| com.fasterxml.jackson.core:jackson-core |
CVE-2025-52999 |
HIGH |
2.12.1 |
2.15.0 |
https://access.redhat.com/security/cve/CVE-2025-52999
https://github.com/FasterXML/jackson-core
https://github.com/FasterXML/jackson-core/pull/943
https://github.com/FasterXML/jackson-core/security/advisories/GHSA-h46c-h94j-95f3
https://nvd.nist.gov/vuln/detail/CVE-2025-52999
https://www.cve.org/CVERecord?id=CVE-2025-52999
|
| com.fasterxml.jackson.core:jackson-core |
CVE-2025-52999 |
HIGH |
2.12.1 |
2.15.0 |
https://access.redhat.com/security/cve/CVE-2025-52999
https://github.com/FasterXML/jackson-core
https://github.com/FasterXML/jackson-core/pull/943
https://github.com/FasterXML/jackson-core/security/advisories/GHSA-h46c-h94j-95f3
https://nvd.nist.gov/vuln/detail/CVE-2025-52999
https://www.cve.org/CVERecord?id=CVE-2025-52999
|
| com.fasterxml.jackson.core:jackson-core |
CVE-2025-49128 |
MEDIUM |
2.12.1 |
2.13.0 |
https://access.redhat.com/security/cve/CVE-2025-49128
https://github.com/FasterXML/jackson-core
https://github.com/FasterXML/jackson-core/commit/a6c297682737dde13337cb7c3020f299518609a8
https://github.com/FasterXML/jackson-core/pull/652
https://github.com/FasterXML/jackson-core/security/advisories/GHSA-wf8f-6423-gfxg
https://nvd.nist.gov/vuln/detail/CVE-2021-22145
https://nvd.nist.gov/vuln/detail/CVE-2025-49128
https://www.cve.org/CVERecord?id=CVE-2025-49128
|
| com.fasterxml.jackson.core:jackson-core |
CVE-2025-49128 |
MEDIUM |
2.12.1 |
2.13.0 |
https://access.redhat.com/security/cve/CVE-2025-49128
https://github.com/FasterXML/jackson-core
https://github.com/FasterXML/jackson-core/commit/a6c297682737dde13337cb7c3020f299518609a8
https://github.com/FasterXML/jackson-core/pull/652
https://github.com/FasterXML/jackson-core/security/advisories/GHSA-wf8f-6423-gfxg
https://nvd.nist.gov/vuln/detail/CVE-2021-22145
https://nvd.nist.gov/vuln/detail/CVE-2025-49128
https://www.cve.org/CVERecord?id=CVE-2025-49128
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2020-36518 |
HIGH |
2.12.1 |
2.13.2.1, 2.12.6.1 |
https://access.redhat.com/errata/RHSA-2023:2312
https://access.redhat.com/security/cve/CVE-2020-36518
https://bugzilla.redhat.com/2064698
https://errata.almalinux.org/9/ALSA-2023-2312.html
https://github.com/FasterXML/jackson-databind
https://github.com/FasterXML/jackson-databind/commit/0a8157c6ca478b1bc7be4ba7dccdb3863275f0de
https://github.com/FasterXML/jackson-databind/commit/3cc52f82ecf943e06c1d7c3b078e405fb3923d2b
https://github.com/FasterXML/jackson-databind/commit/8238ab41d0350fb915797c89d46777b4496b74fd
https://github.com/FasterXML/jackson-databind/commit/b3587924ee5d8695942f364d0d404d48d0ea6126
https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b
https://github.com/FasterXML/jackson-databind/issues/2816
https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12
https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13
https://github.com/advisories/GHSA-57j2-w4cx-62h2
https://linux.oracle.com/cve/CVE-2020-36518.html
https://linux.oracle.com/errata/ELSA-2024-3061.html
https://lists.debian.org/debian-lts-announce/2022/05/msg00001.html
https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html
https://nvd.nist.gov/vuln/detail/CVE-2020-36518
https://security.netapp.com/advisory/ntap-20220506-0004
https://security.netapp.com/advisory/ntap-20220506-0004/
https://www.cve.org/CVERecord?id=CVE-2020-36518
https://www.debian.org/security/2022/dsa-5283
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujul2022.html
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2020-36518 |
HIGH |
2.12.1 |
2.13.2.1, 2.12.6.1 |
https://access.redhat.com/errata/RHSA-2023:2312
https://access.redhat.com/security/cve/CVE-2020-36518
https://bugzilla.redhat.com/2064698
https://errata.almalinux.org/9/ALSA-2023-2312.html
https://github.com/FasterXML/jackson-databind
https://github.com/FasterXML/jackson-databind/commit/0a8157c6ca478b1bc7be4ba7dccdb3863275f0de
https://github.com/FasterXML/jackson-databind/commit/3cc52f82ecf943e06c1d7c3b078e405fb3923d2b
https://github.com/FasterXML/jackson-databind/commit/8238ab41d0350fb915797c89d46777b4496b74fd
https://github.com/FasterXML/jackson-databind/commit/b3587924ee5d8695942f364d0d404d48d0ea6126
