TrueChartsClone/charts/stable/ubooquity/security.md

168 lines
613 KiB
Markdown
Raw Normal View History

---
hide:
- toc
---
# Security Overview
<link href="https://truecharts.org/_static/trivy.css" type="text/css" rel="stylesheet" />
## Helm-Chart
##### Scan Results
#### Chart Object: ubooquity/templates/common.yaml
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;securityContext.allowPrivilegeEscalation&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv001">https://avd.aquasec.com/appshield/ksv001</a><br></details> |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;RELEASE-NAME-ubooquity&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/appshield/ksv003">https://avd.aquasec.com/appshield/ksv003</a><br></details> |
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | <details><summary>Expand...</summary> Enforcing CPU limits prevents DoS via resource exhaustion. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;resources.limits.cpu&#39; </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv011">https://avd.aquasec.com/appshield/ksv011</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;RELEASE-NAME-ubooquity&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | <details><summary>Expand...</summary> When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;resources.requests.cpu&#39; </details>| <details><summary>Expand...</summary><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits">https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits</a><br><a href="https://avd.aquasec.com/appshield/ksv015">https://avd.aquasec.com/appshield/ksv015</a><br></details> |
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | <details><summary>Expand...</summary> When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;resources.requests.memory&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv016">https://avd.aquasec.com/appshield/ksv016</a><br></details> |
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | <details><summary>Expand...</summary> Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;securityContext.privileged&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv017">https://avd.aquasec.com/appshield/ksv017</a><br></details> |
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | <details><summary>Expand...</summary> Enforcing memory limits prevents DoS via resource exhaustion. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;resources.limits.memory&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-resources-limits-memory/">https://kubesec.io/basics/containers-resources-limits-memory/</a><br><a href="https://avd.aquasec.com/appshield/ksv018">https://avd.aquasec.com/appshield/ksv018</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-ubooquity&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv020">https://avd.aquasec.com/appshield/ksv020</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-ubooquity&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;hostpatch&#39; of Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/appshield/ksv021">https://avd.aquasec.com/appshield/ksv021</a><br></details> |
| Kubernetes Security Check | KSV023 | hostPath volumes mounted | MEDIUM | <details><summary>Expand...</summary> HostPath volumes must be forbidden. <br> <hr> <br> Deployment &#39;RELEASE-NAME-ubooquity&#39; should not set &#39;spec.template.volumes.hostPath&#39; </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/appshield/ksv023">https://avd.aquasec.com/appshield/ksv023</a><br></details> |
| Kubernetes Security Check | KSV029 | A root primary or supplementary GID set | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root primary or supplementary GID. <br> <hr> <br> Deployment &#39;RELEASE-NAME-ubooquity&#39; should set &#39;spec.securityContext.runAsGroup&#39;, &#39;spec.securityContext.supplementalGroups[*]&#39; and &#39;spec.securityContext.fsGroup&#39; to integer greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv029">https://avd.aquasec.com/appshield/ksv029</a><br></details> |
## Containers
##### Detected Containers
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/ubooquity:v2.1.2
##### Scan Results
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details> |
#### Container: tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583 (alpine 3.15.2)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| busybox | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
| ssl_client | CVE-2022-28391 | CRITICAL | 1.34.1-r4 | 1.34.1-r5 | <details><summary>Expand...</summary><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch</a><br><a href="https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch">https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch</a><br><a href="https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661">https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-28391">https://nvd.nist.gov/vuln/detail/CVE-2022-28391</a><br></details> |
| zlib | CVE-2018-25032 | HIGH | 1.2.11-r3 | 1.2.12-r0 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2022/03/25/2">http://www.openwall.com/lists/oss-security/2022/03/25/2</a><br><a href="http://www.openwall.com/lists/oss-security/2022/03/26/1">http://www.openwall.com/lists/oss-security/2022/03/26/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-25032">https://access.redhat.com/security/cve/CVE-2018-25032</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032</a><br><a href="https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531">https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531</a><br><a href="https://github.com/madler/zlib/compare/v1.2.11...v1.2.12">https://github.com/madler/zlib/compare/v1.2.11...v1.2.12</a><br><a href="https://github.com/madler/zlib/issues/605">https://github.com/madler/zlib/issues/605</a><br><a href="https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4">https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4</a><br><a href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5">https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5</a><br><a href="https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ">https://groups.google.com/g/ruby-security-ann/c/vX7qSjsvWis/m/TJWN4oOKBwAJ</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html">https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-25032">https://nvd.nist.gov/vuln/detail/CVE-2018-25032</a><br><a href="https://ubuntu.com/security/notices/USN-5355-1">https://ubuntu.com/security/notices/USN-5355-1</a><br><a href="https://ubuntu.com/security/notices/USN-5355-2">https://ubuntu.com/security/notices/USN-5355-2</a><br><a href="https://ubuntu.com/security/notices/USN-5359-1">https://ubuntu.com/security/notices/USN-5359-1</a><br><a href="https://www.debian.org/security/2022/dsa-5111">https://www.debian.org/security/2022/dsa-5111</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/24/1">https://www.openwall.com/lists/oss-security/2022/03/24/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/1">https://www.openwall.com/lists/oss-security/2022/03/28/1</a><br><a href="https://www.openwall.com/lists/oss-security/2022/03/28/3">https://www.openwall.com/lists/oss-security/2022/03/28/3</a><br></details> |
#### Container: Java
**jar**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| ch.qos.logback:logback-classic | CVE-2017-5929 | CRITICAL | 1.1.3 | 1.2.0 | <details><summary>Expand...</summary><a href="http://www.cvedetails.com/cve/CVE-2017-5929/">http://www.cvedetails.com/cve/CVE-2017-5929/</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1675">https://access.redhat.com/errata/RHSA-2017:1675</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1676">https://access.redhat.com/errata/RHSA-2017:1676</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1832">https://access.redhat.com/errata/RHSA-2017:1832</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2927">https://access.redhat.com/errata/RHSA-2018:2927</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-5929">https://access.redhat.com/security/cve/CVE-2017-5929</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5929">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5929</a><br><a href="https://github.com/advisories/GHSA-vmfg-rjjm-rjrj">https://github.com/advisories/GHSA-vmfg-rjjm-rjrj</a><br><a href="https://github.com/qos-ch/logback/commit/f46044b805bca91efe5fd6afe52257cd02f775f8">https://github.com/qos-ch/logback/commit/f46044b805bca91efe5fd6afe52257cd02f775f8</a><br><a href="https://lists.apache.org/thread.html/18d509024d9aeb07f0e9579066f80bf5d4dcf20467b0c240043890d1@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/18d509024d9aeb07f0e9579066f80bf5d4dcf20467b0c240043890d1@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/a6db61616180d73711d6db25703085940026e2dbc40f153f9d22b203@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/a6db61616180d73711d6db25703085940026e2dbc40f153f9d22b203@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/fa4eaaa6ff41ac6f79811e053c152ee89b7c5da8a6ac848ae97df67f@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/fa4eaaa6ff41ac6f79811e053c152ee89b7c5da8a6ac848ae97df67f@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0bb19330e48d5ad784fa20dacba9e5538d8d60f5cd9142e0f1432b4b@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/r0bb19330e48d5ad784fa20dacba9e5538d8d60f5cd9142e0f1432b4b@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2a08573ddee4a86dc96d469485a5843a01710ee0dc2078dfca410c79@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/r2a08573ddee4a86dc96d469485a5843a01710ee0dc2078dfca410c79@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2c2d57ca180e8173c90fe313ddf8eabbdcf8e3ae196f8b9f42599790@%3Ccommits.mnemonic.apache.org%3E">https://lists.apache.org/thread.html/r2c2d57ca180e8173c90fe313ddf8eabbdcf8e3ae196f8b9f42599790@%3Ccommits.mnemonic.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r397bf63783240fbb5713389d3f889d287ae0c11509006700ac720037@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/r397bf63783240fbb5713389d3f889d287ae0c11509006700ac720037@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4673642893562c58cbee60c151ded6c077e8a2d02296e862224a9161@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/r4673642893562c58cbee60c151ded6c077e8a2d02296e862224a9161@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r632ec30791b441e2eb5a3129532bf1b689bf181d0ef7daf50bcf0fd6@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/r632ec30791b441e2eb5a3129532bf1b689bf181d0ef7daf50bcf0fd6@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r718f27bed898008a8e037d9cc848cfc1df4d18abcbaee0cb0c142cfb@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/r718f27bed898008a8e037d9cc848cfc1df4d18abcbaee0cb0c142cfb@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r967953a14e05016bc4bcae9ef3dd92e7701
| ch.qos.logback:logback-core | CVE-2017-5929 | CRITICAL | 1.1.3 | 1.2.0 | <details><summary>Expand...</summary><a href="http://www.cvedetails.com/cve/CVE-2017-5929/">http://www.cvedetails.com/cve/CVE-2017-5929/</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1675">https://access.redhat.com/errata/RHSA-2017:1675</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1676">https://access.redhat.com/errata/RHSA-2017:1676</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1832">https://access.redhat.com/errata/RHSA-2017:1832</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2927">https://access.redhat.com/errata/RHSA-2018:2927</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-5929">https://access.redhat.com/security/cve/CVE-2017-5929</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5929">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5929</a><br><a href="https://github.com/advisories/GHSA-vmfg-rjjm-rjrj">https://github.com/advisories/GHSA-vmfg-rjjm-rjrj</a><br><a href="https://github.com/qos-ch/logback/commit/f46044b805bca91efe5fd6afe52257cd02f775f8">https://github.com/qos-ch/logback/commit/f46044b805bca91efe5fd6afe52257cd02f775f8</a><br><a href="https://lists.apache.org/thread.html/18d509024d9aeb07f0e9579066f80bf5d4dcf20467b0c240043890d1@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/18d509024d9aeb07f0e9579066f80bf5d4dcf20467b0c240043890d1@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/a6db61616180d73711d6db25703085940026e2dbc40f153f9d22b203@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/a6db61616180d73711d6db25703085940026e2dbc40f153f9d22b203@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/fa4eaaa6ff41ac6f79811e053c152ee89b7c5da8a6ac848ae97df67f@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/fa4eaaa6ff41ac6f79811e053c152ee89b7c5da8a6ac848ae97df67f@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0bb19330e48d5ad784fa20dacba9e5538d8d60f5cd9142e0f1432b4b@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/r0bb19330e48d5ad784fa20dacba9e5538d8d60f5cd9142e0f1432b4b@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2a08573ddee4a86dc96d469485a5843a01710ee0dc2078dfca410c79@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/r2a08573ddee4a86dc96d469485a5843a01710ee0dc2078dfca410c79@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2c2d57ca180e8173c90fe313ddf8eabbdcf8e3ae196f8b9f42599790@%3Ccommits.mnemonic.apache.org%3E">https://lists.apache.org/thread.html/r2c2d57ca180e8173c90fe313ddf8eabbdcf8e3ae196f8b9f42599790@%3Ccommits.mnemonic.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r397bf63783240fbb5713389d3f889d287ae0c11509006700ac720037@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/r397bf63783240fbb5713389d3f889d287ae0c11509006700ac720037@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4673642893562c58cbee60c151ded6c077e8a2d02296e862224a9161@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/r4673642893562c58cbee60c151ded6c077e8a2d02296e862224a9161@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r632ec30791b441e2eb5a3129532bf1b689bf181d0ef7daf50bcf0fd6@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/r632ec30791b441e2eb5a3129532bf1b689bf181d0ef7daf50bcf0fd6@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r718f27bed898008a8e037d9cc848cfc1df4d18abcbaee0cb0c142cfb@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/r718f27bed898008a8e037d9cc848cfc1df4d18abcbaee0cb0c142cfb@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r967953a14e05016bc4bcae9ef3dd92e7701811
| ch.qos.logback:logback-core | CVE-2021-42550 | MEDIUM | 1.1.3 | | <details><summary>Expand...</summary><a href="http://logback.qos.ch/news.html">http://logback.qos.ch/news.html</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-42550">https://access.redhat.com/security/cve/CVE-2021-42550</a><br><a href="https://cve.report/CVE-2021-42550">https://cve.report/CVE-2021-42550</a><br><a href="https://github.com/advisories/GHSA-668q-qrv7-99fm">https://github.com/advisories/GHSA-668q-qrv7-99fm</a><br><a href="https://github.com/cn-panda/logbackRceDemo">https://github.com/cn-panda/logbackRceDemo</a><br><a href="https://github.com/qos-ch/logback/blob/1502cba4c1dfd135b2e715bc0cf80c0045d4d128/logback-site/src/site/pages/news.html">https://github.com/qos-ch/logback/blob/1502cba4c1dfd135b2e715bc0cf80c0045d4d128/logback-site/src/site/pages/news.html</a><br><a href="https://github.com/qos-ch/logback/commit/87291079a1de9369ac67e20dc70a8fdc7cc4359c">https://github.com/qos-ch/logback/commit/87291079a1de9369ac67e20dc70a8fdc7cc4359c</a><br><a href="https://github.com/qos-ch/logback/commit/ef4fc4186b74b45ce80d86833820106ff27edd42">https://github.com/qos-ch/logback/commit/ef4fc4186b74b45ce80d86833820106ff27edd42</a><br><a href="https://jira.qos.ch/browse/LOGBACK-1591">https://jira.qos.ch/browse/LOGBACK-1591</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42550">https://nvd.nist.gov/vuln/detail/CVE-2021-42550</a><br><a href="https://security.netapp.com/advisory/ntap-20211229-0001/">https://security.netapp.com/advisory/ntap-20211229-0001/</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2017-15095 | CRITICAL | 2.8.4 | 2.7.9.2, 2.8.10, 2.9.1 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html">http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html">http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/103880">http://www.securityfocus.com/bid/103880</a><br><a href="http://www.securitytracker.com/id/1039769">http://www.securitytracker.com/id/1039769</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3189">https://access.redhat.com/errata/RHSA-2017:3189</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3190">https://access.redhat.com/errata/RHSA-2017:3190</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0342">https://access.redhat.com/errata/RHSA-2018:0342</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0478">https://access.redhat.com/errata/RHSA-2018:0478</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0479">https://access.redhat.com/errata/RHSA-2018:0479</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0480">https://access.redhat.com/errata/RHSA-2018:0480</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0481">https://access.redhat.com/errata/RHSA-2018:0481</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0576">https://access.redhat.com/errata/RHSA-2018:0576</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0577">https://access.redhat.com/errata/RHSA-2018:0577</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1447">https://access.redhat.com/errata/RHSA-2018:1447</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1448">https://access.redhat.com/errata/RHSA-2018:1448</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1449">https://access.redhat.com/errata/RHSA-2018:1449</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1450">https://access.redhat.com/errata/RHSA-2018:1450</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1451">https://access.redhat.com/errata/RHSA-2018:1451</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2927">https://access.redhat.com/errata/RHSA-2018:2927</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-15095">https://access.redhat.com/security/cve/CVE-2017-15095</a><br><a href="https://access.redhat.com/solutions/3442891">https://access.redhat.com/solutions/3442891</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095</a><br><a href="https://github.com/FasterXML/jackson-databind/blob/7093008aa2afe8068e120df850189ae072dfa1b2/src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java#L43">https://github.com/FasterXML/jackson-databind/blob/7093008aa2afe8068e120df850189ae072dfa1b2/src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java#L43</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/3bfbb835">https://github.com/FasterXML/jackson-databind/commit/3bfbb835</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/ddfddfba">https://github.com/FasterXML/jackson-databind/commit/ddfddfba</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/e8f043d1">https://github.com/FasterXML/jackson-databind/commit/e8f043d1</a><br><a href="https://github.com/Fa
| com.fasterxml.jackson.core:jackson-databind | CVE-2017-17485 | CRITICAL | 2.8.4 | 2.8.11, 2.9.4 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/archive/1/541652/100/0/threaded">http://www.securityfocus.com/archive/1/541652/100/0/threaded</a><br><a href="http://www.securityfocus.com/archive/1/archive/1/541652/100/0/threaded">http://www.securityfocus.com/archive/1/archive/1/541652/100/0/threaded</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0116">https://access.redhat.com/errata/RHSA-2018:0116</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0342">https://access.redhat.com/errata/RHSA-2018:0342</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0478">https://access.redhat.com/errata/RHSA-2018:0478</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0479">https://access.redhat.com/errata/RHSA-2018:0479</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0480">https://access.redhat.com/errata/RHSA-2018:0480</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0481">https://access.redhat.com/errata/RHSA-2018:0481</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1447">https://access.redhat.com/errata/RHSA-2018:1447</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1448">https://access.redhat.com/errata/RHSA-2018:1448</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1449">https://access.redhat.com/errata/RHSA-2018:1449</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1450">https://access.redhat.com/errata/RHSA-2018:1450</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1451">https://access.redhat.com/errata/RHSA-2018:1451</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2930">https://access.redhat.com/errata/RHSA-2018:2930</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1782">https://access.redhat.com/errata/RHSA-2019:1782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1797">https://access.redhat.com/errata/RHSA-2019:1797</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-17485">https://access.redhat.com/security/cve/CVE-2017-17485</a><br><a href="https://access.redhat.com/solutions/3442891">https://access.redhat.com/solutions/3442891</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/1855">https://github.com/FasterXML/jackson-databind/issues/1855</a><br><a href="https://github.com/advisories/GHSA-rfx6-vp9g-rh7v">https://github.com/advisories/GHSA-rfx6-vp9g-rh7v</a><br><a href="https://github.com/irsl/jackson-rce-via-spel/">https://github.com/irsl/jackson-rce-via-spel/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-17485">https://nvd.nist.gov/vuln/detail/CVE-2017-17485</a><br><a href="https://security.netapp.com/advisory/ntap-20180201-0003/">https://security.netapp.com/advisory/ntap-20180201-0003/</a><br><a href="https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbhf03902en_us">https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbhf03902en_us</a><br><a href="https://www.debian.org/security/2018/dsa-4114">https://www.debian.org/security/2018/dsa-4114</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2017-7525 | CRITICAL | 2.8.4 | 2.6.7.1, 2.7.9.1, 2.8.9 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html">http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html">http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/99623">http://www.securityfocus.com/bid/99623</a><br><a href="http://www.securitytracker.com/id/1039744">http://www.securitytracker.com/id/1039744</a><br><a href="http://www.securitytracker.com/id/1039947">http://www.securitytracker.com/id/1039947</a><br><a href="http://www.securitytracker.com/id/1040360">http://www.securitytracker.com/id/1040360</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1834">https://access.redhat.com/errata/RHSA-2017:1834</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1835">https://access.redhat.com/errata/RHSA-2017:1835</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1836">https://access.redhat.com/errata/RHSA-2017:1836</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1837">https://access.redhat.com/errata/RHSA-2017:1837</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1839">https://access.redhat.com/errata/RHSA-2017:1839</a><br><a href="https://access.redhat.com/errata/RHSA-2017:1840">https://access.redhat.com/errata/RHSA-2017:1840</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2477">https://access.redhat.com/errata/RHSA-2017:2477</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2546">https://access.redhat.com/errata/RHSA-2017:2546</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2547">https://access.redhat.com/errata/RHSA-2017:2547</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2633">https://access.redhat.com/errata/RHSA-2017:2633</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2635">https://access.redhat.com/errata/RHSA-2017:2635</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2636">https://access.redhat.com/errata/RHSA-2017:2636</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2637">https://access.redhat.com/errata/RHSA-2017:2637</a><br><a href="https://access.redhat.com/errata/RHSA-2017:2638">https://access.redhat.com/errata/RHSA-2017:2638</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3141">https://access.redhat.com/errata/RHSA-2017:3141</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3454">https://access.redhat.com/errata/RHSA-2017:3454</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3455">https://access.redhat.com/errata/RHSA-2017:3455</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3456">https://access.redhat.com/errata/RHSA-2017:3456</a><br><a href="https://access.redhat.com/errata/RHSA-2017:3458">https://access.redhat.com/errata/RHSA-2017:3458</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0294">https://access.redhat.com/errata/RHSA-2018:0294</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0342">https://access.redhat.com/errata/RHSA-2018:0342</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1449">https://access.redhat.com/errata/RHSA-2018:1449</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1450">https://access.redhat.com/errata/RHSA-2018:1450</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0910">https://access.redhat.com/errata/RHSA-2019:0910</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-7525">https://access.redhat.com/
