10598528d37c7d12@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/339fd112517e4873695b5115b96acdddbfc8f83b10598528d37c7d12@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/77886fec378ee6064debb1efb6b464a4a0173b2ff0d151ed86d3a228@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/77886fec378ee6064debb1efb6b464a4a0173b2ff0d151ed86d3a228@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/7b156ee50ba3ecce87b33c06bf7a749d84ffee55e69bfb5eca88fcc3@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/7b156ee50ba3ecce87b33c06bf7a749d84ffee55e69bfb5eca88fcc3@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/8a1fe70534fc52ff5c9db5ac29c55657f802cbefd7e9d9850c7052bd@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/8a1fe70534fc52ff5c9db5ac29c55657f802cbefd7e9d9850c7052bd@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/a3071e11c6fbd593022074ec1b4693f6d948c2b02cfa4a5d854aed68@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/a3071e11c6fbd593022074ec1b4693f6d948c2b02cfa4a5d854aed68@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/bb354962cb51fff65740d5fb1bc2aac56af577c06244b57c36f98e4d@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/bb354962cb51fff65740d5fb1bc2aac56af577c06244b57c36f98e4d@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/d6a84f52db89804b0ad965f3ea2b24bb880edee29107a1c5069cc3dd@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/d6a84f52db89804b0ad965f3ea2b24bb880edee29107a1c5069cc3dd@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/efaa52b0aa67aae7cbd9e6ef96945387e422d7ce0e65434570a37b1d@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/efaa52b0aa67aae7cbd9e6ef96945387e422d7ce0e65434570a37b1d@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/f8905507a2c94af6b08b72d7be0c4b8c6660e585f00abfafeccc86bc@%3Cissues.activemq.apache.org%3E" > https://lists.apache.org/thread.html/f8905507a2c94af6b08b72d7be0c4b8c6660e585f00abfafeccc86bc@%3Cissues.activemq.apache.org%3E< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html" > https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-15756" > https://nvd.nist.gov/vuln/detail/CVE-2018-15756< / a > < br > < a href = "https://pivotal.io/security/cve-2018-15756" > https://pivotal.io/security/cve-2018-15756< / a > < br > < a href = "https://www.oracle.com//security-alerts/cpujul2021.html" > https://www.oracle.com//security-alerts/cpujul2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuapr2020.html" > https://www.oracle.com/security-alerts/cpuapr2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2020.html" > https://www.oracle.com/security-alerts/cpujan2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2021.html" > https://www.oracle.com/security-alerts/cpujan2021.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujul2020.html" > https://www.oracle.com/security-alerts/cpujul2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < a href = "https://www.oracle.com/
| org.springframework:spring-core | CVE-2018-11039 | MEDIUM | 4.3.4.RELEASE | 4.3.18, 5.0.7 | < details > < summary > Expand...< / summary > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html< / a > < br > < a href = "http://www.securityfocus.com/bid/107984" > http://www.securityfocus.com/bid/107984< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-11039" > https://access.redhat.com/security/cve/CVE-2018-11039< / a > < br > < a href = "https://github.com/advisories/GHSA-9gcm-f4x3-8jpw" > https://github.com/advisories/GHSA-9gcm-f4x3-8jpw< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html" > https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-11039" > https://nvd.nist.gov/vuln/detail/CVE-2018-11039< / a > < br > < a href = "https://pivotal.io/security/cve-2018-11039" > https://pivotal.io/security/cve-2018-11039< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2020.html" > https://www.oracle.com/security-alerts/cpujan2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujul2020.html" > https://www.oracle.com/security-alerts/cpujul2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" > https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" > https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" > https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html< / a > < br > < / details > |
| org.springframework:spring-core | CVE-2018-11040 | MEDIUM | 4.3.4.RELEASE | 4.3.18, 5.0.7 | < details > < summary > Expand...< / summary > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-11040" > https://access.redhat.com/security/cve/CVE-2018-11040< / a > < br > < a href = "https://github.com/advisories/GHSA-f26x-pr96-vw86" > https://github.com/advisories/GHSA-f26x-pr96-vw86< / a > < br > < a href = "https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html" > https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-11040" > https://nvd.nist.gov/vuln/detail/CVE-2018-11040< / a > < br > < a href = "https://pivotal.io/security/cve-2018-11040" > https://pivotal.io/security/cve-2018-11040< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2020.html" > https://www.oracle.com/security-alerts/cpujan2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujul2020.html" > https://www.oracle.com/security-alerts/cpujul2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" > https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" > https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" > https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html< / a > < br > < / details > |