https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b
https://github.com/FasterXML/jackson-databind/issues/2816
https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12
https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13
https://github.com/advisories/GHSA-57j2-w4cx-62h2
https://linux.oracle.com/cve/CVE-2020-36518.html
https://linux.oracle.com/errata/ELSA-2024-3061.html
https://lists.debian.org/debian-lts-announce/2022/05/msg00001.html
https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html
https://nvd.nist.gov/vuln/detail/CVE-2020-36518
https://security.netapp.com/advisory/ntap-20220506-0004
https://security.netapp.com/advisory/ntap-20220506-0004/
https://www.cve.org/CVERecord?id=CVE-2020-36518
https://www.debian.org/security/2022/dsa-5283
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujul2022.html
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2021-46877 |
HIGH |
2.12.1 |
2.12.6, 2.13.1 |
https://access.redhat.com/security/cve/CVE-2021-46877
https://github.com/FasterXML/jackson-databind
https://github.com/FasterXML/jackson-databind/commit/3ccde7d938fea547e598fdefe9a82cff37fed5cb
https://github.com/FasterXML/jackson-databind/commit/3ccde7d938fea547e598fdefe9a82cff37fed5cb (jackson-databind-2.12.6)
https://github.com/FasterXML/jackson-databind/commit/3ccde7d938fea547e598fdefe9a82cff37fed5cb (jackson-databind-3.13.1)
https://github.com/FasterXML/jackson-databind/issues/3328
https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12.6
https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13.1
https://groups.google.com/g/jackson-user/c/OsBsirPM_Vw
https://nvd.nist.gov/vuln/detail/CVE-2021-46877
https://www.cve.org/CVERecord?id=CVE-2021-46877
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2021-46877 |
HIGH |
2.12.1 |
2.12.6, 2.13.1 |
https://access.redhat.com/security/cve/CVE-2021-46877
https://github.com/FasterXML/jackson-databind
https://github.com/FasterXML/jackson-databind/commit/3ccde7d938fea547e598fdefe9a82cff37fed5cb
https://github.com/FasterXML/jackson-databind/commit/3ccde7d938fea547e598fdefe9a82cff37fed5cb (jackson-databind-2.12.6)
https://github.com/FasterXML/jackson-databind/commit/3ccde7d938fea547e598fdefe9a82cff37fed5cb (jackson-databind-3.13.1)
https://github.com/FasterXML/jackson-databind/issues/3328
https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12.6
https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13.1
https://groups.google.com/g/jackson-user/c/OsBsirPM_Vw
https://nvd.nist.gov/vuln/detail/CVE-2021-46877
https://www.cve.org/CVERecord?id=CVE-2021-46877
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2022-42003 |
HIGH |
2.12.1 |
2.12.7.1, 2.13.4.2 |
https://access.redhat.com/security/cve/CVE-2022-42003
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51020
https://github.com/FasterXML/jackson-databind
https://github.com/FasterXML/jackson-databind/blob/2.13/release-notes/VERSION-2.x
https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1
https://github.com/FasterXML/jackson-databind/commit/2c4a601c626f7790cad9d3c322d244e182838288
https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc
https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea
https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45
https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33
https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33 (jackson-databind-2.14.0-rc1)
https://github.com/FasterXML/jackson-databind/commits/jackson-databind-2.4.0-rc1?after=75b97b8519f0d50c62523ad85170d80a197a2c86+174&branch=jackson-databind-2.4.0-rc1&qualified_name=refs%2Ftags%2Fjackson-databind-2.4.0-rc1
https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.13.4.1...jackson-databind-2.13.4.2
https://github.com/FasterXML/jackson-databind/issues/3590
https://github.com/FasterXML/jackson-databind/issues/3627
https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html
https://nvd.nist.gov/vuln/detail/CVE-2022-42003
https://security.gentoo.org/glsa/202210-21
https://security.netapp.com/advisory/ntap-20221124-0004
https://security.netapp.com/advisory/ntap-20221124-0004/
https://www.cve.org/CVERecord?id=CVE-2022-42003
https://www.debian.org/security/2022/dsa-5283