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-11307 | CRITICAL | 2.8.4 | 2.7.9.4, 2.8.11.2, 2.9.6 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2804">https://access.redhat.com/errata/RHSA-2019:2804</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3002">https://access.redhat.com/errata/RHSA-2019:3002</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3140">https://access.redhat.com/errata/RHSA-2019:3140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-11307">https://access.redhat.com/security/cve/CVE-2018-11307</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2032">https://github.com/FasterXML/jackson-databind/issues/2032</a><br><a href="https://github.com/advisories/GHSA-qr7j-h6gg-jmgc">https://github.com/advisories/GHSA-qr7j-h6gg-jmgc</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E">https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062">https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-7525">https://nvd.nist.gov/vuln/detail/CVE-2017-7525</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-11307">https://nvd.nist.gov/vuln/detail/CVE-2018-11307</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2020.html">https://www.oracle.com/security-alerts/cpuapr2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-14718 | CRITICAL | 2.8.4 | 2.6.7.2, 2.9.7 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/106601">http://www.securityfocus.com/bid/106601</a><br><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0877">https://access.redhat.com/errata/RHSA-2019:0877</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1782">https://access.redhat.com/errata/RHSA-2019:1782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1797">https://access.redhat.com/errata/RHSA-2019:1797</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2804">https://access.redhat.com/errata/RHSA-2019:2804</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3002">https://access.redhat.com/errata/RHSA-2019:3002</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3140">https://access.redhat.com/errata/RHSA-2019:3140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-14718">https://access.redhat.com/security/cve/CVE-2018-14718</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44">https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2097">https://github.com/FasterXML/jackson-databind/issues/2097</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7</a><br><a href="https://github.com/advisories/GHSA-645p-88qh-w398">https://github.com/advisories/GHSA-645p-88qh-w398</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E">https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E">https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E">https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissu
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-14719 | CRITICAL | 2.8.4 | 2.6.7.2, 2.9.7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0877">https://access.redhat.com/errata/RHSA-2019:0877</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1782">https://access.redhat.com/errata/RHSA-2019:1782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1797">https://access.redhat.com/errata/RHSA-2019:1797</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2804">https://access.redhat.com/errata/RHSA-2019:2804</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3002">https://access.redhat.com/errata/RHSA-2019:3002</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3140">https://access.redhat.com/errata/RHSA-2019:3140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-14719">https://access.redhat.com/security/cve/CVE-2018-14719</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44">https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2097">https://github.com/FasterXML/jackson-databind/issues/2097</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7</a><br><a href="https://github.com/advisories/GHSA-4gq5-ch57-c2mg">https://github.com/advisories/GHSA-4gq5-ch57-c2mg</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html">https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-14719">https://nvd.nist.gov/vuln/detail/CVE-2018-14719</a><br><a href="https://seclists.org/bugtraq/2019/May/68"
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-14720 | CRITICAL | 2.8.4 | 2.6.7.2, 2.9.7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1106">https://access.redhat.com/errata/RHSA-2019:1106</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1107">https://access.redhat.com/errata/RHSA-2019:1107</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1108">https://access.redhat.com/errata/RHSA-2019:1108</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1140">https://access.redhat.com/errata/RHSA-2019:1140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-14720">https://access.redhat.com/security/cve/CVE-2018-14720</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44">https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2097">https://github.com/FasterXML/jackson-databind/issues/2097</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7</a><br><a href="https://github.com/advisories/GHSA-x2w5-5m2g-7h5m">https://github.com/advisories/GHSA-x2w5-5m2g-7h5m</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E">https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E">https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E">https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.a
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-14721 | CRITICAL | 2.8.4 | 2.6.7.2, 2.9.7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1106">https://access.redhat.com/errata/RHSA-2019:1106</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1107">https://access.redhat.com/errata/RHSA-2019:1107</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1108">https://access.redhat.com/errata/RHSA-2019:1108</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1140">https://access.redhat.com/errata/RHSA-2019:1140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-14721">https://access.redhat.com/security/cve/CVE-2018-14721</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44">https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2097">https://github.com/FasterXML/jackson-databind/issues/2097</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7</a><br><a href="https://github.com/advisories/GHSA-9mxf-g3x6-wv74">https://github.com/advisories/GHSA-9mxf-g3x6-wv74</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html">https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-14721">https://nvd.nist.gov/vuln/detail/CVE-2018-14721</a><br><a href="https://seclists.org/bugtraq/2019/May/68">https://seclists.org/bugtraq/2019/May/68</a><br><a href="https://security.netapp.com/advisory/ntap-20190530-0003/">https://security.netapp.com/advisory/ntap-20190530-0003/</a><br><a href="https://www.debian.org/security/2019/
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-19360 | CRITICAL | 2.8.4 | 2.6.7.3, 2.7.9.5, 2.8.11.3, 2.9.8 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/107985">http://www.securityfocus.com/bid/107985</a><br><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0877">https://access.redhat.com/errata/RHSA-2019:0877</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1782">https://access.redhat.com/errata/RHSA-2019:1782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1797">https://access.redhat.com/errata/RHSA-2019:1797</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2804">https://access.redhat.com/errata/RHSA-2019:2804</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3002">https://access.redhat.com/errata/RHSA-2019:3002</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3140">https://access.redhat.com/errata/RHSA-2019:3140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-19360">https://access.redhat.com/security/cve/CVE-2018-19360</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b">https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2186">https://github.com/FasterXML/jackson-databind/issues/2186</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8</a><br><a href="https://github.com/advisories/GHSA-f9hv-mg5h-xcw9">https://github.com/advisories/GHSA-f9hv-mg5h-xcw9</a><br><a href="https://issues.apache.org/jira/browse/TINKERPOP-2121">https://issues.apache.org/jira/browse/TINKERPOP-2121</a><br><a href="https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E">https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-19361 | CRITICAL | 2.8.4 | 2.6.7.3, 2.7.9.5, 2.8.11.3, 2.9.8 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/107985">http://www.securityfocus.com/bid/107985</a><br><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0877">https://access.redhat.com/errata/RHSA-2019:0877</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1782">https://access.redhat.com/errata/RHSA-2019:1782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1797">https://access.redhat.com/errata/RHSA-2019:1797</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2804">https://access.redhat.com/errata/RHSA-2019:2804</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3002">https://access.redhat.com/errata/RHSA-2019:3002</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3140">https://access.redhat.com/errata/RHSA-2019:3140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-19361">https://access.redhat.com/security/cve/CVE-2018-19361</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b">https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2186">https://github.com/FasterXML/jackson-databind/issues/2186</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8</a><br><a href="https://github.com/advisories/GHSA-mx9v-gmh4-mgqw">https://github.com/advisories/GHSA-mx9v-gmh4-mgqw</a><br><a href="https://issues.apache.org/jira/browse/TINKERPOP-2121">https://issues.apache.org/jira/browse/TINKERPOP-2121</a><br><a href="https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E">https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-19362 | CRITICAL | 2.8.4 | 2.6.7.3, 2.7.9.5, 2.8.11.3, 2.9.8 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/107985">http://www.securityfocus.com/bid/107985</a><br><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0877">https://access.redhat.com/errata/RHSA-2019:0877</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1782">https://access.redhat.com/errata/RHSA-2019:1782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1797">https://access.redhat.com/errata/RHSA-2019:1797</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2804">https://access.redhat.com/errata/RHSA-2019:2804</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3002">https://access.redhat.com/errata/RHSA-2019:3002</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3140">https://access.redhat.com/errata/RHSA-2019:3140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-19362">https://access.redhat.com/security/cve/CVE-2018-19362</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b">https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2186">https://github.com/FasterXML/jackson-databind/issues/2186</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8</a><br><a href="https://github.com/advisories/GHSA-c8hm-7hpq-7jhg">https://github.com/advisories/GHSA-c8hm-7hpq-7jhg</a><br><a href="https://issues.apache.org/jira/browse/TINKERPOP-2121">https://issues.apache.org/jira/browse/TINKERPOP-2121</a><br><a href="https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E">https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-7489 | CRITICAL | 2.8.4 | 2.7.9.3, 2.8.11.1, 2.9.5 | <details><summary>Expand...</summary><a href="http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html">http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html">http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html</a><br><a href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a><br><a href="http://www.securityfocus.com/bid/103203">http://www.securityfocus.com/bid/103203</a><br><a href="http://www.securitytracker.com/id/1040693">http://www.securitytracker.com/id/1040693</a><br><a href="http://www.securitytracker.com/id/1041890">http://www.securitytracker.com/id/1041890</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1447">https://access.redhat.com/errata/RHSA-2018:1447</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1448">https://access.redhat.com/errata/RHSA-2018:1448</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1449">https://access.redhat.com/errata/RHSA-2018:1449</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1450">https://access.redhat.com/errata/RHSA-2018:1450</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1451">https://access.redhat.com/errata/RHSA-2018:1451</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1786">https://access.redhat.com/errata/RHSA-2018:1786</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2088">https://access.redhat.com/errata/RHSA-2018:2088</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2089">https://access.redhat.com/errata/RHSA-2018:2089</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2090">https://access.redhat.com/errata/RHSA-2018:2090</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2938">https://access.redhat.com/errata/RHSA-2018:2938</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2939">https://access.redhat.com/errata/RHSA-2018:2939</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-7489">https://access.redhat.com/security/cve/CVE-2018-7489</a><br><a href="https://access.redhat.com/solutions/3442891">https://access.redhat.com/solutions/3442891</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7489">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7489</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/6799f8f10cc78e9af6d443ed6982d00a13f2e7d2">https://github.com/FasterXML/jackson-databind/commit/6799f8f10cc78e9af6d443ed6982d00a13f2e7d2</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/1931">https://github.com/FasterXML/jackson-databind/issues/1931</a><br><a href="https://github.com/advisories/GHSA-cggj-fvv3-cqwv">https://github.com/advisories/GHSA-cggj-fvv3-cqwv</a><br><a href="https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-7489">https://nvd.nist.gov/vuln/detail/CVE-2018-7489</a><br><a href="https://security.netapp.com/advisory/ntap-20180328-0001/">https://security.netapp.com/advisory/ntap-20180328-0001/</a><br><a href="https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbhf03902en_us">https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbhf03902en_us</a><br><a href="https://www.debian.org/security/2018/dsa-4190">https://www.debian.org/security/2018/dsa-4190</a><br
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-14379 | CRITICAL | 2.8.4 | 2.7.9.6, 2.8.11.4, 2.9.9.2 | <details><summary>Expand...</summary><a href="http://seclists.org/fulldisclosure/2022/Mar/23">http://seclists.org/fulldisclosure/2022/Mar/23</a><br><a href="https://access.redhat.com/errata/RHBA-2019:2824">https://access.redhat.com/errata/RHBA-2019:2824</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2743">https://access.redhat.com/errata/RHSA-2019:2743</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2935">https://access.redhat.com/errata/RHSA-2019:2935</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2936">https://access.redhat.com/errata/RHSA-2019:2936</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2937">https://access.redhat.com/errata/RHSA-2019:2937</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2938">https://access.redhat.com/errata/RHSA-2019:2938</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2998">https://access.redhat.com/errata/RHSA-2019:2998</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3044">https://access.redhat.com/errata/RHSA-2019:3044</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3045">https://access.redhat.com/errata/RHSA-2019:3045</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3046">https://access.redhat.com/errata/RHSA-2019:3046</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3050">https://access.redhat.com/errata/RHSA-2019:3050</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3200">https://access.redhat.com/errata/RHSA-2019:3200</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3292">https://access.redhat.com/errata/RHSA-2019:3292</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3297">https://access.redhat.com/errata/RHSA-2019:3297</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3901">https://access.redhat.com/errata/RHSA-2019:3901</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0727">https://access.redhat.com/errata/RHSA-2020:0727</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-14379">https://access.redhat.com/security/cve/CVE-2019-14379</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b">https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b</a><br><a href="https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2">https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2387">https://github.com/FasterXML/jackson-databind/issues/2387</a><br><a href="https://github.com/advisories/GHSA-6fpp-rgj9-8rwc">https://github.com/advisories/GHSA-6fpp-rgj9-8rwc</a><br><a href="https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E">https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/2766188be238a446a250ef76801037d452979152d85bce5e46805815@%3Cissues.iceberg.apache.org%3E">https://lists.apache.org/thread.html/2766188be238a446a250ef76801037d452979152d85bce5e46805815@%3Cissues.iceberg.apache.org%3E</a><br><a href="https://lists.apache.
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-14540 | CRITICAL | 2.8.4 | 2.9.10 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:3200">https://access.redhat.com/errata/RHSA-2019:3200</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0159">https://access.redhat.com/errata/RHSA-2020:0159</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0160">https://access.redhat.com/errata/RHSA-2020:0160</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0161">https://access.redhat.com/errata/RHSA-2020:0161</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0164">https://access.redhat.com/errata/RHSA-2020:0164</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0445">https://access.redhat.com/errata/RHSA-2020:0445</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-14540">https://access.redhat.com/security/cve/CVE-2019-14540</a><br><a href="https://github.com/FasterXML/jackson-databind/blob/master/release-notes/VERSION-2.x">https://github.com/FasterXML/jackson-databind/blob/master/release-notes/VERSION-2.x</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2410">https://github.com/FasterXML/jackson-databind/issues/2410</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2449">https://github.com/FasterXML/jackson-databind/issues/2449</a><br><a href="https://github.com/advisories/GHSA-h822-r4r5-v8jg">https://github.com/advisories/GHSA-h822-r4r5-v8jg</a><br><a href="https://linux.oracle.com/cve/CVE-2019-14540.html">https://linux.oracle.com/cve/CVE-2019-14540.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-1644.html">https://linux.oracle.com/errata/ELSA-2020-1644.html</a><br><a href="https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E">https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/a4f2c9fb36642a48912cdec6836ec00e497427717c5d377f8d7ccce6@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/a4f2c9fb36642a48912cdec6836ec00e497427717c5d377f8d7ccce6@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed11638949
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-14892 | CRITICAL | 2.8.4 | 2.6.7.3, 2.8.11.5, 2.9.10 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2020:0729">https://access.redhat.com/errata/RHSA-2020:0729</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-14892">https://access.redhat.com/security/cve/CVE-2019-14892</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14892">https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14892</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14892">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14892</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/41b7f9b90149e9d44a65a8261a8deedc7186f6af">https://github.com/FasterXML/jackson-databind/commit/41b7f9b90149e9d44a65a8261a8deedc7186f6af</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/819cdbcab51c6da9fb896380f2d46e9b7d4fdc3b">https://github.com/FasterXML/jackson-databind/commit/819cdbcab51c6da9fb896380f2d46e9b7d4fdc3b</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2462">https://github.com/FasterXML/jackson-databind/issues/2462</a><br><a href="https://github.com/advisories/GHSA-cf6r-3wgc-h863">https://github.com/advisories/GHSA-cf6r-3wgc-h863</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-14892">https://nvd.nist.gov/vuln/detail/CVE-2019-14892</a><br><a href="https://security.netapp.com/advisory/ntap-20200904-0005/">https://security.netapp.com/advisory/ntap-20200904-0005/</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-14893 | CRITICAL | 2.8.4 | 2.8.11.5, 2.9.10 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2020:0729">https://access.redhat.com/errata/RHSA-2020:0729</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-14893">https://access.redhat.com/security/cve/CVE-2019-14893</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14893">https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14893</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14893">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14893</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/998efd708284778f29d83d7962a9bd935c228317">https://github.com/FasterXML/jackson-databind/commit/998efd708284778f29d83d7962a9bd935c228317</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2469">https://github.com/FasterXML/jackson-databind/issues/2469</a><br><a href="https://github.com/advisories/GHSA-qmqc-x3r4-6v39">https://github.com/advisories/GHSA-qmqc-x3r4-6v39</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-14893">https://nvd.nist.gov/vuln/detail/CVE-2019-14893</a><br><a href="https://security.netapp.com/advisory/ntap-20200327-0006/">https://security.netapp.com/advisory/ntap-20200327-0006/</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-16335 | CRITICAL | 2.8.4 | 2.9.10 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:3200">https://access.redhat.com/errata/RHSA-2019:3200</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0159">https://access.redhat.com/errata/RHSA-2020:0159</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0160">https://access.redhat.com/errata/RHSA-2020:0160</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0161">https://access.redhat.com/errata/RHSA-2020:0161</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0164">https://access.redhat.com/errata/RHSA-2020:0164</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0445">https://access.redhat.com/errata/RHSA-2020:0445</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0729">https://access.redhat.com/errata/RHSA-2020:0729</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-16335">https://access.redhat.com/security/cve/CVE-2019-16335</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2449">https://github.com/FasterXML/jackson-databind/issues/2449</a><br><a href="https://github.com/advisories/GHSA-85cw-hj65-qqv9">https://github.com/advisories/GHSA-85cw-hj65-qqv9</a><br><a href="https://linux.oracle.com/cve/CVE-2019-16335.html">https://linux.oracle.com/cve/CVE-2019-16335.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-1644.html">https://linux.oracle.com/errata/ELSA-2020-1644.html</a><br><a href="https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E">https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E">https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/th
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-16942 | CRITICAL | 2.8.4 | 2.9.10.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:3901">https://access.redhat.com/errata/RHSA-2019:3901</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0159">https://access.redhat.com/errata/RHSA-2020:0159</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0160">https://access.redhat.com/errata/RHSA-2020:0160</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0161">https://access.redhat.com/errata/RHSA-2020:0161</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0164">https://access.redhat.com/errata/RHSA-2020:0164</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0445">https://access.redhat.com/errata/RHSA-2020:0445</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-16942">https://access.redhat.com/security/cve/CVE-2019-16942</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2478">https://github.com/FasterXML/jackson-databind/issues/2478</a><br><a href="https://github.com/advisories/GHSA-mx7p-6679-8g3q">https://github.com/advisories/GHSA-mx7p-6679-8g3q</a><br><a href="https://issues.apache.org/jira/browse/GEODE-7255">https://issues.apache.org/jira/browse/GEODE-7255</a><br><a href="https://linux.oracle.com/cve/CVE-2019-16942.html">https://linux.oracle.com/cve/CVE-2019-16942.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-1644.html">https://linux.oracle.com/errata/ELSA-2020-1644.html</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/7782a937c9259a58337ee36b2961f00e2d744feafc13084e176d0df5@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/7782a937c9259a58337ee36b2961f00e2d744feafc13084e176d0df5@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/a430dbc9be874c41314cc69e697384567a9a24025e819d9485547954@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/a430dbc9be874c41314cc69e697384567a9a24025e819d9485547954@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b2e23c94f9dfef53e04c492e5d02e5c75201734be7adc73a49ef2370@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/b2e23c94f9dfef53e04c492e5d02e5c75201734be7adc73a49ef2370@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html">https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/</
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-16943 | CRITICAL | 2.8.4 | 2.9.10.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2020:0159">https://access.redhat.com/errata/RHSA-2020:0159</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0160">https://access.redhat.com/errata/RHSA-2020:0160</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0161">https://access.redhat.com/errata/RHSA-2020:0161</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0164">https://access.redhat.com/errata/RHSA-2020:0164</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0445">https://access.redhat.com/errata/RHSA-2020:0445</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-16943">https://access.redhat.com/security/cve/CVE-2019-16943</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2478">https://github.com/FasterXML/jackson-databind/issues/2478</a><br><a href="https://github.com/advisories/GHSA-fmmc-742q-jg75">https://github.com/advisories/GHSA-fmmc-742q-jg75</a><br><a href="https://linux.oracle.com/cve/CVE-2019-16943.html">https://linux.oracle.com/cve/CVE-2019-16943.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-1644.html">https://linux.oracle.com/errata/ELSA-2020-1644.html</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5ec8d8d485c2c8ac55ea425f4cd96596ef37312532712639712ebcdd@%3Ccommits.iceberg.apache.org%3E">https://lists.apache.org/thread.html/5ec8d8d485c2c8ac55ea425f4cd96596ef37312532712639712ebcdd@%3Ccommits.iceberg.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6@%3Cissues.iceberg.apache.org%3E">https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6@%3Cissues.iceberg.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html">https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/">https://lists.fedoraproject.org/archives/list/package-announce@lists.