| org.springframework:spring-core | CVE-2018-1257 | MEDIUM | 4.3.4.RELEASE | 4.3.17, 5.0.6 | < details > < summary > Expand...< / summary > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html< / a > < br > < a href = "http://www.securityfocus.com/bid/104260" > http://www.securityfocus.com/bid/104260< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1809" > https://access.redhat.com/errata/RHSA-2018:1809< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:3768" > https://access.redhat.com/errata/RHSA-2018:3768< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-1257" > https://access.redhat.com/security/cve/CVE-2018-1257< / a > < br > < a href = "https://github.com/advisories/GHSA-rcpf-vj53-7h2m" > https://github.com/advisories/GHSA-rcpf-vj53-7h2m< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-1257" > https://nvd.nist.gov/vuln/detail/CVE-2018-1257< / a > < br > < a href = "https://pivotal.io/security/cve-2018-1257" > https://pivotal.io/security/cve-2018-1257< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujan2020.html" > https://www.oracle.com/security-alerts/cpujan2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujul2020.html" > https://www.oracle.com/security-alerts/cpujul2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" > https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" > https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" > https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html< / a > < br > < / details > |
| org.springframework:spring-core | CVE-2018-1271 | MEDIUM | 4.3.4.RELEASE | 4.3.15, 5.0.5 | < details > < summary > Expand...< / summary > < a href = "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" > http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html< / a > < br > < a href = "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" > http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html< / a > < br > < a href = "http://www.securityfocus.com/bid/103699" > http://www.securityfocus.com/bid/103699< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:1320" > https://access.redhat.com/errata/RHSA-2018:1320< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2669" > https://access.redhat.com/errata/RHSA-2018:2669< / a > < br > < a href = "https://access.redhat.com/errata/RHSA-2018:2939" > https://access.redhat.com/errata/RHSA-2018:2939< / a > < br > < a href = "https://access.redhat.com/security/cve/CVE-2018-1271" > https://access.redhat.com/security/cve/CVE-2018-1271< / a > < br > < a href = "https://github.com/advisories/GHSA-g8hw-794c-4j9g" > https://github.com/advisories/GHSA-g8hw-794c-4j9g< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2018-1271" > https://nvd.nist.gov/vuln/detail/CVE-2018-1271< / a > < br > < a href = "https://pivotal.io/security/cve-2018-1271" > https://pivotal.io/security/cve-2018-1271< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpujul2020.html" > https://www.oracle.com/security-alerts/cpujul2020.html< / a > < br > < a href = "https://www.oracle.com/security-alerts/cpuoct2021.html" > https://www.oracle.com/security-alerts/cpuoct2021.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" > https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html< / a > < br > < a href = "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" > https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html< / a > < br > < / details > |
2022-04-12 17:24:36 +00:00
| org.springframework:spring-core | CVE-2022-22950 | MEDIUM | 4.3.4.RELEASE | 5.2.20, 5.3.16 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22950" > https://access.redhat.com/security/cve/CVE-2022-22950< / a > < br > < a href = "https://github.com/advisories/GHSA-558x-2xjg-6232" > https://github.com/advisories/GHSA-558x-2xjg-6232< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22950" > https://nvd.nist.gov/vuln/detail/CVE-2022-22950< / a > < br > < a href = "https://tanzu.vmware.com/security/cve-2022-22950" > https://tanzu.vmware.com/security/cve-2022-22950< / a > < br > < / details > |
2022-04-03 16:31:59 +00:00
| org.springframework:spring-webmvc | CVE-2022-22965 | CRITICAL | 4.3.4.RELEASE | 5.3.18, 5.2.20 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2022-22965" > https://access.redhat.com/security/cve/CVE-2022-22965< / a > < br > < a href = "https://github.com/advisories/GHSA-36p3-wjmg-h94x" > https://github.com/advisories/GHSA-36p3-wjmg-h94x< / a > < br > < a href = "https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12" > https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12< / a > < br > < a href = "https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6" > https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6< / a > < br > < a href = "https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15" > https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15< / a > < br > < a href = "https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE" > https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE< / a > < br > < a href = "https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18" > https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18< / a > < br > < a href = "https://nvd.nist.gov/vuln/detail/CVE-2022-22965" > https://nvd.nist.gov/vuln/detail/CVE-2022-22965< / a > < br > < a href = "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005" > https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005< / a > < br > < a href = "https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement" > https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement< / a > < br > < a href = "https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds" > https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds< / a > < br > < a href = "https://tanzu.vmware.com/security/cve-2022-22965" > https://tanzu.vmware.com/security/cve-2022-22965< / a > < br > < a href = "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67" > https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67< / a > < br > < a href = "https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html" > https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html< / a > < br > < a href = "https://www.praetorian.com/blog/spring-core-jdk9-rce/" > https://www.praetorian.com/blog/spring-core-jdk9-rce/< / a > < br > < / details > |
| org.yaml:snakeyaml | CVE-2017-18640 | HIGH | 1.17 | 1.26 | < details > < summary > Expand...< / summary > < a href = "https://access.redhat.com/security/cve/CVE-2017-18640" > https://access.redhat.com/security/cve/CVE-2017-18640< / a > < br > < a href = "https://bitbucket.org/asomov/snakeyaml/commits/da11ddbd91c1f8392ea932b37fa48110fa54ed8c" > https://bitbucket.org/asomov/snakeyaml/commits/da11ddbd91c1f8392ea932b37fa48110fa54ed8c< / a > < br > < a href = "https://bitbucket.org/asomov/snakeyaml/issues/377/allow-configuration-for-preventing-billion" > https://bitbucket.org/asomov/snakeyaml/issues/377/allow-configuration-for-preventing-billion< / a > < br > < a href = "https://bitbucket.org/asomov/snakeyaml/wiki/Billion%20laughs%20attack" > https://bitbucket.org/asomov/snakeyaml/wiki/Billion%20laughs%20attack< / a > < br > < a href = "https://bitbucket.org/asomov/snakeyaml/wiki/Changes" > https://bitbucket.org/asomov/snakeyaml/wiki/Changes< / a > < br > < a href = "https://github.com/advisories/GHSA-rvwf-54qp-4r6v" > https://github.com/advisories/GHSA-rvwf-54qp-4r6v< / a > < br > < a href = "https://linux.oracle.com/cve/CVE-2017-18640.html" > https://linux.oracle.com/cve/CVE-2017-18640.html< / a > < br > < a href = "https://linux.oracle.com/errata/ELSA-2020-4807.html" > https://linux.oracle.com/errata/ELSA-2020-4807.html< / a > < br > < a href = "https://lists.apache.org/thread.html/r1058e7646988394de6a3fd0857ea9b1ee0de14d7bb28fee5ff782457@%3Ccommits.atlas.apache.org%3E" > https://lists.apache.org/thread.html/r1058e7646988394de6a3fd0857ea9b1ee0de14d7bb28fee5ff782457@%3Ccommits.atlas.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r154090b871cf96d985b90864442d84eb027c72c94bc3f0a5727ba2d1@%3Ccommon-issues.hadoop.apache.org%3E" > https://lists.apache.org/thread.html/r154090b871cf96d985b90864442d84eb027c72c94bc3f0a5727ba2d1@%3Ccommon-issues.hadoop.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r16ae4e529401b75a1f5aa462b272b31bf2a108236f882f06fddc14bc@%3Ccommon-issues.hadoop.apache.org%3E" > https://lists.apache.org/thread.html/r16ae4e529401b75a1f5aa462b272b31bf2a108236f882f06fddc14bc@%3Ccommon-issues.hadoop.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1703a402f30c8a2ee409f8c6f393e95a63f8c952cc9ee5bf9dd586dc@%3Ccommits.cassandra.apache.org%3E" > https://lists.apache.org/thread.html/r1703a402f30c8a2ee409f8c6f393e95a63f8c952cc9ee5bf9dd586dc@%3Ccommits.cassandra.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r182e9cf6f3fb22b9be0cac4ff0685199741d2ab6e9a4e27a3693c224@%3Ccommon-issues.hadoop.apache.org%3E" > https://lists.apache.org/thread.html/r182e9cf6f3fb22b9be0cac4ff0685199741d2ab6e9a4e27a3693c224@%3Ccommon-issues.hadoop.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r191ceadb1b883357384981848dfa5235cb02a90070c553afbaf9b3d9@%3Ccommits.cassandra.apache.org%3E" > https://lists.apache.org/thread.html/r191ceadb1b883357384981848dfa5235cb02a90070c553afbaf9b3d9@%3Ccommits.cassandra.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1aab47b48a757c70e40fc0bcb1fcf1a3951afa6a17aee7cd66cf79f8@%3Ccommon-commits.hadoop.apache.org%3E" > https://lists.apache.org/thread.html/r1aab47b48a757c70e40fc0bcb1fcf1a3951afa6a17aee7cd66cf79f8@%3Ccommon-commits.hadoop.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1dfac8b6a7097bcb4979402bbb6e2f8c36d0d9001e3018717eb22b7e@%3Cdev.atlas.apache.org%3E" > https://lists.apache.org/thread.html/r1dfac8b6a7097bcb4979402bbb6e2f8c36d0d9001e3018717eb22b7e@%3Cdev.atlas.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r1ffce2ed3017e9964f03ad2c539d69e49144fc8e9bf772d641612f98@%3Ccommits.cassandra.apache.org%3E" > https://lists.apache.org/thread.html/r1ffce2ed3017e9964f03ad2c539d69e49144fc8e9bf772d641612f98@%3Ccommits.cassandra.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r20350031c60a77b45e0eded33e9b3e9cb0cbfc5e24e1c63bf264df12@%3Ccommits.cassandra.apache.org%3E" > https://lists.apache.org/thread.html/r20350031c60a77b45e0eded33e9b3e9cb0cbfc5e24e1c63bf264df12@%3Ccommits.cassandra.apache.org%3E< / a > < br > < a href = "https://lists.apache.org/thread.html/r22ac2aa05