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2022-42003 |
HIGH |
2.12.1 |
2.12.7.1, 2.13.4.2 |
https://access.redhat.com/security/cve/CVE-2022-42003
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51020
https://github.com/FasterXML/jackson-databind
https://github.com/FasterXML/jackson-databind/blob/2.13/release-notes/VERSION-2.x
https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1
https://github.com/FasterXML/jackson-databind/commit/2c4a601c626f7790cad9d3c322d244e182838288
https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc
https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea
https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45
https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33
https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33 (jackson-databind-2.14.0-rc1)
https://github.com/FasterXML/jackson-databind/commits/jackson-databind-2.4.0-rc1?after=75b97b8519f0d50c62523ad85170d80a197a2c86+174&branch=jackson-databind-2.4.0-rc1&qualified_name=refs%2Ftags%2Fjackson-databind-2.4.0-rc1
https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.13.4.1...jackson-databind-2.13.4.2
https://github.com/FasterXML/jackson-databind/issues/3590
https://github.com/FasterXML/jackson-databind/issues/3627
https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html
https://nvd.nist.gov/vuln/detail/CVE-2022-42003
https://security.gentoo.org/glsa/202210-21
https://security.netapp.com/advisory/ntap-20221124-0004
https://security.netapp.com/advisory/ntap-20221124-0004/
https://www.cve.org/CVERecord?id=CVE-2022-42003
https://www.debian.org/security/2022/dsa-5283
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2022-42004 |
HIGH |
2.12.1 |
2.12.7.1, 2.13.4 |
https://access.redhat.com/security/cve/CVE-2022-42004
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50490
https://github.com/FasterXML/jackson-databind
https://github.com/FasterXML/jackson-databind/commit/063183589218fec19a9293ed2f17ec53ea80ba88
https://github.com/FasterXML/jackson-databind/commit/063183589218fec19a9293ed2f17ec53ea80ba88 (jackson-databind-2.13.4)
https://github.com/FasterXML/jackson-databind/commit/35de19e7144c4df8ab178b800ba86e80c3d84252
https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea
https://github.com/FasterXML/jackson-databind/issues/3582
https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html
https://nvd.nist.gov/vuln/detail/CVE-2022-42004
https://security.gentoo.org/glsa/202210-21
https://security.netapp.com/advisory/ntap-20221118-0008
https://security.netapp.com/advisory/ntap-20221118-0008/
https://www.cve.org/CVERecord?id=CVE-2022-42004
https://www.debian.org/security/2022/dsa-5283
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2022-42004 |
HIGH |
2.12.1 |
2.12.7.1, 2.13.4 |
https://access.redhat.com/security/cve/CVE-2022-42004
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50490
https://github.com/FasterXML/jackson-databind
https://github.com/FasterXML/jackson-databind/commit/063183589218fec19a9293ed2f17ec53ea80ba88
https://github.com/FasterXML/jackson-databind/commit/063183589218fec19a9293ed2f17ec53ea80ba88 (jackson-databind-2.13.4)
https://github.com/FasterXML/jackson-databind/commit/35de19e7144c4df8ab178b800ba86e80c3d84252
https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea
https://github.com/FasterXML/jackson-databind/issues/3582
https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html
https://nvd.nist.gov/vuln/detail/CVE-2022-42004
https://security.gentoo.org/glsa/202210-21
https://security.netapp.com/advisory/ntap-20221118-0008
https://security.netapp.com/advisory/ntap-20221118-0008/
https://www.cve.org/CVERecord?id=CVE-2022-42004
https://www.debian.org/security/2022/dsa-5283
|
| com.google.protobuf:protobuf-java |
CVE-2021-22569 |
HIGH |
3.7.0 |
3.16.1, 3.18.2, 3.19.2 |
http://www.openwall.com/lists/oss-security/2022/01/12/4
http://www.openwall.com/lists/oss-security/2022/01/12/7
https://access.redhat.com/security/cve/CVE-2021-22569
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39330
https://cloud.google.com/support/bulletins#gcp-2022-001
https://github.com/protocolbuffers/protobuf
https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b