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-17267 | CRITICAL | 2.8.4 | 2.9.10 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:3200">https://access.redhat.com/errata/RHSA-2019:3200</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0159">https://access.redhat.com/errata/RHSA-2020:0159</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0160">https://access.redhat.com/errata/RHSA-2020:0160</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0161">https://access.redhat.com/errata/RHSA-2020:0161</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0164">https://access.redhat.com/errata/RHSA-2020:0164</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0445">https://access.redhat.com/errata/RHSA-2020:0445</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-17267">https://access.redhat.com/security/cve/CVE-2019-17267</a><br><a href="https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10">https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2460">https://github.com/FasterXML/jackson-databind/issues/2460</a><br><a href="https://github.com/advisories/GHSA-f3j5-rmmp-3fc5">https://github.com/advisories/GHSA-f3j5-rmmp-3fc5</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9d727fc681fb3828794acbefcaee31393742b4d73a29461ccd9597a8@%3Cdev.skywalking.apache.org%3E">https://lists.apache.org/thread.html/r9d727fc681fb3828794acbefcaee31393742b4d73a29461ccd9597a8@%3Cdev.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html">https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-17267">https://nvd.nist.gov/vuln/detail/CVE-2019-17267</a><br><a href="https://security.netapp.com/advisory/ntap-20191017-0006/">https://security.netapp.com/advisory/ntap-20191017-0006/</a><br><a href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-17531 | CRITICAL | 2.8.4 | 2.9.10.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:4192">https://access.redhat.com/errata/RHSA-2019:4192</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0159">https://access.redhat.com/errata/RHSA-2020:0159</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0160">https://access.redhat.com/errata/RHSA-2020:0160</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0161">https://access.redhat.com/errata/RHSA-2020:0161</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0164">https://access.redhat.com/errata/RHSA-2020:0164</a><br><a href="https://access.redhat.com/errata/RHSA-2020:0445">https://access.redhat.com/errata/RHSA-2020:0445</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-17531">https://access.redhat.com/security/cve/CVE-2019-17531</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2498">https://github.com/FasterXML/jackson-databind/issues/2498</a><br><a href="https://github.com/advisories/GHSA-gjmw-vf9h-g25v">https://github.com/advisories/GHSA-gjmw-vf9h-g25v</a><br><a href="https://linux.oracle.com/cve/CVE-2019-17531.html">https://linux.oracle.com/cve/CVE-2019-17531.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2020-1644.html">https://linux.oracle.com/errata/ELSA-2020-1644.html</a><br><a href="https://lists.apache.org/thread.html/b3c90d38f99db546de60fea65f99a924d540fae2285f014b79606ca5@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/b3c90d38f99db546de60fea65f99a924d540fae2285f014b79606ca5@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html">https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html</a><br><a href="https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062">https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-17531">https://nvd.nist.gov/vuln/detail/CVE-2019-17531</a><br><a href="https://security.netapp.com/advisory/ntap-20191024-0005/">https://security.netapp.com/advisory/ntap-20191024-0005/</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2020.html">https://www.oracle.com/security-alerts/cpuapr2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-20330 | CRITICAL | 2.8.4 | 2.8.11.5, 2.9.10.2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-20330">https://access.redhat.com/security/cve/CVE-2019-20330</a><br><a href="https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.10.1...jackson-databind-2.9.10.2">https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.10.1...jackson-databind-2.9.10.2</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2526">https://github.com/FasterXML/jackson-databind/issues/2526</a><br><a href="https://github.com/advisories/GHSA-gww7-p5w4-wrfv">https://github.com/advisories/GHSA-gww7-p5w4-wrfv</a><br><a href="https://lists.apache.org/thread.html/r107c8737db39ec9ec4f4e7147b249e29be79170b9ef4b80528105a2d@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r107c8737db39ec9ec4f4e7147b249e29be79170b9ef4b80528105a2d@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2c77dd6ab8344285bd8e481b57cf3029965a4b0036eefccef74cdd44@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r2c77dd6ab8344285bd8e481b57cf3029965a4b0036eefccef74cdd44@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3f8180d0d25a7c6473ebb9714b0c1d19a73f455ae70d0c5fefc17e6c@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r3f8180d0d25a7c6473ebb9714b0c1d19a73f455ae70d0c5fefc17e6c@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r428735963bee7cb99877b88d3228e28ec28af64646455c4f3e7a3c94@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r428735963bee7cb99877b88d3228e28ec28af64646455c4f3e7a3c94@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r50f513772f12e1babf65c7c2b9c16425bac2d945351879e2e267517f@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r50f513772f12e1babf65c7c2b9c16425bac2d945351879e2e267517f@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r5c14fdcabdeaba258857bcb67198652e4dce1d33ddc590cd81d82393@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r5c14fdcabdeaba258857bcb67198652e4dce1d33ddc590cd81d82393@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r5c3644c97f0434d1ceb48ff48897a67bdbf3baf7efbe7d04625425b3@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r5c3644c97f0434d1ceb48ff48897a67bdbf3baf7efbe7d04625425b3@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r5d3d10fdf28110da3f9ac1b7d08d7e252f98d7d37ce0a6bd139a2e4f@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r5d3d10fdf28110da3f9ac1b7d08d7e252f98d7d37ce0a6bd139a2e4f@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r67f4d4c48197454b83d62afbed8bebbda3764e6e3a6e26a848961764@%3Ccommits.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r67f4d4c48197454b83d62afbed8bebbda3764e6e3a6e26a848961764@%3Ccommits.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r707d23bb9ee245f50aa909add0da6e8d8f24719b1278ddd99d2428b2@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r707d23bb9ee245f50aa909add0da6e8d8f24719b1278ddd99d2428b2@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-8840 | CRITICAL | 2.8.4 | 2.7.9.7, 2.8.11.5, 2.9.10.3 | <details><summary>Expand...</summary><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en">http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en</a><br><a href="https://access.redhat.com/security/cve/CVE-2020-8840">https://access.redhat.com/security/cve/CVE-2020-8840</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8840">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8840</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/74aba4042fce35ee0b91bd2847e788c10040d78b">https://github.com/FasterXML/jackson-databind/commit/74aba4042fce35ee0b91bd2847e788c10040d78b</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/914e7c9f2cb8ce66724bf26a72adc7e958992497">https://github.com/FasterXML/jackson-databind/commit/914e7c9f2cb8ce66724bf26a72adc7e958992497</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/9bb52c7122271df75435ec7e66ecf6b02b1ee14f">https://github.com/FasterXML/jackson-databind/commit/9bb52c7122271df75435ec7e66ecf6b02b1ee14f</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2620">https://github.com/FasterXML/jackson-databind/issues/2620</a><br><a href="https://github.com/advisories/GHSA-4w82-r329-3q67">https://github.com/advisories/GHSA-4w82-r329-3q67</a><br><a href="https://lists.apache.org/thread.html/r078e68a926ea6be12e8404e47f45aabf04bb4668e8265c0de41db6db@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r078e68a926ea6be12e8404e47f45aabf04bb4668e8265c0de41db6db@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1c09b9551f6953dbeca190a4c4b78198cdbb9825fce36f96fe3d8218@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/r1c09b9551f6953dbeca190a4c4b78198cdbb9825fce36f96fe3d8218@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1efc776fc6ce3387593deaa94bbdd296733b1b01408a39c8d1ab9e0e@%3Cdev.ranger.apache.org%3E">https://lists.apache.org/thread.html/r1efc776fc6ce3387593deaa94bbdd296733b1b01408a39c8d1ab9e0e@%3Cdev.ranger.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2fa8046bd47fb407ca09b5107a80fa6147ba4ebe879caae5c98b7657@%3Cdev.ranger.apache.org%3E">https://lists.apache.org/thread.html/r2fa8046bd47fb407ca09b5107a80fa6147ba4ebe879caae5c98b7657@%3Cdev.ranger.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r319f19c74e06c201b9d4e8b282a4e4b2da6dcda022fb46f007dd00d3@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r319f19c74e06c201b9d4e8b282a4e4b2da6dcda022fb46f007dd00d3@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3539bd3a377991217d724879d239e16e86001c54160076408574e1da@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r3539bd3a377991217d724879d239e16e86001c54160076408574e1da@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3d20a2660b36551fd8257d479941782af4a7169582449fac1704bde2@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r3d20a2660b36551fd8257d479941782af4a7169582449fac1704bde2@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r428d068b2a4923f1a5a4f5fc6381b95205cfe7620169d16db78e9c71@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r428d068b2a4923f1a5a4f5fc6381b95205cfe7620169d16db78e9c71@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r446646c5588b10f5e02409ad580b12f314869009cdfbf844ca395cec@%3Cdev.ranger.apache.org%3E">https://lists.apache.org/threa
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-9546 | CRITICAL | 2.8.4 | 2.7.9.7, 2.8.11.6, 2.9.10.4 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-9546">https://access.redhat.com/security/cve/CVE-2020-9546</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2631">https://github.com/FasterXML/jackson-databind/issues/2631</a><br><a href="https://github.com/advisories/GHSA-5p34-5m6p-p58g">https://github.com/advisories/GHSA-5p34-5m6p-p58g</a><br><a href="https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html">https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html</a><br><a href="https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062">https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-9546">https://nvd.nist.gov/vuln/detail/CVE-2020-9546</a><br><a href="https://security.netapp.com/advisory/ntap-20200904-0006/">https://security.netapp.com/advisory/ntap-20200904-0006/</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-9547 | CRITICAL | 2.8.4 | 2.7.9.7, 2.8.11.6, 2.9.10.4 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-9547">https://access.redhat.com/security/cve/CVE-2020-9547</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2634">https://github.com/FasterXML/jackson-databind/issues/2634</a><br><a href="https://github.com/advisories/GHSA-q93h-jc49-78gg">https://github.com/advisories/GHSA-q93h-jc49-78gg</a><br><a href="https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4accb2e0de9679174efd3d113a059bab71ff3ec53e882790d21c1cc1@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r4accb2e0de9679174efd3d113a059bab71ff3ec53e882790d21c1cc1@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r742ef70d126548dcf7de5be5779355c9d76a9aec71d7a9ef02c6398a@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r742ef70d126548dcf7de5be5779355c9d76a9aec71d7a9ef02c6398a@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra3e90712f2d59f8cef03fa796f5adf163d32b81fe7b95385f21790e6@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/ra3e90712f2d59f8cef03fa796f5adf163d32b81fe7b95385f21790e6@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rc0d5d0f72da1ed6fc5e438b1ddb3fa090c73006b55f873cf845375ab@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rc0d5d0f72da1ed6fc5e438b1ddb3fa090c73006b55f873cf845375ab@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd0e958d6d5c5ee16efed73314cd0e445c8dbb4bdcc80fc9d1d6c11fc@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rd0e958d6d5c5ee16efed73314cd0e445c8dbb4bdcc80fc9d1d6c11fc@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rdd4df698d5d8e635144d
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-9548 | CRITICAL | 2.8.4 | 2.7.9.7, 2.8.11.6, 2.9.10.4 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-9548">https://access.redhat.com/security/cve/CVE-2020-9548</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2634">https://github.com/FasterXML/jackson-databind/issues/2634</a><br><a href="https://github.com/advisories/GHSA-p43x-xfjf-5jhr">https://github.com/advisories/GHSA-p43x-xfjf-5jhr</a><br><a href="https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E">https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html">https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html</a><br><a href="https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062">https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-9548">https://nvd.nist.gov/vuln/detail/CVE-2020-9548</a><br><a href="https://security.netapp.com/advisory/ntap-20200904-0006/">https://security.netapp.com/advisory/ntap-20200904-0006/</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-12022 | HIGH | 2.8.4 | 2.7.9.4, 2.8.11.2, 2.9.6 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/107585">http://www.securityfocus.com/bid/107585</a><br><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0877">https://access.redhat.com/errata/RHSA-2019:0877</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1106">https://access.redhat.com/errata/RHSA-2019:1106</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1107">https://access.redhat.com/errata/RHSA-2019:1107</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1108">https://access.redhat.com/errata/RHSA-2019:1108</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1140">https://access.redhat.com/errata/RHSA-2019:1140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1782">https://access.redhat.com/errata/RHSA-2019:1782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1797">https://access.redhat.com/errata/RHSA-2019:1797</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2804">https://access.redhat.com/errata/RHSA-2019:2804</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3002">https://access.redhat.com/errata/RHSA-2019:3002</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3140">https://access.redhat.com/errata/RHSA-2019:3140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-12022">https://access.redhat.com/security/cve/CVE-2018-12022</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1671098">https://bugzilla.redhat.com/show_bug.cgi?id=1671098</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a">https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2052">https://github.com/FasterXML/jackson-databind/issues/2052</a><br><a href="https://github.com/advisories/GHSA-cjjf-94ff-43w7">https://github.com/advisories/GHSA-cjjf-94ff-43w7</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E">https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.fedoraproject.org/archives/li
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-12023 | HIGH | 2.8.4 | 2.7.9.4, 2.8.11.2, 2.9.6 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/105659">http://www.securityfocus.com/bid/105659</a><br><a href="https://access.redhat.com/errata/RHBA-2019:0959">https://access.redhat.com/errata/RHBA-2019:0959</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0782">https://access.redhat.com/errata/RHSA-2019:0782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:0877">https://access.redhat.com/errata/RHSA-2019:0877</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1106">https://access.redhat.com/errata/RHSA-2019:1106</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1107">https://access.redhat.com/errata/RHSA-2019:1107</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1108">https://access.redhat.com/errata/RHSA-2019:1108</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1140">https://access.redhat.com/errata/RHSA-2019:1140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1782">https://access.redhat.com/errata/RHSA-2019:1782</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1797">https://access.redhat.com/errata/RHSA-2019:1797</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1822">https://access.redhat.com/errata/RHSA-2019:1822</a><br><a href="https://access.redhat.com/errata/RHSA-2019:1823">https://access.redhat.com/errata/RHSA-2019:1823</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2804">https://access.redhat.com/errata/RHSA-2019:2804</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3002">https://access.redhat.com/errata/RHSA-2019:3002</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3140">https://access.redhat.com/errata/RHSA-2019:3140</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3892">https://access.redhat.com/errata/RHSA-2019:3892</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4037">https://access.redhat.com/errata/RHSA-2019:4037</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-12023">https://access.redhat.com/security/cve/CVE-2018-12023</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a">https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2058">https://github.com/FasterXML/jackson-databind/issues/2058</a><br><a href="https://github.com/advisories/GHSA-6wqp-v4v6-c87c">https://github.com/advisories/GHSA-6wqp-v4v6-c87c</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E">https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC/">https://lists.fedoraproject.org/ar
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-5968 | HIGH | 2.8.4 | 2.7.9.5, 2.8.11.1, 2.9.4 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2018:0478">https://access.redhat.com/errata/RHSA-2018:0478</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0479">https://access.redhat.com/errata/RHSA-2018:0479</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0480">https://access.redhat.com/errata/RHSA-2018:0480</a><br><a href="https://access.redhat.com/errata/RHSA-2018:0481">https://access.redhat.com/errata/RHSA-2018:0481</a><br><a href="https://access.redhat.com/errata/RHSA-2018:1525">https://access.redhat.com/errata/RHSA-2018:1525</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-5968">https://access.redhat.com/security/cve/CVE-2018-5968</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5968">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5968</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/1899">https://github.com/FasterXML/jackson-databind/issues/1899</a><br><a href="https://github.com/GulajavaMinistudio/jackson-databind/pull/92/commits/038b471e2efde2e8f96b4e0be958d3e5a1ff1d05">https://github.com/GulajavaMinistudio/jackson-databind/pull/92/commits/038b471e2efde2e8f96b4e0be958d3e5a1ff1d05</a><br><a href="https://github.com/advisories/GHSA-w3f4-3q6j-rh82">https://github.com/advisories/GHSA-w3f4-3q6j-rh82</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-5968">https://nvd.nist.gov/vuln/detail/CVE-2018-5968</a><br><a href="https://security.netapp.com/advisory/ntap-20180423-0002/">https://security.netapp.com/advisory/ntap-20180423-0002/</a><br><a href="https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbhf03902en_us">https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbhf03902en_us</a><br><a href="https://www.debian.org/security/2018/dsa-4114">https://www.debian.org/security/2018/dsa-4114</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-12086 | HIGH | 2.8.4 | 2.7.9.6, 2.8.11.4, 2.9.9 | <details><summary>Expand...</summary><a href="http://russiansecurity.expert/2016/04/20/mysql-connect-file-read/">http://russiansecurity.expert/2016/04/20/mysql-connect-file-read/</a><br><a href="http://www.securityfocus.com/bid/109227">http://www.securityfocus.com/bid/109227</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2935">https://access.redhat.com/errata/RHSA-2019:2935</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2936">https://access.redhat.com/errata/RHSA-2019:2936</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2937">https://access.redhat.com/errata/RHSA-2019:2937</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2938">https://access.redhat.com/errata/RHSA-2019:2938</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2998">https://access.redhat.com/errata/RHSA-2019:2998</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3044">https://access.redhat.com/errata/RHSA-2019:3044</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3045">https://access.redhat.com/errata/RHSA-2019:3045</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3046">https://access.redhat.com/errata/RHSA-2019:3046</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3050">https://access.redhat.com/errata/RHSA-2019:3050</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3200">https://access.redhat.com/errata/RHSA-2019:3200</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-12086">https://access.redhat.com/security/cve/CVE-2019-12086</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2326">https://github.com/FasterXML/jackson-databind/issues/2326</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.9">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.9</a><br><a href="https://github.com/advisories/GHSA-5ww9-j83m-q7qx">https://github.com/advisories/GHSA-5ww9-j83m-q7qx</a><br><a href="https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/88cd25375805950ae7337e669b0cb0eeda98b9604c1b8d806dccbad2@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/88cd25375805950ae7337e669b0cb0eeda98b9604c1b8d806dccbad2@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925a
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-14439 | HIGH | 2.8.4 | 2.7.9.6, 2.8.11.4, 2.9.9.2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:3200">https://access.redhat.com/errata/RHSA-2019:3200</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-14439">https://access.redhat.com/security/cve/CVE-2019-14439</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b">https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b</a><br><a href="https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2">https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2389">https://github.com/FasterXML/jackson-databind/issues/2389</a><br><a href="https://github.com/advisories/GHSA-gwp4-hfv6-p7hw">https://github.com/advisories/GHSA-gwp4-hfv6-p7hw</a><br><a href="https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E">https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-10969 | HIGH | 2.8.4 | 2.7.9.7, 2.8.11.6, 2.9.10.4 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-10969">https://access.redhat.com/security/cve/CVE-2020-10969</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2642">https://github.com/FasterXML/jackson-databind/issues/2642</a><br><a href="https://github.com/advisories/GHSA-758m-v56v-grj4">https://github.com/advisories/GHSA-758m-v56v-grj4</a><br><a href="https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html">https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html</a><br><a href="https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062">https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-10969">https://nvd.nist.gov/vuln/detail/CVE-2020-10969</a><br><a href="https://security.netapp.com/advisory/ntap-20200403-0002/">https://security.netapp.com/advisory/ntap-20200403-0002/</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-35490 | HIGH | 2.8.4 | 2.9.10.8 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-35490">https://access.redhat.com/security/cve/CVE-2020-35490</a><br><a href="https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062">https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35490">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35490</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d">https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2986">https://github.com/FasterXML/jackson-databind/issues/2986</a><br><a href="https://github.com/advisories/GHSA-wh8g-3j2c-rqj5">https://github.com/advisories/GHSA-wh8g-3j2c-rqj5</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html">https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-35490">https://nvd.nist.gov/vuln/detail/CVE-2020-35490</a><br><a href="https://security.netapp.com/advisory/ntap-20210122-0005/">https://security.netapp.com/advisory/ntap-20210122-0005/</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-35491 | HIGH | 2.8.4 | 2.9.10.8 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-35491">https://access.redhat.com/security/cve/CVE-2020-35491</a><br><a href="https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062">https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35491">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35491</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d">https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2986">https://github.com/FasterXML/jackson-databind/issues/2986</a><br><a href="https://github.com/advisories/GHSA-r3gr-cxrf-hg25">https://github.com/advisories/GHSA-r3gr-cxrf-hg25</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html">https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-35491">https://nvd.nist.gov/vuln/detail/CVE-2020-35491</a><br><a href="https://security.netapp.com/advisory/ntap-20210122-0005/">https://security.netapp.com/advisory/ntap-20210122-0005/</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2020-36518 | HIGH | 2.8.4 | 2.12.6.1, 2.13.2.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-36518">https://access.redhat.com/security/cve/CVE-2020-36518</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b">https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2816">https://github.com/FasterXML/jackson-databind/issues/2816</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12</a><br><a href="https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13">https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13</a><br><a href="https://github.com/advisories/GHSA-57j2-w4cx-62h2">https://github.com/advisories/GHSA-57j2-w4cx-62h2</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-36518">https://nvd.nist.gov/vuln/detail/CVE-2020-36518</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2018-1000873 | MEDIUM | 2.8.4 | 2.9.8 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-1000873">https://access.redhat.com/security/cve/CVE-2018-1000873</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1665601">https://bugzilla.redhat.com/show_bug.cgi?id=1665601</a><br><a href="https://github.com/FasterXML/jackson-modules-java8/issues/90">https://github.com/FasterXML/jackson-modules-java8/issues/90</a><br><a href="https://github.com/FasterXML/jackson-modules-java8/pull/87">https://github.com/FasterXML/jackson-modules-java8/pull/87</a><br><a href="https://github.com/advisories/GHSA-h4x4-5qp2-wp46">https://github.com/advisories/GHSA-h4x4-5qp2-wp46</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-1000873">https://nvd.nist.gov/vuln/detail/CVE-2018-1000873</a><br><a href="https://security.netapp.com/advisory/ntap-20200904-0004/">https://security.netapp.com/advisory/ntap-20200904-0004/</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2020.html">https://www.oracle.com/security-alerts/cpuapr2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a><br></details> |
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-12384 | MEDIUM | 2.8.4 | 2.7.9.6, 2.8.11.4, 2.9.9.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:1820">https://access.redhat.com/errata/RHSA-2019:1820</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2720">https://access.redhat.com/errata/RHSA-2019:2720</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2935">https://access.redhat.com/errata/RHSA-2019:2935</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2936">https://access.redhat.com/errata/RHSA-2019:2936</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2937">https://access.redhat.com/errata/RHSA-2019:2937</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2938">https://access.redhat.com/errata/RHSA-2019:2938</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2998">https://access.redhat.com/errata/RHSA-2019:2998</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3200">https://access.redhat.com/errata/RHSA-2019:3200</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3292">https://access.redhat.com/errata/RHSA-2019:3292</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3297">https://access.redhat.com/errata/RHSA-2019:3297</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3901">https://access.redhat.com/errata/RHSA-2019:3901</a><br><a href="https://access.redhat.com/errata/RHSA-2019:4352">https://access.redhat.com/errata/RHSA-2019:4352</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-12384">https://access.redhat.com/security/cve/CVE-2019-12384</a><br><a href="https://blog.doyensec.com/2019/07/22/jackson-gadgets.html">https://blog.doyensec.com/2019/07/22/jackson-gadgets.html</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12384">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12384</a><br><a href="https://doyensec.com/research.html">https://doyensec.com/research.html</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/c9ef4a10d6f6633cf470d6a469514b68fa2be234">https://github.com/FasterXML/jackson-databind/commit/c9ef4a10d6f6633cf470d6a469514b68fa2be234</a><br><a href="https://github.com/FasterXML/jackson-databind/compare/74b90a4...a977aad">https://github.com/FasterXML/jackson-databind/compare/74b90a4...a977aad</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2334">https://github.com/FasterXML/jackson-databind/issues/2334</a><br><a href="https://github.com/advisories/GHSA-mph4-vhrx-mv67">https://github.com/advisories/GHSA-mph4-vhrx-mv67</a><br><a href="https://linux.oracle.com/cve/CVE-2019-12384.html">https://linux.oracle.com/cve/CVE-2019-12384.html</a><br><a href="https://linux.oracle.com/errata/ELSA-2019-2720.html">https://linux.oracle.com/errata/ELSA-2019-2720.html</a><br><a href="https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E">https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@
| com.fasterxml.jackson.core:jackson-databind | CVE-2019-12814 | MEDIUM | 2.8.4 | 2.7.9.6, 2.8.11.4, 2.9.9.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/errata/RHSA-2019:2858">https://access.redhat.com/errata/RHSA-2019:2858</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2935">https://access.redhat.com/errata/RHSA-2019:2935</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2936">https://access.redhat.com/errata/RHSA-2019:2936</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2937">https://access.redhat.com/errata/RHSA-2019:2937</a><br><a href="https://access.redhat.com/errata/RHSA-2019:2938">https://access.redhat.com/errata/RHSA-2019:2938</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3044">https://access.redhat.com/errata/RHSA-2019:3044</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3045">https://access.redhat.com/errata/RHSA-2019:3045</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3046">https://access.redhat.com/errata/RHSA-2019:3046</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3050">https://access.redhat.com/errata/RHSA-2019:3050</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3149">https://access.redhat.com/errata/RHSA-2019:3149</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3200">https://access.redhat.com/errata/RHSA-2019:3200</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3292">https://access.redhat.com/errata/RHSA-2019:3292</a><br><a href="https://access.redhat.com/errata/RHSA-2019:3297">https://access.redhat.com/errata/RHSA-2019:3297</a><br><a href="https://access.redhat.com/security/cve/CVE-2019-12814">https://access.redhat.com/security/cve/CVE-2019-12814</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12814">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12814</a><br><a href="https://github.com/FasterXML/jackson-databind/commit/5f7c69bba07a7155adde130d9dee2e54a54f1fa5">https://github.com/FasterXML/jackson-databind/commit/5f7c69bba07a7155adde130d9dee2e54a54f1fa5</a><br><a href="https://github.com/FasterXML/jackson-databind/issues/2341">https://github.com/FasterXML/jackson-databind/issues/2341</a><br><a href="https://github.com/advisories/GHSA-cmfg-87vq-g5g4">https://github.com/advisories/GHSA-cmfg-87vq-g5g4</a><br><a href="https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/129da0204c876f746636018751a086cc581e0e07bcdeb3ee22ff5731@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/129da0204c876f746636018751a086cc581e0e07bcdeb3ee22ff5731@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/15a55e1d837fa686db493137cc0330c7ee1089ed9a9eea7ae7151ef1@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/15a55e1d837fa686db493137cc0330c7ee1089ed9a9eea7ae7151ef1@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/1e04d9381c801b31ab28dec813c31c304b2a596b2a3707fa5462c5c0@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/1e04d9381c801b31ab28dec813c31c304b2a596b2a3707fa5462c5c0@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/28be28ffd6471d230943a255c36fe196a54ef5afc494a4781d16e37c@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/28be28ffd6471d230943a255c36fe196a54ef5afc494a4781d16e37c@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E">https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/2ff264b6a94c5363a35c4c88fa93216f60ec54d1d973ed6b76a9f560@%3Cissues.zookeeper
| com.github.junrar:junrar | CVE-2022-23596 | HIGH | 3.0.1-Ubooquity | 7.4.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-23596">https://access.redhat.com/security/cve/CVE-2022-23596</a><br><a href="https://github.com/advisories/GHSA-m6cj-93v6-cvr5">https://github.com/advisories/GHSA-m6cj-93v6-cvr5</a><br><a href="https://github.com/junrar/junrar/commit/7b16b3d90b91445fd6af0adfed22c07413d4fab7">https://github.com/junrar/junrar/commit/7b16b3d90b91445fd6af0adfed22c07413d4fab7</a><br><a href="https://github.com/junrar/junrar/issues/73">https://github.com/junrar/junrar/issues/73</a><br><a href="https://github.com/junrar/junrar/security/advisories/GHSA-m6cj-93v6-cvr5">https://github.com/junrar/junrar/security/advisories/GHSA-m6cj-93v6-cvr5</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-23596">https://nvd.nist.gov/vuln/detail/CVE-2022-23596</a><br></details> |
| com.h2database:h2 | CVE-2021-23463 | CRITICAL | 1.4.193 | 2.0.202 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-23463">https://access.redhat.com/security/cve/CVE-2021-23463</a><br><a href="https://github.com/advisories/GHSA-7rpj-hg47-cx62">https://github.com/advisories/GHSA-7rpj-hg47-cx62</a><br><a href="https://github.com/h2database/h2database/commit/d83285fd2e48fb075780ee95badee6f5a15ea7f8%23diff-008c2e4462609982199cd83e7cf6f1d6b41296b516783f6752c44b9f15dc7bc3">https://github.com/h2database/h2database/commit/d83285fd2e48fb075780ee95badee6f5a15ea7f8%23diff-008c2e4462609982199cd83e7cf6f1d6b41296b516783f6752c44b9f15dc7bc3</a><br><a href="https://github.com/h2database/h2database/issues/3195">https://github.com/h2database/h2database/issues/3195</a><br><a href="https://github.com/h2database/h2database/pull/3199">https://github.com/h2database/h2database/pull/3199</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-23463">https://nvd.nist.gov/vuln/detail/CVE-2021-23463</a><br><a href="https://snyk.io/vuln/SNYK-JAVA-COMH2DATABASE-1769238">https://snyk.io/vuln/SNYK-JAVA-COMH2DATABASE-1769238</a><br></details> |
| com.h2database:h2 | CVE-2021-42392 | CRITICAL | 1.4.193 | 2.0.206 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-42392">https://access.redhat.com/security/cve/CVE-2021-42392</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42392">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42392</a><br><a href="https://github.com/advisories/GHSA-h376-j262-vhq6">https://github.com/advisories/GHSA-h376-j262-vhq6</a><br><a href="https://github.com/h2database/h2database/releases/tag/version-2.0.206">https://github.com/h2database/h2database/releases/tag/version-2.0.206</a><br><a href="https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6">https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6</a><br><a href="https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console/">https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console/</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html">https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-42392">https://nvd.nist.gov/vuln/detail/CVE-2021-42392</a><br><a href="https://security.netapp.com/advisory/ntap-20220119-0001/">https://security.netapp.com/advisory/ntap-20220119-0001/</a><br><a href="https://ubuntu.com/security/notices/USN-5365-1">https://ubuntu.com/security/notices/USN-5365-1</a><br><a href="https://www.debian.org/security/2022/dsa-5076">https://www.debian.org/security/2022/dsa-5076</a><br></details> |
| com.h2database:h2 | CVE-2022-23221 | CRITICAL | 1.4.193 | 2.1.210 | <details><summary>Expand...</summary><a href="http://packetstormsecurity.com/files/165676/H2-Database-Console-Remote-Code-Execution.html">http://packetstormsecurity.com/files/165676/H2-Database-Console-Remote-Code-Execution.html</a><br><a href="http://seclists.org/fulldisclosure/2022/Jan/39">http://seclists.org/fulldisclosure/2022/Jan/39</a><br><a href="https://access.redhat.com/security/cve/CVE-2022-23221">https://access.redhat.com/security/cve/CVE-2022-23221</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23221">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23221</a><br><a href="https://github.com/advisories/GHSA-45hx-wfhj-473x">https://github.com/advisories/GHSA-45hx-wfhj-473x</a><br><a href="https://github.com/h2database/h2database/releases/tag/version-2.1.210">https://github.com/h2database/h2database/releases/tag/version-2.1.210</a><br><a href="https://github.com/h2database/h2database/security/advisories">https://github.com/h2database/h2database/security/advisories</a><br><a href="https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html">https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-23221">https://nvd.nist.gov/vuln/detail/CVE-2022-23221</a><br><a href="https://twitter.com/d0nkey_man/status/1483824727936450564">https://twitter.com/d0nkey_man/status/1483824727936450564</a><br><a href="https://ubuntu.com/security/notices/USN-5365-1">https://ubuntu.com/security/notices/USN-5365-1</a><br><a href="https://www.debian.org/security/2022/dsa-5076">https://www.debian.org/security/2022/dsa-5076</a><br></details> |
| com.h2database:h2 | GMS-2022-7 | UNKNOWN | 1.4.193 | 2.0.206 | <details><summary>Expand...</summary><a href="https://github.com/advisories/GHSA-h376-j262-vhq6">https://github.com/advisories/GHSA-h376-j262-vhq6</a><br><a href="https://github.com/h2database/h2database/releases/tag/version-2.0.206">https://github.com/h2database/h2database/releases/tag/version-2.0.206</a><br><a href="https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6">https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6</a><br></details> |
| commons-io:commons-io | CVE-2021-29425 | MEDIUM | 2.5 | 2.7 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-29425">https://access.redhat.com/security/cve/CVE-2021-29425</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425</a><br><a href="https://github.com/advisories/GHSA-gwrp-pvrq-jmwv">https://github.com/advisories/GHSA-gwrp-pvrq-jmwv</a><br><a href="https://issues.apache.org/jira/browse/IO-556">https://issues.apache.org/jira/browse/IO-556</a><br><a href="https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E">https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E">https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19@%3Cdev.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e@%3Cpluto-scm.portals.apache.org%3E">https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e@%3Cpluto-scm.portals.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a@%3Cdev.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2@%3Ccommits.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2@%3Ccommits.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thre
| org.apache.commons:commons-compress | CVE-2021-35515 | HIGH | 1.13 | 1.21 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/07/13/1">http://www.openwall.com/lists/oss-security/2021/07/13/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-35515">https://access.redhat.com/security/cve/CVE-2021-35515</a><br><a href="https://commons.apache.org/proper/commons-compress/security-reports.html">https://commons.apache.org/proper/commons-compress/security-reports.html</a><br><a href="https://github.com/advisories/GHSA-7hfm-57qf-j43q">https://github.com/advisories/GHSA-7hfm-57qf-j43q</a><br><a href="https://lists.apache.org/thread.html/r19ebfd71770ec0617a9ea180e321ef927b3fefb4c81ec5d1902d20ab%40%3Cuser.commons.apache.org%3E">https://lists.apache.org/thread.html/r19ebfd71770ec0617a9ea180e321ef927b3fefb4c81ec5d1902d20ab%40%3Cuser.commons.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r67ef3c07fe3b8c1b02d48012149d280ad6da8e4cec253b527520fb2b@%3Cdev.poi.apache.org%3E">https://lists.apache.org/thread.html/r67ef3c07fe3b8c1b02d48012149d280ad6da8e4cec253b527520fb2b@%3Cdev.poi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9f54c0caa462267e0cc68b49f141e91432b36b23348d18c65bd0d040@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/r9f54c0caa462267e0cc68b49f141e91432b36b23348d18c65bd0d040@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rab292091eadd1ecc63c516e9541a7f241091cf2e652b8185a6059945@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/rab292091eadd1ecc63c516e9541a7f241091cf2e652b8185a6059945@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/racd0c0381c8404f298b226cd9db2eaae965b14c9c568224aa3f437ae@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/racd0c0381c8404f298b226cd9db2eaae965b14c9c568224aa3f437ae@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb064d705fdfa44b5dae4c366b369ef6597951083196321773b983e71@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/rb064d705fdfa44b5dae4c366b369ef6597951083196321773b983e71@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb6e1fa80d34e5ada45f72655d84bfd90db0ca44ef19236a49198c88c@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/rb6e1fa80d34e5ada45f72655d84bfd90db0ca44ef19236a49198c88c@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb7adf3e55359819e77230b4586521e5c6874ce5ed93384bdc14d6aee@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/rb7adf3e55359819e77230b4586521e5c6874ce5ed93384bdc14d6aee@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rba65ed5ddb0586f5b12598f55ec7db3633e7b7fede60466367fbf86a@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/rba65ed5ddb0586f5b12598f55ec7db3633e7b7fede60466367fbf86a@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rbaea15ddc5a7c0c6b66660f1d6403b28595e2561bb283eade7d7cd69@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/rbaea15ddc5a7c0c6b66660f1d6403b28595e2561bb283eade7d7cd69@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rbe91c512c5385181149ab087b6c909825d34299f5c491c6482a2ed57@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/rbe91c512c5385181149ab087b6c909825d34299f5c491c6482a2ed57@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd4332baaf6debd03d60deb7ec93bee49e5fdbe958cb6800dff7fb00e@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/rd4332baaf6debd03d60deb7ec93bee49e5fdbe958cb6800dff7fb00e@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf2f4d7940371a7c7c5b679f50e28fc7fcc82cd00
| org.apache.commons:commons-compress | CVE-2021-35516 | HIGH | 1.13 | 1.21 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/07/13/2">http://www.openwall.com/lists/oss-security/2021/07/13/2</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-35516">https://access.redhat.com/security/cve/CVE-2021-35516</a><br><a href="https://commons.apache.org/proper/commons-compress/security-reports.html">https://commons.apache.org/proper/commons-compress/security-reports.html</a><br><a href="https://github.com/advisories/GHSA-crv7-7245-f45f">https://github.com/advisories/GHSA-crv7-7245-f45f</a><br><a href="https://lists.apache.org/thread.html/r67ef3c07fe3b8c1b02d48012149d280ad6da8e4cec253b527520fb2b@%3Cdev.poi.apache.org%3E">https://lists.apache.org/thread.html/r67ef3c07fe3b8c1b02d48012149d280ad6da8e4cec253b527520fb2b@%3Cdev.poi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9f54c0caa462267e0cc68b49f141e91432b36b23348d18c65bd0d040@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/r9f54c0caa462267e0cc68b49f141e91432b36b23348d18c65bd0d040@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/racd0c0381c8404f298b226cd9db2eaae965b14c9c568224aa3f437ae@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/racd0c0381c8404f298b226cd9db2eaae965b14c9c568224aa3f437ae@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb064d705fdfa44b5dae4c366b369ef6597951083196321773b983e71@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/rb064d705fdfa44b5dae4c366b369ef6597951083196321773b983e71@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb6e1fa80d34e5ada45f72655d84bfd90db0ca44ef19236a49198c88c@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/rb6e1fa80d34e5ada45f72655d84bfd90db0ca44ef19236a49198c88c@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb7adf3e55359819e77230b4586521e5c6874ce5ed93384bdc14d6aee@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/rb7adf3e55359819e77230b4586521e5c6874ce5ed93384bdc14d6aee@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rba65ed5ddb0586f5b12598f55ec7db3633e7b7fede60466367fbf86a@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/rba65ed5ddb0586f5b12598f55ec7db3633e7b7fede60466367fbf86a@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd4332baaf6debd03d60deb7ec93bee49e5fdbe958cb6800dff7fb00e@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/rd4332baaf6debd03d60deb7ec93bee49e5fdbe958cb6800dff7fb00e@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf5b1016fb15b7118b9a5e16bb0b78cb4f1dfcf7821eb137ab5757c91@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/rf5b1016fb15b7118b9a5e16bb0b78cb4f1dfcf7821eb137ab5757c91@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf68442d67eb166f4b6cf0bbbe6c7f99098c12954f37332073c9822ca%40%3Cuser.commons.apache.org%3E">https://lists.apache.org/thread.html/rf68442d67eb166f4b6cf0bbbe6c7f99098c12954f37332073c9822ca%40%3Cuser.commons.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rfba19167efc785ad3561e7ef29f340d65ac8f0d897aed00e0731e742@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/rfba19167efc785ad3561e7ef29f340d65ac8f0d897aed00e0731e742@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-35516">https://nvd.nist.gov/vuln/detail/CVE-2021-35516</a><br><a href="https://security.netapp.com/advisory/ntap-20211022-0001/">https://security.netapp.com/advisory/ntap-20211022-0001/</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/se
| org.apache.commons:commons-compress | CVE-2021-35517 | HIGH | 1.13 | 1.21 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/07/13/3">http://www.openwall.com/lists/oss-security/2021/07/13/3</a><br><a href="http://www.openwall.com/lists/oss-security/2021/07/13/5">http://www.openwall.com/lists/oss-security/2021/07/13/5</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-35517">https://access.redhat.com/security/cve/CVE-2021-35517</a><br><a href="https://commons.apache.org/proper/commons-compress/security-reports.html">https://commons.apache.org/proper/commons-compress/security-reports.html</a><br><a href="https://github.com/advisories/GHSA-xqfj-vm6h-2x34">https://github.com/advisories/GHSA-xqfj-vm6h-2x34</a><br><a href="https://lists.apache.org/thread.html/r31f75743ac173b0a606f8ea6ea53f351f386c44e7bcf78ae04007c29@%3Cissues.flink.apache.org%3E">https://lists.apache.org/thread.html/r31f75743ac173b0a606f8ea6ea53f351f386c44e7bcf78ae04007c29@%3Cissues.flink.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r457b2ed564860996b20d938566fe8bd4bfb7c37be8e205448ccb5975@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/r457b2ed564860996b20d938566fe8bd4bfb7c37be8e205448ccb5975@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r54afdab05e01de970649c2d91a993f68a6b00cd73e6e34e16c832d46@%3Cuser.ant.apache.org%3E">https://lists.apache.org/thread.html/r54afdab05e01de970649c2d91a993f68a6b00cd73e6e34e16c832d46@%3Cuser.ant.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r605d906b710b95f1bbe0036a53ac6968f667f2c249b6fbabada9a940%40%3Cuser.commons.apache.org%3E">https://lists.apache.org/thread.html/r605d906b710b95f1bbe0036a53ac6968f667f2c249b6fbabada9a940%40%3Cuser.commons.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r67ef3c07fe3b8c1b02d48012149d280ad6da8e4cec253b527520fb2b@%3Cdev.poi.apache.org%3E">https://lists.apache.org/thread.html/r67ef3c07fe3b8c1b02d48012149d280ad6da8e4cec253b527520fb2b@%3Cdev.poi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9f54c0caa462267e0cc68b49f141e91432b36b23348d18c65bd0d040@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/r9f54c0caa462267e0cc68b49f141e91432b36b23348d18c65bd0d040@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra393ffdc7c90a4a37ea023946f390285693795013a642d80fba20203@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/ra393ffdc7c90a4a37ea023946f390285693795013a642d80fba20203@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/racd0c0381c8404f298b226cd9db2eaae965b14c9c568224aa3f437ae@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/racd0c0381c8404f298b226cd9db2eaae965b14c9c568224aa3f437ae@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb064d705fdfa44b5dae4c366b369ef6597951083196321773b983e71@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/rb064d705fdfa44b5dae4c366b369ef6597951083196321773b983e71@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb6e1fa80d34e5ada45f72655d84bfd90db0ca44ef19236a49198c88c@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/rb6e1fa80d34e5ada45f72655d84bfd90db0ca44ef19236a49198c88c@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb7adf3e55359819e77230b4586521e5c6874ce5ed93384bdc14d6aee@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/rb7adf3e55359819e77230b4586521e5c6874ce5ed93384bdc14d6aee@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rba65ed5ddb0586f5b12598f55ec7db3633e7b7fede60466367fbf86a@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/rba65ed5ddb0586f5b12598f55ec7db3633e7b7fede60466367fbf86a@%3Cnotifications.skywalking.apache.org%3E</a><br><a
| org.apache.commons:commons-compress | CVE-2021-36090 | HIGH | 1.13 | 1.21 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/07/13/4">http://www.openwall.com/lists/oss-security/2021/07/13/4</a><br><a href="http://www.openwall.com/lists/oss-security/2021/07/13/6">http://www.openwall.com/lists/oss-security/2021/07/13/6</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-36090">https://access.redhat.com/security/cve/CVE-2021-36090</a><br><a href="https://commons.apache.org/proper/commons-compress/security-reports.html">https://commons.apache.org/proper/commons-compress/security-reports.html</a><br><a href="https://github.com/advisories/GHSA-mc84-pj99-q6hh">https://github.com/advisories/GHSA-mc84-pj99-q6hh</a><br><a href="https://lists.apache.org/thread.html/r0e87177f8e78b4ee453cd4d3d8f4ddec6f10d2c27707dd71e12cafc9@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/r0e87177f8e78b4ee453cd4d3d8f4ddec6f10d2c27707dd71e12cafc9@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r25f4c44616045085bc3cf901bb7e68e445eee53d1966fc08998fc456@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/r25f4c44616045085bc3cf901bb7e68e445eee53d1966fc08998fc456@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3227b1287e5bd8db6523b862c22676b046ad8f4fc96433225f46a2bd@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/r3227b1287e5bd8db6523b862c22676b046ad8f4fc96433225f46a2bd@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4f03c5de923e3f2a8c316248681258125140514ef3307bfe1538e1ab@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/r4f03c5de923e3f2a8c316248681258125140514ef3307bfe1538e1ab@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r54049b66afbca766b6763c7531e9fe7a20293a112bcb65462a134949@%3Ccommits.drill.apache.org%3E">https://lists.apache.org/thread.html/r54049b66afbca766b6763c7531e9fe7a20293a112bcb65462a134949@%3Ccommits.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r67ef3c07fe3b8c1b02d48012149d280ad6da8e4cec253b527520fb2b@%3Cdev.poi.apache.org%3E">https://lists.apache.org/thread.html/r67ef3c07fe3b8c1b02d48012149d280ad6da8e4cec253b527520fb2b@%3Cdev.poi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r75ffc7a461e7e7ae77690fa75bd47bb71365c732e0fbcc44da4f8ff5@%3Cdev.tomcat.apache.org%3E">https://lists.apache.org/thread.html/r75ffc7a461e7e7ae77690fa75bd47bb71365c732e0fbcc44da4f8ff5@%3Cdev.tomcat.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9a23d4dbf4e34d498664080bff59f2893b855eb16dae33e4aa92fa53@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/r9a23d4dbf4e34d498664080bff59f2893b855eb16dae33e4aa92fa53@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9f54c0caa462267e0cc68b49f141e91432b36b23348d18c65bd0d040@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/r9f54c0caa462267e0cc68b49f141e91432b36b23348d18c65bd0d040@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rab292091eadd1ecc63c516e9541a7f241091cf2e652b8185a6059945@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/rab292091eadd1ecc63c516e9541a7f241091cf2e652b8185a6059945@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/racd0c0381c8404f298b226cd9db2eaae965b14c9c568224aa3f437ae@%3Cnotifications.skywalking.apache.org%3E">https://lists.apache.org/thread.html/racd0c0381c8404f298b226cd9db2eaae965b14c9c568224aa3f437ae@%3Cnotifications.skywalking.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb064d705fdfa44b5dae4c366b369ef6597951083196321773b983e71@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/rb064d705fdfa44b5dae4c366b369ef6597951083196321773b983e71@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rb5fa2ee61828fa2e42361b58468717e8490
| org.apache.commons:commons-compress | CVE-2018-11771 | MEDIUM | 1.13 | 1.18 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2018/08/16/2">http://www.openwall.com/lists/oss-security/2018/08/16/2</a><br><a href="http://www.securityfocus.com/bid/105139">http://www.securityfocus.com/bid/105139</a><br><a href="http://www.securitytracker.com/id/1041503">http://www.securitytracker.com/id/1041503</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-11771">https://access.redhat.com/security/cve/CVE-2018-11771</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11771">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11771</a><br><a href="https://github.com/advisories/GHSA-hrmr-f5m6-m9pq">https://github.com/advisories/GHSA-hrmr-f5m6-m9pq</a><br><a href="https://lists.apache.org/thread.html/0adb631517766e793e18a59723e2df08ced41eb9a57478f14781c9f7@%3Cdev.tinkerpop.apache.org%3E">https://lists.apache.org/thread.html/0adb631517766e793e18a59723e2df08ced41eb9a57478f14781c9f7@%3Cdev.tinkerpop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/3565494c263dfeb4dcb2a71cb24d09a1ca285cd6ac74edc025a3af8a@%3Ccommits.tinkerpop.apache.org%3E">https://lists.apache.org/thread.html/3565494c263dfeb4dcb2a71cb24d09a1ca285cd6ac74edc025a3af8a@%3Ccommits.tinkerpop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/35f60d6d0407c13c39411038ba1aca71d92595ed7041beff4d07f2ee@%3Ccommits.tinkerpop.apache.org%3E">https://lists.apache.org/thread.html/35f60d6d0407c13c39411038ba1aca71d92595ed7041beff4d07f2ee@%3Ccommits.tinkerpop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/6c79965066c30d4e330e04d911d3761db41b82c89ae38d9a6b37a6f1@%3Cdev.tinkerpop.apache.org%3E">https://lists.apache.org/thread.html/6c79965066c30d4e330e04d911d3761db41b82c89ae38d9a6b37a6f1@%3Cdev.tinkerpop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/714c6ac1b1b50f8557e7342903ef45f1538a7bc60a0b47d6e48c273d@%3Ccommits.tinkerpop.apache.org%3E">https://lists.apache.org/thread.html/714c6ac1b1b50f8557e7342903ef45f1538a7bc60a0b47d6e48c273d@%3Ccommits.tinkerpop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b8da751fc0ca949534cdf2744111da6bb0349d2798fac94b0a50f330@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/b8da751fc0ca949534cdf2744111da6bb0349d2798fac94b0a50f330@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b8ef29df0f1d55aa741170748352ae8e425c7b1d286b2f257711a2dd@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/b8ef29df0f1d55aa741170748352ae8e425c7b1d286b2f257711a2dd@%3Cdev.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b907e70bc422905d7962fd18f863f746bf7b4e7ed9da25c148580c61@%3Cnotifications.commons.apache.org%3E">https://lists.apache.org/thread.html/b907e70bc422905d7962fd18f863f746bf7b4e7ed9da25c148580c61@%3Cnotifications.commons.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/c7954dc1e8fafd7ca1449f078953b419ebf8936e087f235f3bd024be@%3Ccommits.tinkerpop.apache.org%3E">https://lists.apache.org/thread.html/c7954dc1e8fafd7ca1449f078953b419ebf8936e087f235f3bd024be@%3Ccommits.tinkerpop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/e3eae9e6fc021c4c22dda59a335d21c12eecab480b48115a2f098ef6@%3Ccommits.tinkerpop.apache.org%3E">https://lists.apache.org/thread.html/e3eae9e6fc021c4c22dda59a335d21c12eecab480b48115a2f098ef6@%3Ccommits.tinkerpop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/eeecc1669242b28a3777ae13c68b376b0148d589d3d8170340d61120@%3Cdev.tinkerpop.apache.org%3E">https://lists.apache.org/thread.html/eeecc1669242b28a3777ae13c68b376b0148d589d3d8170340d61120@%3Cdev.tinkerpop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f28052d04cb8dbaae39bfd3dc8438e58c2a8be306a3f381f4728d7c1@%3Ccommits.commons.apache.org%3E">https://lists.apache.org/thread.html/f28052d04cb8dbaae39bfd3dc8438e58c2a8be306a3f381f4728d7c1@%3Ccommits.commons.apache.org%3E</a><br><
| org.apache.commons:commons-compress | CVE-2018-1324 | MEDIUM | 1.13 | 1.16 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/103490">http://www.securityfocus.com/bid/103490</a><br><a href="http://www.securitytracker.com/id/1040549">http://www.securitytracker.com/id/1040549</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-1324">https://access.redhat.com/security/cve/CVE-2018-1324</a><br><a href="https://commons.apache.org/proper/commons-compress/security-reports.html">https://commons.apache.org/proper/commons-compress/security-reports.html</a><br><a href="https://github.com/advisories/GHSA-h436-432x-8fvx">https://github.com/advisories/GHSA-h436-432x-8fvx</a><br><a href="https://lists.apache.org/thread.html/1c7b6df6d1c5c8583518a0afa017782924918e4d6acfaf23ed5b2089@%3Cdev.commons.apache.org%3E">https://lists.apache.org/thread.html/1c7b6df6d1c5c8583518a0afa017782924918e4d6acfaf23ed5b2089@%3Cdev.commons.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/b8ef29df0f1d55aa741170748352ae8e425c7b1d286b2f257711a2dd@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/b8ef29df0f1d55aa741170748352ae8e425c7b1d286b2f257711a2dd@%3Cdev.creadur.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r5532dc8d5456b5151e8c286801e2e5769f5c04118b29c3b5d13ea387@%3Cissues.beam.apache.org%3E">https://lists.apache.org/thread.html/r5532dc8d5456b5151e8c286801e2e5769f5c04118b29c3b5d13ea387@%3Cissues.beam.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-1324">https://nvd.nist.gov/vuln/detail/CVE-2018-1324</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br></details> |
| org.apache.pdfbox:pdfbox | CVE-2018-11797 | MEDIUM | 2.0.6 | 1.8.16, 2.0.12 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-11797">https://access.redhat.com/security/cve/CVE-2018-11797</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11797">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11797</a><br><a href="https://github.com/advisories/GHSA-gx96-vgf7-hwfg">https://github.com/advisories/GHSA-gx96-vgf7-hwfg</a><br><a href="https://lists.apache.org/thread.html/645574bc50b886d39c20b4065d51ccb1cd5d3a6b4750a22edbb565eb@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/645574bc50b886d39c20b4065d51ccb1cd5d3a6b4750a22edbb565eb@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/a9760973a873522f4d4c0a99916ceb74f361d91006b663a0a418d34a@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/a9760973a873522f4d4c0a99916ceb74f361d91006b663a0a418d34a@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r54594251369e14c185da9662a5340a52afbbdf75d61c9c3a69c8f2e8@%3Cdev.pdfbox.apache.org%3E">https://lists.apache.org/thread.html/r54594251369e14c185da9662a5340a52afbbdf75d61c9c3a69c8f2e8@%3Cdev.pdfbox.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2018/10/msg00008.html">https://lists.debian.org/debian-lts-announce/2018/10/msg00008.html</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HKVPTJWZGUB4MH4AAOWMRJHRDBYFHGJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HKVPTJWZGUB4MH4AAOWMRJHRDBYFHGJ/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POPOGHJ5CVMUVCRQU7APBAN5IVZGZFDX/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POPOGHJ5CVMUVCRQU7APBAN5IVZGZFDX/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-11797">https://nvd.nist.gov/vuln/detail/CVE-2018-11797</a><br><a href="https://www.openwall.com/lists/oss-security/2018/10/05/4">https://www.openwall.com/lists/oss-security/2018/10/05/4</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2020.html">https://www.oracle.com/security-alerts/cpuapr2020.html</a><br></details> |
| org.apache.pdfbox:pdfbox | CVE-2018-8036 | MEDIUM | 2.0.6 | 1.8.15, 2.0.11 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2018/06/29/1">http://www.openwall.com/lists/oss-security/2018/06/29/1</a><br><a href="http://www.openwall.com/lists/oss-security/2018/06/29/2">http://www.openwall.com/lists/oss-security/2018/06/29/2</a><br><a href="https://access.redhat.com/errata/RHSA-2018:2669">https://access.redhat.com/errata/RHSA-2018:2669</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-8036">https://access.redhat.com/security/cve/CVE-2018-8036</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8036">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8036</a><br><a href="https://lists.apache.org/thread.html/9f62f742fd4fcd81654a9533b8a71349b064250840592bcd502dcfb6@%3Cusers.pdfbox.apache.org%3E">https://lists.apache.org/thread.html/9f62f742fd4fcd81654a9533b8a71349b064250840592bcd502dcfb6@%3Cusers.pdfbox.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540@%3Cdev.syncope.apache.org%3E">https://lists.apache.org/thread.html/r43491b25b2e5c368c34b106a82eff910a5cea3e90de82ad75cc16540@%3Cdev.syncope.apache.org%3E</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HKVPTJWZGUB4MH4AAOWMRJHRDBYFHGJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HKVPTJWZGUB4MH4AAOWMRJHRDBYFHGJ/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POPOGHJ5CVMUVCRQU7APBAN5IVZGZFDX/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POPOGHJ5CVMUVCRQU7APBAN5IVZGZFDX/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-8036">https://nvd.nist.gov/vuln/detail/CVE-2018-8036</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2020.html">https://www.oracle.com/security-alerts/cpuapr2020.html</a><br></details> |
| org.apache.pdfbox:pdfbox | CVE-2021-27807 | MEDIUM | 2.0.6 | 2.0.23 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/03/19/9">http://www.openwall.com/lists/oss-security/2021/03/19/9</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-27807">https://access.redhat.com/security/cve/CVE-2021-27807</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27807">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27807</a><br><a href="https://github.com/advisories/GHSA-2h3j-m7gr-25xj">https://github.com/advisories/GHSA-2h3j-m7gr-25xj</a><br><a href="https://github.com/apache/pdfbox/commit/5c5a837140fbb4ef78bb5ef9f29ad537c872c83e">https://github.com/apache/pdfbox/commit/5c5a837140fbb4ef78bb5ef9f29ad537c872c83e</a><br><a href="https://issues.apache.org/jira/browse/PDFBOX-4892">https://issues.apache.org/jira/browse/PDFBOX-4892</a><br><a href="https://lists.apache.org/thread.html/r043edc5dcf9199f7f882ed7906b41cb816753766e88b8792dbf319a9@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/r043edc5dcf9199f7f882ed7906b41cb816753766e88b8792dbf319a9@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1218e60c32829f76943ecaca79237120c2ec1ab266459d711a578b50@%3Cdev.pdfbox.apache.org%3E">https://lists.apache.org/thread.html/r1218e60c32829f76943ecaca79237120c2ec1ab266459d711a578b50@%3Cdev.pdfbox.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1d268642f8b52456ee8f876b888b8ed7a9e9568c7770789f3ded7f9e@%3Ccommits.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r1d268642f8b52456ee8f876b888b8ed7a9e9568c7770789f3ded7f9e@%3Ccommits.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4717f902f8bc36d47b3fa978552a25e4ed3ddc2fffb52b94fbc4ab36@%3Cusers.pdfbox.apache.org%3E">https://lists.apache.org/thread.html/r4717f902f8bc36d47b3fa978552a25e4ed3ddc2fffb52b94fbc4ab36@%3Cusers.pdfbox.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4cbc3f6981cd0a1a482531df9d44e4c42a7f63342a7ba78b7bff8a1b@%3Cnotifications.james.apache.org%3E">https://lists.apache.org/thread.html/r4cbc3f6981cd0a1a482531df9d44e4c42a7f63342a7ba78b7bff8a1b@%3Cnotifications.james.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r54594251369e14c185da9662a5340a52afbbdf75d61c9c3a69c8f2e8@%3Cdev.pdfbox.apache.org%3E">https://lists.apache.org/thread.html/r54594251369e14c185da9662a5340a52afbbdf75d61c9c3a69c8f2e8@%3Cdev.pdfbox.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r5c8e2125d18af184c80f7a986fbe47eaf0d30457cd450133adc235ac@%3Ccommits.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r5c8e2125d18af184c80f7a986fbe47eaf0d30457cd450133adc235ac@%3Ccommits.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r6e067a6d83ccb6892d0ff867bd216704f21fb0b6a854dea34be04f12@%3Cnotifications.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r6e067a6d83ccb6892d0ff867bd216704f21fb0b6a854dea34be04f12@%3Cnotifications.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r7ee634c21816c69ce829d0c41f35afa2a53a99bdd3c7cce8644fdc0e@%3Cnotifications.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r7ee634c21816c69ce829d0c41f35afa2a53a99bdd3c7cce8644fdc0e@%3Cnotifications.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r818058ff1e4b9f6bef4e5a2e74faff38cb3d3885c1e2db398bc55cfb%40%3Cusers.pdfbox.apache.org%3E">https://lists.apache.org/thread.html/r818058ff1e4b9f6bef4e5a2e74faff38cb3d3885c1e2db398bc55cfb%40%3Cusers.pdfbox.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r818058ff1e4b9f6bef4e5a2e74faff38cb3d3885c1e2db398bc55cfb@%3Cusers.pdfbox.apache.org%3E">https://lists.apache.org/thread.html/r818058ff1e4b9f6bef4e5a2e74faff38cb3d3885c1e2db398bc55cfb@%3Cusers.pdfbox.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9ffe179385637b0b5cbdabd0246118005b4b8232909d2d14cd68ccd3@%3Ccommits.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r9ffe179385637b0b
| org.apache.pdfbox:pdfbox | CVE-2021-27906 | MEDIUM | 2.0.6 | 2.0.23 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/03/19/10">http://www.openwall.com/lists/oss-security/2021/03/19/10</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-27906">https://access.redhat.com/security/cve/CVE-2021-27906</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27906">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27906</a><br><a href="https://github.com/advisories/GHSA-6vqp-h455-42mr">https://github.com/advisories/GHSA-6vqp-h455-42mr</a><br><a href="https://github.com/apache/pdfbox/commit/8c47be1011c11dc47300faecffd8ab32fba3646f">https://github.com/apache/pdfbox/commit/8c47be1011c11dc47300faecffd8ab32fba3646f</a><br><a href="https://issues.apache.org/jira/browse/PDFBOX-5112">https://issues.apache.org/jira/browse/PDFBOX-5112</a><br><a href="https://lists.apache.org/thread.html/r1218e60c32829f76943ecaca79237120c2ec1ab266459d711a578b50@%3Cdev.pdfbox.apache.org%3E">https://lists.apache.org/thread.html/r1218e60c32829f76943ecaca79237120c2ec1ab266459d711a578b50@%3Cdev.pdfbox.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1d268642f8b52456ee8f876b888b8ed7a9e9568c7770789f3ded7f9e@%3Ccommits.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r1d268642f8b52456ee8f876b888b8ed7a9e9568c7770789f3ded7f9e@%3Ccommits.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r4cbc3f6981cd0a1a482531df9d44e4c42a7f63342a7ba78b7bff8a1b@%3Cnotifications.james.apache.org%3E">https://lists.apache.org/thread.html/r4cbc3f6981cd0a1a482531df9d44e4c42a7f63342a7ba78b7bff8a1b@%3Cnotifications.james.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r54594251369e14c185da9662a5340a52afbbdf75d61c9c3a69c8f2e8@%3Cdev.pdfbox.apache.org%3E">https://lists.apache.org/thread.html/r54594251369e14c185da9662a5340a52afbbdf75d61c9c3a69c8f2e8@%3Cdev.pdfbox.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r5c8e2125d18af184c80f7a986fbe47eaf0d30457cd450133adc235ac@%3Ccommits.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r5c8e2125d18af184c80f7a986fbe47eaf0d30457cd450133adc235ac@%3Ccommits.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r64982b768c8a2220b07aaf813bd099a9863de0d13eb212fd4efe208f@%3Cusers.pdfbox.apache.org%3E">https://lists.apache.org/thread.html/r64982b768c8a2220b07aaf813bd099a9863de0d13eb212fd4efe208f@%3Cusers.pdfbox.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r6e067a6d83ccb6892d0ff867bd216704f21fb0b6a854dea34be04f12@%3Cnotifications.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r6e067a6d83ccb6892d0ff867bd216704f21fb0b6a854dea34be04f12@%3Cnotifications.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r7ee634c21816c69ce829d0c41f35afa2a53a99bdd3c7cce8644fdc0e@%3Cnotifications.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r7ee634c21816c69ce829d0c41f35afa2a53a99bdd3c7cce8644fdc0e@%3Cnotifications.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9ffe179385637b0b5cbdabd0246118005b4b8232909d2d14cd68ccd3@%3Ccommits.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r9ffe179385637b0b5cbdabd0246118005b4b8232909d2d14cd68ccd3@%3Ccommits.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/raa35746227f3f8d50fff1db9899524423a718f6f35cd39bd4769fa6c@%3Cnotifications.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/raa35746227f3f8d50fff1db9899524423a718f6f35cd39bd4769fa6c@%3Cnotifications.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rc69140d894c6a9c67a8097a25656cce59b46a5620c354ceba10543c3@%3Cnotifications.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/rc69140d894c6a9c67a8097a25656cce59b46a5620c354ceba10543c3@%3Cnotifications.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rdf78aef4793362e778e21e34328b0456e302bde4b7e74f229df0ee04@%3Cannounce.apache.org%3E">https://lists.apache.or
| org.apache.pdfbox:pdfbox | CVE-2021-31811 | MEDIUM | 2.0.6 | 2.0.24 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/06/12/2">http://www.openwall.com/lists/oss-security/2021/06/12/2</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-31811">https://access.redhat.com/security/cve/CVE-2021-31811</a><br><a href="https://github.com/advisories/GHSA-fg3j-q579-v8x4">https://github.com/advisories/GHSA-fg3j-q579-v8x4</a><br><a href="https://lists.apache.org/thread.html/r132e9dbbe0ebdc08b39583d8be0a575fdba573d60a42d940228bceff@%3Cnotifications.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r132e9dbbe0ebdc08b39583d8be0a575fdba573d60a42d940228bceff@%3Cnotifications.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r143fd8445e0e778f4a85187bd79438630b96b8040e9401751fdb8aea@%3Ccommits.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r143fd8445e0e778f4a85187bd79438630b96b8040e9401751fdb8aea@%3Ccommits.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r179cc3b6822c167702ab35fe36093d5da4c99af44238c8a754c6860f@%3Ccommits.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r179cc3b6822c167702ab35fe36093d5da4c99af44238c8a754c6860f@%3Ccommits.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2090789e4dcc2c87aacbd87d5f18e2d64dcb9f6eb7c47f5cf7d293cb@%3Cnotifications.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r2090789e4dcc2c87aacbd87d5f18e2d64dcb9f6eb7c47f5cf7d293cb@%3Cnotifications.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd4b6db6c3b8ab3c70f1c3bbd725a40920896453ffc2744ade6afd9fb@%3Cnotifications.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/rd4b6db6c3b8ab3c70f1c3bbd725a40920896453ffc2744ade6afd9fb@%3Cnotifications.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/re0cacd3fb337cdf8469853913ed2b4ddd8f8bfc52ff0ddbe61c1dfba@%3Ccommits.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/re0cacd3fb337cdf8469853913ed2b4ddd8f8bfc52ff0ddbe61c1dfba@%3Ccommits.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/re3bd16f0cc8f1fbda46b06a4b8241cd417f71402809baa81548fc20e%40%3Cusers.pdfbox.apache.org%3E">https://lists.apache.org/thread.html/re3bd16f0cc8f1fbda46b06a4b8241cd417f71402809baa81548fc20e%40%3Cusers.pdfbox.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/re3bd16f0cc8f1fbda46b06a4b8241cd417f71402809baa81548fc20e@%3Cusers.pdfbox.apache.org%3E">https://lists.apache.org/thread.html/re3bd16f0cc8f1fbda46b06a4b8241cd417f71402809baa81548fc20e@%3Cusers.pdfbox.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf937c2236e6c79cdb99f76a70690dd345e53dbe0707cb506a202e43e@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/rf937c2236e6c79cdb99f76a70690dd345e53dbe0707cb506a202e43e@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rfe26bcaba564deb505c32711ba68df7ec589797dcd96ff3389a8aaba@%3Cnotifications.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/rfe26bcaba564deb505c32711ba68df7ec589797dcd96ff3389a8aaba@%3Cnotifications.ofbiz.apache.org%3E</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7HHWJRFXZ3PTKLJCOM7WJEYZFKFWMNSV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7HHWJRFXZ3PTKLJCOM7WJEYZFKFWMNSV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDJKJQOMVFDFIDS27OQJXNOYHV2O273D/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDJKJQOMVFDFIDS27OQJXNOYHV2O273D/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-31811">https://nvd.nist.gov/vuln/detail/CVE-2021-31811</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.o
| org.apache.pdfbox:pdfbox | CVE-2021-31812 | MEDIUM | 2.0.6 | 2.0.24 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/06/12/1">http://www.openwall.com/lists/oss-security/2021/06/12/1</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-31812">https://access.redhat.com/security/cve/CVE-2021-31812</a><br><a href="https://github.com/advisories/GHSA-7grw-6pjh-jpc9">https://github.com/advisories/GHSA-7grw-6pjh-jpc9</a><br><a href="https://lists.apache.org/thread.html/r132e9dbbe0ebdc08b39583d8be0a575fdba573d60a42d940228bceff@%3Cnotifications.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r132e9dbbe0ebdc08b39583d8be0a575fdba573d60a42d940228bceff@%3Cnotifications.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r143fd8445e0e778f4a85187bd79438630b96b8040e9401751fdb8aea@%3Ccommits.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r143fd8445e0e778f4a85187bd79438630b96b8040e9401751fdb8aea@%3Ccommits.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r179cc3b6822c167702ab35fe36093d5da4c99af44238c8a754c6860f@%3Ccommits.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r179cc3b6822c167702ab35fe36093d5da4c99af44238c8a754c6860f@%3Ccommits.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2090789e4dcc2c87aacbd87d5f18e2d64dcb9f6eb7c47f5cf7d293cb@%3Cnotifications.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/r2090789e4dcc2c87aacbd87d5f18e2d64dcb9f6eb7c47f5cf7d293cb@%3Cnotifications.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra2ab0ce69ce8aaff0773b8c1036438387ce004c2afc6f066626e205e%40%3Cusers.pdfbox.apache.org%3E">https://lists.apache.org/thread.html/ra2ab0ce69ce8aaff0773b8c1036438387ce004c2afc6f066626e205e%40%3Cusers.pdfbox.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra2ab0ce69ce8aaff0773b8c1036438387ce004c2afc6f066626e205e@%3Cusers.pdfbox.apache.org%3E">https://lists.apache.org/thread.html/ra2ab0ce69ce8aaff0773b8c1036438387ce004c2afc6f066626e205e@%3Cusers.pdfbox.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rd4b6db6c3b8ab3c70f1c3bbd725a40920896453ffc2744ade6afd9fb@%3Cnotifications.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/rd4b6db6c3b8ab3c70f1c3bbd725a40920896453ffc2744ade6afd9fb@%3Cnotifications.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/re0cacd3fb337cdf8469853913ed2b4ddd8f8bfc52ff0ddbe61c1dfba@%3Ccommits.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/re0cacd3fb337cdf8469853913ed2b4ddd8f8bfc52ff0ddbe61c1dfba@%3Ccommits.ofbiz.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf251f6c358087107f8c23473468b279d59d50a75db6b4768165c78d3@%3Cannounce.apache.org%3E">https://lists.apache.org/thread.html/rf251f6c358087107f8c23473468b279d59d50a75db6b4768165c78d3@%3Cannounce.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rfe26bcaba564deb505c32711ba68df7ec589797dcd96ff3389a8aaba@%3Cnotifications.ofbiz.apache.org%3E">https://lists.apache.org/thread.html/rfe26bcaba564deb505c32711ba68df7ec589797dcd96ff3389a8aaba@%3Cnotifications.ofbiz.apache.org%3E</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7HHWJRFXZ3PTKLJCOM7WJEYZFKFWMNSV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7HHWJRFXZ3PTKLJCOM7WJEYZFKFWMNSV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDJKJQOMVFDFIDS27OQJXNOYHV2O273D/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDJKJQOMVFDFIDS27OQJXNOYHV2O273D/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-31812">https://nvd.nist.gov/vuln/detail/CVE-2021-31812</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.ora
| org.bouncycastle:bcprov-jdk15on | CVE-2020-15522 | MEDIUM | 1.53 | 1.66 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-15522">https://access.redhat.com/security/cve/CVE-2020-15522</a><br><a href="https://github.com/advisories/GHSA-6xx3-rg99-gc3p">https://github.com/advisories/GHSA-6xx3-rg99-gc3p</a><br><a href="https://github.com/bcgit/bc-csharp/wiki/CVE-2020-15522">https://github.com/bcgit/bc-csharp/wiki/CVE-2020-15522</a><br><a href="https://github.com/bcgit/bc-java/wiki/CVE-2020-15522">https://github.com/bcgit/bc-java/wiki/CVE-2020-15522</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-15522">https://nvd.nist.gov/vuln/detail/CVE-2020-15522</a><br><a href="https://security.netapp.com/advisory/ntap-20210622-0007/">https://security.netapp.com/advisory/ntap-20210622-0007/</a><br><a href="https://www.bouncycastle.org/releasenotes.html">https://www.bouncycastle.org/releasenotes.html</a><br></details> |
| org.eclipse.jetty:jetty-http | CVE-2020-27216 | HIGH | 9.4.0.v20161208 | 9.3.29.v20201019, 9.4.32.v20200930, 11.0.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-27216">https://access.redhat.com/security/cve/CVE-2020-27216</a><br><a href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=567921">https://bugs.eclipse.org/bugs/show_bug.cgi?id=567921</a><br><a href="https://cwe.mitre.org/data/definitions/378.html">https://cwe.mitre.org/data/definitions/378.html</a><br><a href="https://cwe.mitre.org/data/definitions/379.html">https://cwe.mitre.org/data/definitions/379.html</a><br><a href="https://github.com/advisories/GHSA-g3wg-6mcf-8jj6">https://github.com/advisories/GHSA-g3wg-6mcf-8jj6</a><br><a href="https://github.com/eclipse/jetty.project/issues/5451">https://github.com/eclipse/jetty.project/issues/5451</a><br><a href="https://github.com/eclipse/jetty.project/security/advisories/GHSA-g3wg-6mcf-8jj6">https://github.com/eclipse/jetty.project/security/advisories/GHSA-g3wg-6mcf-8jj6</a><br><a href="https://github.com/eclipse/jetty.project/security/advisories/GHSA-g3wg-6mcf-8jj6#advisory-comment-63053">https://github.com/eclipse/jetty.project/security/advisories/GHSA-g3wg-6mcf-8jj6#advisory-comment-63053</a><br><a href="https://github.com/github/codeql/pull/4473">https://github.com/github/codeql/pull/4473</a><br><a href="https://lists.apache.org/thread.html/r0259b14ae69b87821e27fed1f5333ea86018294fd31aab16b1fac84e@%3Cissues.beam.apache.org%3E">https://lists.apache.org/thread.html/r0259b14ae69b87821e27fed1f5333ea86018294fd31aab16b1fac84e@%3Cissues.beam.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r07525dc424ed69b3919618599e762f9ac03791490ca9d724f2241442@%3Cdev.felix.apache.org%3E">https://lists.apache.org/thread.html/r07525dc424ed69b3919618599e762f9ac03791490ca9d724f2241442@%3Cdev.felix.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r09b345099b4f88d2bed7f195a96145849243fb4e53661aa3bcf4c176@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r09b345099b4f88d2bed7f195a96145849243fb4e53661aa3bcf4c176@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0d7ad4f02c44d5d53a9ffcbca7ff4a8138241322da9c5c35b5429630@%3Cissues.beam.apache.org%3E">https://lists.apache.org/thread.html/r0d7ad4f02c44d5d53a9ffcbca7ff4a8138241322da9c5c35b5429630@%3Cissues.beam.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0d95e01f52667f44835c40f6dea72bb4397f33cd70a564ea74f3836d@%3Cissues.beam.apache.org%3E">https://lists.apache.org/thread.html/r0d95e01f52667f44835c40f6dea72bb4397f33cd70a564ea74f3836d@%3Cissues.beam.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0df8fe10fc36028cf6d0381ab66510917d0d68bc5ef7042001d03830@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r0df8fe10fc36028cf6d0381ab66510917d0d68bc5ef7042001d03830@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0e9efe032cc65433251ee6470c66c334d4e7db9101e24cf91a3961f2@%3Ccommits.directory.apache.org%3E">https://lists.apache.org/thread.html/r0e9efe032cc65433251ee6470c66c334d4e7db9101e24cf91a3961f2@%3Ccommits.directory.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0f5e9b93133ef3aaf31484bc3e15cc4b85f8af0fe4de2dacd9379d72@%3Cdev.felix.apache.org%3E">https://lists.apache.org/thread.html/r0f5e9b93133ef3aaf31484bc3e15cc4b85f8af0fe4de2dacd9379d72@%3Cdev.felix.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r100c5c7586a23a19fdb54d8a32e17cd0944bdaa46277b35c397056f6@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r100c5c7586a23a19fdb54d8a32e17cd0944bdaa46277b35c397056f6@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r171846414347ec5fed38241a9f8a009bd2c89d902154c6102b1fb39a@%3Cissues.beam.apache.org%3E">https://lists.apache.org/thread.html/r171846414347ec5fed38241a9f8a009bd2c89d902154c6102b1fb39a@%3Cissues.beam.apache.org%3E</a><br><a href=
| org.eclipse.jetty:jetty-http | CVE-2021-28165 | HIGH | 9.4.0.v20161208 | 9.4.39.v20210325, 10.0.2, 11.0.2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/04/20/3">http://www.openwall.com/lists/oss-security/2021/04/20/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-28165">https://access.redhat.com/security/cve/CVE-2021-28165</a><br><a href="https://github.com/advisories/GHSA-26vr-8j45-3r4w">https://github.com/advisories/GHSA-26vr-8j45-3r4w</a><br><a href="https://github.com/eclipse/jetty.project/security/advisories/GHSA-26vr-8j45-3r4w">https://github.com/eclipse/jetty.project/security/advisories/GHSA-26vr-8j45-3r4w</a><br><a href="https://lists.apache.org/thread.html/r002258611ed0c35b82b839d284b43db9dcdec120db8afc1c993137dc@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r002258611ed0c35b82b839d284b43db9dcdec120db8afc1c993137dc@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r03ca0b69db1e3e5f72fe484b71370d537cd711cbf334e2913332730a@%3Cissues.spark.apache.org%3E">https://lists.apache.org/thread.html/r03ca0b69db1e3e5f72fe484b71370d537cd711cbf334e2913332730a@%3Cissues.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r05db8e0ef01e1280cc7543575ae0fa1c2b4d06a8b928916ef65dd2ad@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r05db8e0ef01e1280cc7543575ae0fa1c2b4d06a8b928916ef65dd2ad@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r06d54a297cb8217c66e5190912a955fb870ba47da164002bf2baffe5@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r06d54a297cb8217c66e5190912a955fb870ba47da164002bf2baffe5@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r077b76cafb61520c14c87c4fc76419ed664002da0ddac5ad851ae7e7@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/r077b76cafb61520c14c87c4fc76419ed664002da0ddac5ad851ae7e7@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0841b06b48324cfc81325de3c05a92e53f997185f9d71ff47734d961@%3Cissues.solr.apache.org%3E">https://lists.apache.org/thread.html/r0841b06b48324cfc81325de3c05a92e53f997185f9d71ff47734d961@%3Cissues.solr.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0a241b0649beef90d422b42a26a2470d336e59e66970eafd54f9c3e2@%3Ccommits.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r0a241b0649beef90d422b42a26a2470d336e59e66970eafd54f9c3e2@%3Ccommits.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0a4797ba6ceea8074f47574a4f3cc11493d514c1fab8203ebd212add@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r0a4797ba6ceea8074f47574a4f3cc11493d514c1fab8203ebd212add@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0bf3aa065abd23960fc8bdc8090d6bc00d5e391cf94ec4e1f4537ae3@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/r0bf3aa065abd23960fc8bdc8090d6bc00d5e391cf94ec4e1f4537ae3@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0cd1a5e3f4ad4770b44f8aa96572fc09d5b35bec149c0cc247579c42@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r0cd1a5e3f4ad4770b44f8aa96572fc09d5b35bec149c0cc247579c42@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0f02034a33076fd7243cf3a8807d2766e373f5cb2e7fd0c9a78f97c4@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/r0f02034a33076fd7243cf3a8807d2766e373f5cb2e7fd0c9a78f97c4@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r111f1ce28b133a8090ca4f809a1bdf18a777426fc058dc3a16c39c66@%3Cissues.solr.apache.org%3E">https://lists.apache.org/thread.html/r111f1ce28b133a8090ca4f809a1bdf18a777426fc058dc3a16c39c66@%3Cissues.solr.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r17e26cf9a1e3cbc09522d15ece5d7c7a00cdced7641b92a22a783287@%3Cissues.zookeeper.apache.org%3E">https://li
| org.eclipse.jetty:jetty-http | CVE-2019-10241 | MEDIUM | 9.4.0.v20161208 | 9.2.27.v20190403, 9.3.26.v20190403, 9.4.16.v20190411 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-10241">https://access.redhat.com/security/cve/CVE-2019-10241</a><br><a href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=546121">https://bugs.eclipse.org/bugs/show_bug.cgi?id=546121</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10241">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10241</a><br><a href="https://github.com/advisories/GHSA-7vx9-xjhr-rw6h">https://github.com/advisories/GHSA-7vx9-xjhr-rw6h</a><br><a href="https://lists.apache.org/thread.html/01e004c3f7c7365863a27e7038b7f32dae56ccf3a496b277c9b7f7b6@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/01e004c3f7c7365863a27e7038b7f32dae56ccf3a496b277c9b7f7b6@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/464892b514c029dfc0c8656a93e1c0de983c473df70fdadbd224e09f@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/464892b514c029dfc0c8656a93e1c0de983c473df70fdadbd224e09f@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/8bff534863c7aaf09bb17c3d0532777258dd3a5c7ddda34198cc2742@%3Cdev.kafka.apache.org%3E">https://lists.apache.org/thread.html/8bff534863c7aaf09bb17c3d0532777258dd3a5c7ddda34198cc2742@%3Cdev.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcfb37bfba7b3d7e9c7808b5e5a38a98d6bb714d52cf5162bdd48e32@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/bcfb37bfba7b3d7e9c7808b5e5a38a98d6bb714d52cf5162bdd48e32@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/d7c4a664a34853f57c2163ab562f39802df5cf809523ea40c97289c1@%3Cdev.kafka.apache.org%3E">https://lists.apache.org/thread.html/d7c4a664a34853f57c2163ab562f39802df5cf809523ea40c97289c1@%3Cdev.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html">https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-10241">https://nvd.nist.gov/vuln/detail/CVE-2019-10241</a><br><a href="https://security.netapp.com/advisory/ntap-20190509-0003/">https://security.netapp.com/advisory/ntap-20190509-0003/</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a><br></details> |
| org.eclipse.jetty:jetty-http | CVE-2019-10247 | MEDIUM | 9.4.0.v20161208 | 9.2.28.v20190418, 9.3.27.v20190418, 9.4.17.v20190418 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-10247">https://access.redhat.com/security/cve/CVE-2019-10247</a><br><a href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=546577">https://bugs.eclipse.org/bugs/show_bug.cgi?id=546577</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10247">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10247</a><br><a href="https://github.com/advisories/GHSA-xc67-hjx6-cgg6">https://github.com/advisories/GHSA-xc67-hjx6-cgg6</a><br><a href="https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html">https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-10247">https://nvd.nist.gov/vuln/detail/CVE-2019-10247</a><br><a href="https://security.netapp.com/advisory/ntap-20190509-0003/">https://security.netapp.com/advisory/ntap-20190509-0003/</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2020.html">https://www.oracle.com/security-alerts/cpuapr2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a><br></details> |
| org.eclipse.jetty:jetty-io | CVE-2021-28165 | HIGH | 9.4.0.v20161208 | 9.4.39.v20210325, 10.0.2, 11.0.2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/04/20/3">http://www.openwall.com/lists/oss-security/2021/04/20/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-28165">https://access.redhat.com/security/cve/CVE-2021-28165</a><br><a href="https://github.com/advisories/GHSA-26vr-8j45-3r4w">https://github.com/advisories/GHSA-26vr-8j45-3r4w</a><br><a href="https://github.com/eclipse/jetty.project/security/advisories/GHSA-26vr-8j45-3r4w">https://github.com/eclipse/jetty.project/security/advisories/GHSA-26vr-8j45-3r4w</a><br><a href="https://lists.apache.org/thread.html/r002258611ed0c35b82b839d284b43db9dcdec120db8afc1c993137dc@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r002258611ed0c35b82b839d284b43db9dcdec120db8afc1c993137dc@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r03ca0b69db1e3e5f72fe484b71370d537cd711cbf334e2913332730a@%3Cissues.spark.apache.org%3E">https://lists.apache.org/thread.html/r03ca0b69db1e3e5f72fe484b71370d537cd711cbf334e2913332730a@%3Cissues.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r05db8e0ef01e1280cc7543575ae0fa1c2b4d06a8b928916ef65dd2ad@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r05db8e0ef01e1280cc7543575ae0fa1c2b4d06a8b928916ef65dd2ad@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r06d54a297cb8217c66e5190912a955fb870ba47da164002bf2baffe5@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r06d54a297cb8217c66e5190912a955fb870ba47da164002bf2baffe5@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r077b76cafb61520c14c87c4fc76419ed664002da0ddac5ad851ae7e7@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/r077b76cafb61520c14c87c4fc76419ed664002da0ddac5ad851ae7e7@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0841b06b48324cfc81325de3c05a92e53f997185f9d71ff47734d961@%3Cissues.solr.apache.org%3E">https://lists.apache.org/thread.html/r0841b06b48324cfc81325de3c05a92e53f997185f9d71ff47734d961@%3Cissues.solr.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0a241b0649beef90d422b42a26a2470d336e59e66970eafd54f9c3e2@%3Ccommits.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r0a241b0649beef90d422b42a26a2470d336e59e66970eafd54f9c3e2@%3Ccommits.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0a4797ba6ceea8074f47574a4f3cc11493d514c1fab8203ebd212add@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r0a4797ba6ceea8074f47574a4f3cc11493d514c1fab8203ebd212add@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0bf3aa065abd23960fc8bdc8090d6bc00d5e391cf94ec4e1f4537ae3@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/r0bf3aa065abd23960fc8bdc8090d6bc00d5e391cf94ec4e1f4537ae3@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0cd1a5e3f4ad4770b44f8aa96572fc09d5b35bec149c0cc247579c42@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r0cd1a5e3f4ad4770b44f8aa96572fc09d5b35bec149c0cc247579c42@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0f02034a33076fd7243cf3a8807d2766e373f5cb2e7fd0c9a78f97c4@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/r0f02034a33076fd7243cf3a8807d2766e373f5cb2e7fd0c9a78f97c4@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r111f1ce28b133a8090ca4f809a1bdf18a777426fc058dc3a16c39c66@%3Cissues.solr.apache.org%3E">https://lists.apache.org/thread.html/r111f1ce28b133a8090ca4f809a1bdf18a777426fc058dc3a16c39c66@%3Cissues.solr.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r17e26cf9a1e3cbc09522d15ece5d7c7a00cdced7641b92a22a783287@%3Cissues.zookeeper.apache.org%3E">https://list
| org.eclipse.jetty:jetty-server | CVE-2017-7658 | CRITICAL | 9.4.0.v20161208 | 9.2.26.v20180806, 9.3.24.v20180605, 9.4.11.v20180605 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/106566">http://www.securityfocus.com/bid/106566</a><br><a href="http://www.securitytracker.com/id/1041194">http://www.securitytracker.com/id/1041194</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-7658">https://access.redhat.com/security/cve/CVE-2017-7658</a><br><a href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=535669">https://bugs.eclipse.org/bugs/show_bug.cgi?id=535669</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658</a><br><a href="https://github.com/advisories/GHSA-6x9x-8qw9-9pp6">https://github.com/advisories/GHSA-6x9x-8qw9-9pp6</a><br><a href="https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E">https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574@%3Ccommits.druid.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-7658">https://nvd.nist.gov/vuln/detail/CVE-2017-7658</a><br><a href="https://security.netapp.com/advisory/ntap-20181014-0001/">https://security.netapp.com/advisory/ntap-20181014-0001/</a><br><a href="https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbst03953en_us">https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbst03953en_us</a><br><a href="https://www.debian.org/security/2018/dsa-4278">https://www.debian.org/security/2018/dsa-4278</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html">https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a><br></details> |
| org.eclipse.jetty:jetty-server | CVE-2017-7656 | HIGH | 9.4.0.v20161208 | 9.2.26.v20180806, 9.3.24.v20180605, 9.4.11.v20180605 | <details><summary>Expand...</summary><a href="http://www.securitytracker.com/id/1041194">http://www.securitytracker.com/id/1041194</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-7656">https://access.redhat.com/security/cve/CVE-2017-7656</a><br><a href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=535667">https://bugs.eclipse.org/bugs/show_bug.cgi?id=535667</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7656">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7656</a><br><a href="https://github.com/advisories/GHSA-84q7-p226-4x5w">https://github.com/advisories/GHSA-84q7-p226-4x5w</a><br><a href="https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E">https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rbf4565a0b63f9c8b07fab29352a97bbffe76ecafed8b8555c15b83c6@%3Cissues.maven.apache.org%3E">https://lists.apache.org/thread.html/rbf4565a0b63f9c8b07fab29352a97bbffe76ecafed8b8555c15b83c6@%3Cissues.maven.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-7656">https://nvd.nist.gov/vuln/detail/CVE-2017-7656</a><br><a href="https://security.netapp.com/advisory/ntap-20181014-0001/">https://security.netapp.com/advisory/ntap-20181014-0001/</a><br><a href="https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbst03953en_us">https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbst03953en_us</a><br><a href="https://www.debian.org/security/2018/dsa-4278">https://www.debian.org/security/2018/dsa-4278</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a><br></details> |
| org.eclipse.jetty:jetty-server | CVE-2017-9735 | HIGH | 9.4.0.v20161208 | 9.4.6.v20170531, 9.4.6.v20170531, 9.4.6.v20170531, 9.2.22.v20170606 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/99104">http://www.securityfocus.com/bid/99104</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-9735">https://access.redhat.com/security/cve/CVE-2017-9735</a><br><a href="https://bugs.debian.org/864631">https://bugs.debian.org/864631</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9735">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9735</a><br><a href="https://github.com/advisories/GHSA-wfcc-pff6-rgc5">https://github.com/advisories/GHSA-wfcc-pff6-rgc5</a><br><a href="https://github.com/eclipse/jetty.project/commit/042f325f1cd6e7891d72c7e668f5947b5457dc02">https://github.com/eclipse/jetty.project/commit/042f325f1cd6e7891d72c7e668f5947b5457dc02</a><br><a href="https://github.com/eclipse/jetty.project/commit/2baa1abe4b1c380a30deacca1ed367466a1a62ea">https://github.com/eclipse/jetty.project/commit/2baa1abe4b1c380a30deacca1ed367466a1a62ea</a><br><a href="https://github.com/eclipse/jetty.project/commit/f3751d70787fd8ab93932a51c60514c2eb37cb58">https://github.com/eclipse/jetty.project/commit/f3751d70787fd8ab93932a51c60514c2eb37cb58</a><br><a href="https://github.com/eclipse/jetty.project/issues/1556">https://github.com/eclipse/jetty.project/issues/1556</a><br><a href="https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/36870f6c51f5bc25e6f7bb1fcace0e57e81f1524019b11f466738559@%3Ccommon-dev.hadoop.apache.org%3E">https://lists.apache.org/thread.html/36870f6c51f5bc25e6f7bb1fcace0e57e81f1524019b11f466738559@%3Ccommon-dev.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f887a5978f5e4c62b9cfe876336628385cff429e796962649649ec8a@%3Ccommon-issues.hadoop.apache.org%3E">https://lists.apache.org/thread.html/f887a5978f5e4c62b9cfe876336628385cff429e796962649649ec8a@%3Ccommon-issues.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html">https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-9735">https://nvd.nist.gov/vuln/detail/CVE-2017-9735</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a><br></details> |
| org.eclipse.jetty:jetty-server | CVE-2018-12538 | HIGH | 9.4.0.v20161208 | 9.4.8.v20180619 | <details><summary>Expand...</summary><a href="http://www.securitytracker.com/id/1041194">http://www.securitytracker.com/id/1041194</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-12538">https://access.redhat.com/security/cve/CVE-2018-12538</a><br><a href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=536018">https://bugs.eclipse.org/bugs/show_bug.cgi?id=536018</a><br><a href="https://github.com/advisories/GHSA-mwcx-532g-8pq3">https://github.com/advisories/GHSA-mwcx-532g-8pq3</a><br><a href="https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E">https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-12538">https://nvd.nist.gov/vuln/detail/CVE-2018-12538</a><br><a href="https://security.netapp.com/advisory/ntap-20181014-0001/">https://security.netapp.com/advisory/ntap-20181014-0001/</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a><br></details> |
| org.eclipse.jetty:jetty-server | CVE-2018-12545 | HIGH | 9.4.0.v20161208 | 9.4.13.v20181111 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2018-12545">https://access.redhat.com/security/cve/CVE-2018-12545</a><br><a href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=538096">https://bugs.eclipse.org/bugs/show_bug.cgi?id=538096</a><br><a href="https://github.com/advisories/GHSA-h2f4-v4c4-6wx4">https://github.com/advisories/GHSA-h2f4-v4c4-6wx4</a><br><a href="https://lists.apache.org/thread.html/13f5241048ec0bf966a6ddd306feaf40de5b20e1f09096b9cddeddf2@%3Ccommits.accumulo.apache.org%3E">https://lists.apache.org/thread.html/13f5241048ec0bf966a6ddd306feaf40de5b20e1f09096b9cddeddf2@%3Ccommits.accumulo.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/70744fe4faba8e2fa7e50a7fc794dd03cb28dad8b21e08ee59bb1606@%3Cdevnull.infra.apache.org%3E">https://lists.apache.org/thread.html/70744fe4faba8e2fa7e50a7fc794dd03cb28dad8b21e08ee59bb1606@%3Cdevnull.infra.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E">https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/febc94ffec9275dcda64633e0276a1400cd318e571009e4cda9b7a79@%3Cnotifications.accumulo.apache.org%3E">https://lists.apache.org/thread.html/febc94ffec9275dcda64633e0276a1400cd318e571009e4cda9b7a79@%3Cnotifications.accumulo.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIS4LALKZNLF5X5IGNGRSKERG7FY4QG6/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CIS4LALKZNLF5X5IGNGRSKERG7FY4QG6/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-12545">https://nvd.nist.gov/vuln/detail/CVE-2018-12545</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a><br></details> |
| org.eclipse.jetty:jetty-server | CVE-2020-27216 | HIGH | 9.4.0.v20161208 | 9.3.29.v20201019, 9.4.32.v20200930, 11.0.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-27216">https://access.redhat.com/security/cve/CVE-2020-27216</a><br><a href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=567921">https://bugs.eclipse.org/bugs/show_bug.cgi?id=567921</a><br><a href="https://cwe.mitre.org/data/definitions/378.html">https://cwe.mitre.org/data/definitions/378.html</a><br><a href="https://cwe.mitre.org/data/definitions/379.html">https://cwe.mitre.org/data/definitions/379.html</a><br><a href="https://github.com/advisories/GHSA-g3wg-6mcf-8jj6">https://github.com/advisories/GHSA-g3wg-6mcf-8jj6</a><br><a href="https://github.com/eclipse/jetty.project/issues/5451">https://github.com/eclipse/jetty.project/issues/5451</a><br><a href="https://github.com/eclipse/jetty.project/security/advisories/GHSA-g3wg-6mcf-8jj6">https://github.com/eclipse/jetty.project/security/advisories/GHSA-g3wg-6mcf-8jj6</a><br><a href="https://github.com/eclipse/jetty.project/security/advisories/GHSA-g3wg-6mcf-8jj6#advisory-comment-63053">https://github.com/eclipse/jetty.project/security/advisories/GHSA-g3wg-6mcf-8jj6#advisory-comment-63053</a><br><a href="https://github.com/github/codeql/pull/4473">https://github.com/github/codeql/pull/4473</a><br><a href="https://lists.apache.org/thread.html/r0259b14ae69b87821e27fed1f5333ea86018294fd31aab16b1fac84e@%3Cissues.beam.apache.org%3E">https://lists.apache.org/thread.html/r0259b14ae69b87821e27fed1f5333ea86018294fd31aab16b1fac84e@%3Cissues.beam.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r07525dc424ed69b3919618599e762f9ac03791490ca9d724f2241442@%3Cdev.felix.apache.org%3E">https://lists.apache.org/thread.html/r07525dc424ed69b3919618599e762f9ac03791490ca9d724f2241442@%3Cdev.felix.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r09b345099b4f88d2bed7f195a96145849243fb4e53661aa3bcf4c176@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r09b345099b4f88d2bed7f195a96145849243fb4e53661aa3bcf4c176@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0d7ad4f02c44d5d53a9ffcbca7ff4a8138241322da9c5c35b5429630@%3Cissues.beam.apache.org%3E">https://lists.apache.org/thread.html/r0d7ad4f02c44d5d53a9ffcbca7ff4a8138241322da9c5c35b5429630@%3Cissues.beam.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0d95e01f52667f44835c40f6dea72bb4397f33cd70a564ea74f3836d@%3Cissues.beam.apache.org%3E">https://lists.apache.org/thread.html/r0d95e01f52667f44835c40f6dea72bb4397f33cd70a564ea74f3836d@%3Cissues.beam.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0df8fe10fc36028cf6d0381ab66510917d0d68bc5ef7042001d03830@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r0df8fe10fc36028cf6d0381ab66510917d0d68bc5ef7042001d03830@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0e9efe032cc65433251ee6470c66c334d4e7db9101e24cf91a3961f2@%3Ccommits.directory.apache.org%3E">https://lists.apache.org/thread.html/r0e9efe032cc65433251ee6470c66c334d4e7db9101e24cf91a3961f2@%3Ccommits.directory.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0f5e9b93133ef3aaf31484bc3e15cc4b85f8af0fe4de2dacd9379d72@%3Cdev.felix.apache.org%3E">https://lists.apache.org/thread.html/r0f5e9b93133ef3aaf31484bc3e15cc4b85f8af0fe4de2dacd9379d72@%3Cdev.felix.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r100c5c7586a23a19fdb54d8a32e17cd0944bdaa46277b35c397056f6@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r100c5c7586a23a19fdb54d8a32e17cd0944bdaa46277b35c397056f6@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r171846414347ec5fed38241a9f8a009bd2c89d902154c6102b1fb39a@%3Cissues.beam.apache.org%3E">https://lists.apache.org/thread.html/r171846414347ec5fed38241a9f8a009bd2c89d902154c6102b1fb39a@%3Cissues.beam.apache.org%3E</a><br><a hre
| org.eclipse.jetty:jetty-server | CVE-2021-28165 | HIGH | 9.4.0.v20161208 | 9.4.39.v20210325, 10.0.2, 11.0.2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/04/20/3">http://www.openwall.com/lists/oss-security/2021/04/20/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-28165">https://access.redhat.com/security/cve/CVE-2021-28165</a><br><a href="https://github.com/advisories/GHSA-26vr-8j45-3r4w">https://github.com/advisories/GHSA-26vr-8j45-3r4w</a><br><a href="https://github.com/eclipse/jetty.project/security/advisories/GHSA-26vr-8j45-3r4w">https://github.com/eclipse/jetty.project/security/advisories/GHSA-26vr-8j45-3r4w</a><br><a href="https://lists.apache.org/thread.html/r002258611ed0c35b82b839d284b43db9dcdec120db8afc1c993137dc@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r002258611ed0c35b82b839d284b43db9dcdec120db8afc1c993137dc@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r03ca0b69db1e3e5f72fe484b71370d537cd711cbf334e2913332730a@%3Cissues.spark.apache.org%3E">https://lists.apache.org/thread.html/r03ca0b69db1e3e5f72fe484b71370d537cd711cbf334e2913332730a@%3Cissues.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r05db8e0ef01e1280cc7543575ae0fa1c2b4d06a8b928916ef65dd2ad@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r05db8e0ef01e1280cc7543575ae0fa1c2b4d06a8b928916ef65dd2ad@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r06d54a297cb8217c66e5190912a955fb870ba47da164002bf2baffe5@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r06d54a297cb8217c66e5190912a955fb870ba47da164002bf2baffe5@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r077b76cafb61520c14c87c4fc76419ed664002da0ddac5ad851ae7e7@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/r077b76cafb61520c14c87c4fc76419ed664002da0ddac5ad851ae7e7@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0841b06b48324cfc81325de3c05a92e53f997185f9d71ff47734d961@%3Cissues.solr.apache.org%3E">https://lists.apache.org/thread.html/r0841b06b48324cfc81325de3c05a92e53f997185f9d71ff47734d961@%3Cissues.solr.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0a241b0649beef90d422b42a26a2470d336e59e66970eafd54f9c3e2@%3Ccommits.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r0a241b0649beef90d422b42a26a2470d336e59e66970eafd54f9c3e2@%3Ccommits.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0a4797ba6ceea8074f47574a4f3cc11493d514c1fab8203ebd212add@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r0a4797ba6ceea8074f47574a4f3cc11493d514c1fab8203ebd212add@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0bf3aa065abd23960fc8bdc8090d6bc00d5e391cf94ec4e1f4537ae3@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/r0bf3aa065abd23960fc8bdc8090d6bc00d5e391cf94ec4e1f4537ae3@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0cd1a5e3f4ad4770b44f8aa96572fc09d5b35bec149c0cc247579c42@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r0cd1a5e3f4ad4770b44f8aa96572fc09d5b35bec149c0cc247579c42@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0f02034a33076fd7243cf3a8807d2766e373f5cb2e7fd0c9a78f97c4@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/r0f02034a33076fd7243cf3a8807d2766e373f5cb2e7fd0c9a78f97c4@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r111f1ce28b133a8090ca4f809a1bdf18a777426fc058dc3a16c39c66@%3Cissues.solr.apache.org%3E">https://lists.apache.org/thread.html/r111f1ce28b133a8090ca4f809a1bdf18a777426fc058dc3a16c39c66@%3Cissues.solr.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r17e26cf9a1e3cbc09522d15ece5d7c7a00cdced7641b92a22a783287@%3Cissues.zookeeper.apache.org%3E">https://
| org.eclipse.jetty:jetty-server | CVE-2018-12536 | MEDIUM | 9.4.0.v20161208 | 9.2.27.v20190403, 9.3.24.v20180605, 9.4.11.v20180605 | <details><summary>Expand...</summary><a href="http://www.securitytracker.com/id/1041194">http://www.securitytracker.com/id/1041194</a><br><a href="https://access.redhat.com/security/cve/CVE-2018-12536">https://access.redhat.com/security/cve/CVE-2018-12536</a><br><a href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=535670">https://bugs.eclipse.org/bugs/show_bug.cgi?id=535670</a><br><a href="https://github.com/advisories/GHSA-9rgv-h7x4-qw8g">https://github.com/advisories/GHSA-9rgv-h7x4-qw8g</a><br><a href="https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html">https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2018-12536">https://nvd.nist.gov/vuln/detail/CVE-2018-12536</a><br><a href="https://security.netapp.com/advisory/ntap-20181014-0001/">https://security.netapp.com/advisory/ntap-20181014-0001/</a><br><a href="https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbst03953en_us">https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbst03953en_us</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a><br></details> |
| org.eclipse.jetty:jetty-server | CVE-2019-10241 | MEDIUM | 9.4.0.v20161208 | 9.2.27.v20190403, 9.3.26.v20190403, 9.4.16.v20190411 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-10241">https://access.redhat.com/security/cve/CVE-2019-10241</a><br><a href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=546121">https://bugs.eclipse.org/bugs/show_bug.cgi?id=546121</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10241">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10241</a><br><a href="https://github.com/advisories/GHSA-7vx9-xjhr-rw6h">https://github.com/advisories/GHSA-7vx9-xjhr-rw6h</a><br><a href="https://lists.apache.org/thread.html/01e004c3f7c7365863a27e7038b7f32dae56ccf3a496b277c9b7f7b6@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/01e004c3f7c7365863a27e7038b7f32dae56ccf3a496b277c9b7f7b6@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/464892b514c029dfc0c8656a93e1c0de983c473df70fdadbd224e09f@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/464892b514c029dfc0c8656a93e1c0de983c473df70fdadbd224e09f@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/8bff534863c7aaf09bb17c3d0532777258dd3a5c7ddda34198cc2742@%3Cdev.kafka.apache.org%3E">https://lists.apache.org/thread.html/8bff534863c7aaf09bb17c3d0532777258dd3a5c7ddda34198cc2742@%3Cdev.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcfb37bfba7b3d7e9c7808b5e5a38a98d6bb714d52cf5162bdd48e32@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/bcfb37bfba7b3d7e9c7808b5e5a38a98d6bb714d52cf5162bdd48e32@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/d7c4a664a34853f57c2163ab562f39802df5cf809523ea40c97289c1@%3Cdev.kafka.apache.org%3E">https://lists.apache.org/thread.html/d7c4a664a34853f57c2163ab562f39802df5cf809523ea40c97289c1@%3Cdev.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html">https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-10241">https://nvd.nist.gov/vuln/detail/CVE-2019-10241</a><br><a href="https://security.netapp.com/advisory/ntap-20190509-0003/">https://security.netapp.com/advisory/ntap-20190509-0003/</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a><br></details> |
| org.eclipse.jetty:jetty-server | CVE-2019-10247 | MEDIUM | 9.4.0.v20161208 | 9.2.28.v20190418, 9.3.27.v20190418, 9.4.17.v20190418 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2019-10247">https://access.redhat.com/security/cve/CVE-2019-10247</a><br><a href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=546577">https://bugs.eclipse.org/bugs/show_bug.cgi?id=546577</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10247">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10247</a><br><a href="https://github.com/advisories/GHSA-xc67-hjx6-cgg6">https://github.com/advisories/GHSA-xc67-hjx6-cgg6</a><br><a href="https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E">https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html">https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2019-10247">https://nvd.nist.gov/vuln/detail/CVE-2019-10247</a><br><a href="https://security.netapp.com/advisory/ntap-20190509-0003/">https://security.netapp.com/advisory/ntap-20190509-0003/</a><br><a href="https://www.oracle.com/security-alerts/cpuApr2021.html">https://www.oracle.com/security-alerts/cpuApr2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuapr2020.html">https://www.oracle.com/security-alerts/cpuapr2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpujan2021.html">https://www.oracle.com/security-alerts/cpujan2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpujul2020.html">https://www.oracle.com/security-alerts/cpujul2020.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a><br></details> |
| org.eclipse.jetty:jetty-server | CVE-2020-27218 | MEDIUM | 9.4.0.v20161208 | 9.4.35.v20201120, 11.0.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-27218">https://access.redhat.com/security/cve/CVE-2020-27218</a><br><a href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=568892">https://bugs.eclipse.org/bugs/show_bug.cgi?id=568892</a><br><a href="https://github.com/advisories/GHSA-86wm-rrjm-8wh8">https://github.com/advisories/GHSA-86wm-rrjm-8wh8</a><br><a href="https://github.com/eclipse/jetty.project/security/advisories/GHSA-86wm-rrjm-8wh8">https://github.com/eclipse/jetty.project/security/advisories/GHSA-86wm-rrjm-8wh8</a><br><a href="https://lists.apache.org/thread.html/r00858fe27ee35ac8fa0e1549d67e0efb789d63b791b5300390bd8480@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/r00858fe27ee35ac8fa0e1549d67e0efb789d63b791b5300390bd8480@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r01806ad8c9cb0590584baf5b1a60237ad92e4ad5bba082ca04d98179@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r01806ad8c9cb0590584baf5b1a60237ad92e4ad5bba082ca04d98179@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r05b7ffde2b8c180709e14bc9ca036407bea3ed9f09b32c4705d23a4a@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/r05b7ffde2b8c180709e14bc9ca036407bea3ed9f09b32c4705d23a4a@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r078c1203e48089b2c934b9f86b61bebe8c049e0ea6273b124f349988@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/r078c1203e48089b2c934b9f86b61bebe8c049e0ea6273b124f349988@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0d2de2ab5558da68b504bd30db74da1d97dc152a857f5b7e462288ab@%3Cissues.spark.apache.org%3E">https://lists.apache.org/thread.html/r0d2de2ab5558da68b504bd30db74da1d97dc152a857f5b7e462288ab@%3Cissues.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r153fbefc27a1b2033692f32ef728ca909a7c7bcc1d21b6c35b38bdd5@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r153fbefc27a1b2033692f32ef728ca909a7c7bcc1d21b6c35b38bdd5@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r15500b77c52390e2ec048cea4a6b45edf907ea61cd13259193ff8601@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r15500b77c52390e2ec048cea4a6b45edf907ea61cd13259193ff8601@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r186748e676e5aeb4eb603361e6367555ae4daecbde55cfd69fa68ec6@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/r186748e676e5aeb4eb603361e6367555ae4daecbde55cfd69fa68ec6@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r1dd302323c6fe1a542d0371de66a484918fa6c2831ae70d924974bea@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r1dd302323c6fe1a542d0371de66a484918fa6c2831ae70d924974bea@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r22776d06582985cca5bd2a92519a2b13b4cae2d8e087318da03c036d@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r22776d06582985cca5bd2a92519a2b13b4cae2d8e087318da03c036d@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r23ce6b8965e30808daa77a80fcd69833b1fc632d80465d0419eff619@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r23ce6b8965e30808daa77a80fcd69833b1fc632d80465d0419eff619@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r25a47cd06750ebb4b0f23a9b7a57c209702c8566a4c970a41ac088df@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r25a47cd06750ebb4b0f23a9b7a57c209702c8566a4c970a41ac088df@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r2a541f08bf5f847394297c13a5305c2f76c11e46504ce2a49653890a@%3Creviews.spark.apache.org%3E"
| org.eclipse.jetty:jetty-server | CVE-2021-34428 | LOW | 9.4.0.v20161208 | 9.4.40.v20210413, 10.0.3, 11.0.3 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-34428">https://access.redhat.com/security/cve/CVE-2021-34428</a><br><a href="https://github.com/advisories/GHSA-m6cp-vxjx-65j6">https://github.com/advisories/GHSA-m6cp-vxjx-65j6</a><br><a href="https://github.com/eclipse/jetty.project/security/advisories/GHSA-m6cp-vxjx-65j6">https://github.com/eclipse/jetty.project/security/advisories/GHSA-m6cp-vxjx-65j6</a><br><a href="https://lists.apache.org/thread.html/r67c4f90658fde875521c949448c54c98517beecdc7f618f902c620ec@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r67c4f90658fde875521c949448c54c98517beecdc7f618f902c620ec@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r8a1a332899a1f92c8118b0895b144b27a78e3f25b9d58a34dd5eb084@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r8a1a332899a1f92c8118b0895b144b27a78e3f25b9d58a34dd5eb084@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rbefa055282d52d6b58d29a79fbb0be65ab0a38d25f00bd29eaf5e6fd@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rbefa055282d52d6b58d29a79fbb0be65ab0a38d25f00bd29eaf5e6fd@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rddbb4f8d5db23265bb63d14ef4b3723b438abc1589f877db11d35450@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rddbb4f8d5db23265bb63d14ef4b3723b438abc1589f877db11d35450@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ref1c161a1621504e673f9197b49e6efe5a33ce3f0e6d8f1f804fc695@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/ref1c161a1621504e673f9197b49e6efe5a33ce3f0e6d8f1f804fc695@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rf36f1114e84a3379b20587063686148e2d5a39abc0b8a66ff2a9087a@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/rf36f1114e84a3379b20587063686148e2d5a39abc0b8a66ff2a9087a@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-34428">https://nvd.nist.gov/vuln/detail/CVE-2021-34428</a><br><a href="https://security.netapp.com/advisory/ntap-20210813-0003/">https://security.netapp.com/advisory/ntap-20210813-0003/</a><br><a href="https://www.debian.org/security/2021/dsa-4949">https://www.debian.org/security/2021/dsa-4949</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2021.html">https://www.oracle.com/security-alerts/cpuoct2021.html</a><br></details> |
| org.eclipse.jetty:jetty-util | CVE-2017-9735 | HIGH | 9.4.0.v20161208 | 9.4.6.v20170531 | <details><summary>Expand...</summary><a href="http://www.securityfocus.com/bid/99104">http://www.securityfocus.com/bid/99104</a><br><a href="https://access.redhat.com/security/cve/CVE-2017-9735">https://access.redhat.com/security/cve/CVE-2017-9735</a><br><a href="https://bugs.debian.org/864631">https://bugs.debian.org/864631</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9735">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9735</a><br><a href="https://github.com/advisories/GHSA-wfcc-pff6-rgc5">https://github.com/advisories/GHSA-wfcc-pff6-rgc5</a><br><a href="https://github.com/eclipse/jetty.project/commit/042f325f1cd6e7891d72c7e668f5947b5457dc02">https://github.com/eclipse/jetty.project/commit/042f325f1cd6e7891d72c7e668f5947b5457dc02</a><br><a href="https://github.com/eclipse/jetty.project/commit/2baa1abe4b1c380a30deacca1ed367466a1a62ea">https://github.com/eclipse/jetty.project/commit/2baa1abe4b1c380a30deacca1ed367466a1a62ea</a><br><a href="https://github.com/eclipse/jetty.project/commit/f3751d70787fd8ab93932a51c60514c2eb37cb58">https://github.com/eclipse/jetty.project/commit/f3751d70787fd8ab93932a51c60514c2eb37cb58</a><br><a href="https://github.com/eclipse/jetty.project/issues/1556">https://github.com/eclipse/jetty.project/issues/1556</a><br><a href="https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E">https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/36870f6c51f5bc25e6f7bb1fcace0e57e81f1524019b11f466738559@%3Ccommon-dev.hadoop.apache.org%3E">https://lists.apache.org/thread.html/36870f6c51f5bc25e6f7bb1fcace0e57e81f1524019b11f466738559@%3Ccommon-dev.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f887a5978f5e4c62b9cfe876336628385cff429e796962649649ec8a@%3Ccommon-issues.hadoop.apache.org%3E">https://lists.apache.org/thread.html/f887a5978f5e4c62b9cfe876336628385cff429e796962649649ec8a@%3Ccommon-issues.hadoop.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E">https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E</a><br><a href="https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html">https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2017-9735">https://nvd.nist.gov/vuln/detail/CVE-2017-9735</a><br><a href="https://www.oracle.com//security-alerts/cpujul2021.html">https://www.oracle.com//security-alerts/cpujul2021.html</a><br><a href="https://www.oracle.com/security-alerts/cpuoct2020.html">https://www.oracle.com/security-alerts/cpuoct2020.html</a><br><a href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a><br></details> |
| org.eclipse.jetty:jetty-util | CVE-2020-27216 | HIGH | 9.4.0.v20161208 | 9.3.29.v20201019, 9.4.32.v20200930, 11.0.1 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2020-27216">https://access.redhat.com/security/cve/CVE-2020-27216</a><br><a href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=567921">https://bugs.eclipse.org/bugs/show_bug.cgi?id=567921</a><br><a href="https://cwe.mitre.org/data/definitions/378.html">https://cwe.mitre.org/data/definitions/378.html</a><br><a href="https://cwe.mitre.org/data/definitions/379.html">https://cwe.mitre.org/data/definitions/379.html</a><br><a href="https://github.com/advisories/GHSA-g3wg-6mcf-8jj6">https://github.com/advisories/GHSA-g3wg-6mcf-8jj6</a><br><a href="https://github.com/eclipse/jetty.project/issues/5451">https://github.com/eclipse/jetty.project/issues/5451</a><br><a href="https://github.com/eclipse/jetty.project/security/advisories/GHSA-g3wg-6mcf-8jj6">https://github.com/eclipse/jetty.project/security/advisories/GHSA-g3wg-6mcf-8jj6</a><br><a href="https://github.com/eclipse/jetty.project/security/advisories/GHSA-g3wg-6mcf-8jj6#advisory-comment-63053">https://github.com/eclipse/jetty.project/security/advisories/GHSA-g3wg-6mcf-8jj6#advisory-comment-63053</a><br><a href="https://github.com/github/codeql/pull/4473">https://github.com/github/codeql/pull/4473</a><br><a href="https://lists.apache.org/thread.html/r0259b14ae69b87821e27fed1f5333ea86018294fd31aab16b1fac84e@%3Cissues.beam.apache.org%3E">https://lists.apache.org/thread.html/r0259b14ae69b87821e27fed1f5333ea86018294fd31aab16b1fac84e@%3Cissues.beam.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r07525dc424ed69b3919618599e762f9ac03791490ca9d724f2241442@%3Cdev.felix.apache.org%3E">https://lists.apache.org/thread.html/r07525dc424ed69b3919618599e762f9ac03791490ca9d724f2241442@%3Cdev.felix.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r09b345099b4f88d2bed7f195a96145849243fb4e53661aa3bcf4c176@%3Cissues.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r09b345099b4f88d2bed7f195a96145849243fb4e53661aa3bcf4c176@%3Cissues.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0d7ad4f02c44d5d53a9ffcbca7ff4a8138241322da9c5c35b5429630@%3Cissues.beam.apache.org%3E">https://lists.apache.org/thread.html/r0d7ad4f02c44d5d53a9ffcbca7ff4a8138241322da9c5c35b5429630@%3Cissues.beam.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0d95e01f52667f44835c40f6dea72bb4397f33cd70a564ea74f3836d@%3Cissues.beam.apache.org%3E">https://lists.apache.org/thread.html/r0d95e01f52667f44835c40f6dea72bb4397f33cd70a564ea74f3836d@%3Cissues.beam.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0df8fe10fc36028cf6d0381ab66510917d0d68bc5ef7042001d03830@%3Cdev.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r0df8fe10fc36028cf6d0381ab66510917d0d68bc5ef7042001d03830@%3Cdev.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0e9efe032cc65433251ee6470c66c334d4e7db9101e24cf91a3961f2@%3Ccommits.directory.apache.org%3E">https://lists.apache.org/thread.html/r0e9efe032cc65433251ee6470c66c334d4e7db9101e24cf91a3961f2@%3Ccommits.directory.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0f5e9b93133ef3aaf31484bc3e15cc4b85f8af0fe4de2dacd9379d72@%3Cdev.felix.apache.org%3E">https://lists.apache.org/thread.html/r0f5e9b93133ef3aaf31484bc3e15cc4b85f8af0fe4de2dacd9379d72@%3Cdev.felix.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r100c5c7586a23a19fdb54d8a32e17cd0944bdaa46277b35c397056f6@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r100c5c7586a23a19fdb54d8a32e17cd0944bdaa46277b35c397056f6@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r171846414347ec5fed38241a9f8a009bd2c89d902154c6102b1fb39a@%3Cissues.beam.apache.org%3E">https://lists.apache.org/thread.html/r171846414347ec5fed38241a9f8a009bd2c89d902154c6102b1fb39a@%3Cissues.beam.apache.org%3E</a><br><a href=
| org.eclipse.jetty:jetty-util | CVE-2021-28165 | HIGH | 9.4.0.v20161208 | 9.4.39.v20210325, 10.0.2, 11.0.2 | <details><summary>Expand...</summary><a href="http://www.openwall.com/lists/oss-security/2021/04/20/3">http://www.openwall.com/lists/oss-security/2021/04/20/3</a><br><a href="https://access.redhat.com/security/cve/CVE-2021-28165">https://access.redhat.com/security/cve/CVE-2021-28165</a><br><a href="https://github.com/advisories/GHSA-26vr-8j45-3r4w">https://github.com/advisories/GHSA-26vr-8j45-3r4w</a><br><a href="https://github.com/eclipse/jetty.project/security/advisories/GHSA-26vr-8j45-3r4w">https://github.com/eclipse/jetty.project/security/advisories/GHSA-26vr-8j45-3r4w</a><br><a href="https://lists.apache.org/thread.html/r002258611ed0c35b82b839d284b43db9dcdec120db8afc1c993137dc@%3Cnotifications.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r002258611ed0c35b82b839d284b43db9dcdec120db8afc1c993137dc@%3Cnotifications.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r03ca0b69db1e3e5f72fe484b71370d537cd711cbf334e2913332730a@%3Cissues.spark.apache.org%3E">https://lists.apache.org/thread.html/r03ca0b69db1e3e5f72fe484b71370d537cd711cbf334e2913332730a@%3Cissues.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r05db8e0ef01e1280cc7543575ae0fa1c2b4d06a8b928916ef65dd2ad@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r05db8e0ef01e1280cc7543575ae0fa1c2b4d06a8b928916ef65dd2ad@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r06d54a297cb8217c66e5190912a955fb870ba47da164002bf2baffe5@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r06d54a297cb8217c66e5190912a955fb870ba47da164002bf2baffe5@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r077b76cafb61520c14c87c4fc76419ed664002da0ddac5ad851ae7e7@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/r077b76cafb61520c14c87c4fc76419ed664002da0ddac5ad851ae7e7@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0841b06b48324cfc81325de3c05a92e53f997185f9d71ff47734d961@%3Cissues.solr.apache.org%3E">https://lists.apache.org/thread.html/r0841b06b48324cfc81325de3c05a92e53f997185f9d71ff47734d961@%3Cissues.solr.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0a241b0649beef90d422b42a26a2470d336e59e66970eafd54f9c3e2@%3Ccommits.zookeeper.apache.org%3E">https://lists.apache.org/thread.html/r0a241b0649beef90d422b42a26a2470d336e59e66970eafd54f9c3e2@%3Ccommits.zookeeper.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0a4797ba6ceea8074f47574a4f3cc11493d514c1fab8203ebd212add@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r0a4797ba6ceea8074f47574a4f3cc11493d514c1fab8203ebd212add@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0bf3aa065abd23960fc8bdc8090d6bc00d5e391cf94ec4e1f4537ae3@%3Cjira.kafka.apache.org%3E">https://lists.apache.org/thread.html/r0bf3aa065abd23960fc8bdc8090d6bc00d5e391cf94ec4e1f4537ae3@%3Cjira.kafka.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0cd1a5e3f4ad4770b44f8aa96572fc09d5b35bec149c0cc247579c42@%3Creviews.spark.apache.org%3E">https://lists.apache.org/thread.html/r0cd1a5e3f4ad4770b44f8aa96572fc09d5b35bec149c0cc247579c42@%3Creviews.spark.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r0f02034a33076fd7243cf3a8807d2766e373f5cb2e7fd0c9a78f97c4@%3Cissues.hbase.apache.org%3E">https://lists.apache.org/thread.html/r0f02034a33076fd7243cf3a8807d2766e373f5cb2e7fd0c9a78f97c4@%3Cissues.hbase.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r111f1ce28b133a8090ca4f809a1bdf18a777426fc058dc3a16c39c66@%3Cissues.solr.apache.org%3E">https://lists.apache.org/thread.html/r111f1ce28b133a8090ca4f809a1bdf18a777426fc058dc3a16c39c66@%3Cissues.solr.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r17e26cf9a1e3cbc09522d15ece5d7c7a00cdced7641b92a22a783287@%3Cissues.zookeeper.apache.org%3E">https://li
| org.jsoup:jsoup | CVE-2021-37714 | HIGH | 1.8.3 | 1.14.2 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2021-37714">https://access.redhat.com/security/cve/CVE-2021-37714</a><br><a href="https://github.com/advisories/GHSA-m72m-mhq2-9p6c">https://github.com/advisories/GHSA-m72m-mhq2-9p6c</a><br><a href="https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c">https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c</a><br><a href="https://jsoup.org/news/release-1.14.1">https://jsoup.org/news/release-1.14.1</a><br><a href="https://jsoup.org/news/release-1.14.2">https://jsoup.org/news/release-1.14.2</a><br><a href="https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0@%3Cissues.maven.apache.org%3E">https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0@%3Cissues.maven.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e@%3Cissues.maven.apache.org%3E">https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e@%3Cissues.maven.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7@%3Cissues.maven.apache.org%3E">https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7@%3Cissues.maven.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e@%3Cissues.maven.apache.org%3E">https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e@%3Cissues.maven.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b@%3Cnotifications.james.apache.org%3E">https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b@%3Cnotifications.james.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe@%3Cnotifications.james.apache.org%3E">https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe@%3Cnotifications.james.apache.org%3E</a><br><a href="https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa@%3Cnotifications.james.apache.org%3E">https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa@%3Cnotifications.james.apache.org%3E</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2021-37714">https://nvd.nist.gov/vuln/detail/CVE-2021-37714</a><br><a href="https://security.netapp.com/advisory/ntap-20220210-0022/">https://security.netapp.com/advisory/ntap-20220210-0022/</a><br><a href="https://www.oracle.com/security-alerts/cpujan2022.html">https://www.oracle.com/security-alerts/cpujan2022.html</a><br></details> |