https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67
https://lists.debian.org/debian-lts-announce/2023/04/msg00019.html
https://nvd.nist.gov/vuln/detail/CVE-2021-22569
https://ubuntu.com/security/notices/USN-5945-1
https://www.cve.org/CVERecord?id=CVE-2021-22569
https://www.openwall.com/lists/oss-security/2022/01/12/4
https://www.oracle.com/security-alerts/cpuapr2022.html
|
| com.google.protobuf:protobuf-java |
CVE-2021-22569 |
HIGH |
3.7.0 |
3.16.1, 3.18.2, 3.19.2 |
http://www.openwall.com/lists/oss-security/2022/01/12/4
http://www.openwall.com/lists/oss-security/2022/01/12/7
https://access.redhat.com/security/cve/CVE-2021-22569
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39330
https://cloud.google.com/support/bulletins#gcp-2022-001
https://github.com/protocolbuffers/protobuf
https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b
https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67
https://lists.debian.org/debian-lts-announce/2023/04/msg00019.html
https://nvd.nist.gov/vuln/detail/CVE-2021-22569
https://ubuntu.com/security/notices/USN-5945-1
https://www.cve.org/CVERecord?id=CVE-2021-22569
https://www.openwall.com/lists/oss-security/2022/01/12/4
https://www.oracle.com/security-alerts/cpuapr2022.html
|
| com.google.protobuf:protobuf-java |
CVE-2022-3509 |
HIGH |
3.7.0 |
3.16.3, 3.19.6, 3.20.3, 3.21.7 |
https://access.redhat.com/security/cve/CVE-2022-3509
https://github.com/protocolbuffers/protobuf/commit/a3888f53317a8018e7a439bac4abeb8f3425d5e9
https://github.com/protocolbuffers/protobuf/tree/main/java
https://nvd.nist.gov/vuln/detail/CVE-2022-3509
https://www.cve.org/CVERecord?id=CVE-2022-3509
|
| com.google.protobuf:protobuf-java |
CVE-2022-3509 |
HIGH |
3.7.0 |
3.16.3, 3.19.6, 3.20.3, 3.21.7 |
https://access.redhat.com/security/cve/CVE-2022-3509
https://github.com/protocolbuffers/protobuf/commit/a3888f53317a8018e7a439bac4abeb8f3425d5e9
https://github.com/protocolbuffers/protobuf/tree/main/java
https://nvd.nist.gov/vuln/detail/CVE-2022-3509
https://www.cve.org/CVERecord?id=CVE-2022-3509
|
| com.google.protobuf:protobuf-java |
CVE-2022-3510 |
HIGH |
3.7.0 |
3.16.3, 3.19.6, 3.20.3, 3.21.7 |
https://access.redhat.com/security/cve/CVE-2022-3510
https://github.com/protocolbuffers/protobuf/commit/db7c17803320525722f45c1d26fc08bc41d1bf48
https://github.com/protocolbuffers/protobuf/tree/main/java
https://nvd.nist.gov/vuln/detail/CVE-2022-3510
https://www.cve.org/CVERecord?id=CVE-2022-3510
|
| com.google.protobuf:protobuf-java |
CVE-2022-3510 |
HIGH |
3.7.0 |
3.16.3, 3.19.6, 3.20.3, 3.21.7 |
https://access.redhat.com/security/cve/CVE-2022-3510
https://github.com/protocolbuffers/protobuf/commit/db7c17803320525722f45c1d26fc08bc41d1bf48
https://github.com/protocolbuffers/protobuf/tree/main/java
https://nvd.nist.gov/vuln/detail/CVE-2022-3510
https://www.cve.org/CVERecord?id=CVE-2022-3510
|
| com.google.protobuf:protobuf-java |
CVE-2024-7254 |
HIGH |
3.7.0 |
3.25.5, 4.27.5, 4.28.2 |
https://access.redhat.com/security/cve/CVE-2024-7254
https://github.com/advisories/GHSA-735f-pc8j-v9w8
https://github.com/protocolbuffers/protobuf
https://github.com/protocolbuffers/protobuf/commit/4728531c162f2f9e8c2ca1add713cfee2db6be3b
https://github.com/protocolbuffers/protobuf/commit/850fcce9176e2c9070614dab53537760498c926b
https://github.com/protocolbuffers/protobuf/commit/9a5f5fe752a20cbac2e722b06949ac985abdd534
https://github.com/protocolbuffers/protobuf/commit/ac9fb5b4c71b0dd80985b27684e265d1f03abf46
https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa
https://github.com/protocolbuffers/protobuf/commit/d6c82fc55a76481c676f541a255571e8950bb8c3
https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-735f-pc8j-v9w8
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/google-protobuf/CVE-2024-7254.yml
https://nvd.nist.gov/vuln/detail/CVE-2024-7254
https://security.netapp.com/advisory/ntap-20241213-0010
https://security.netapp.com/advisory/ntap-20241213-0010/
https://security.netapp.com/advisory/ntap-20250418-0006
https://security.netapp.com/advisory/ntap-20250418-0006/
https://ubuntu.com/security/notices/USN-7435-1
https://www.cve.org/CVERecord?id=CVE-2024-7254
|
| com.google.protobuf:protobuf-java |
CVE-2024-7254 |
HIGH |
3.7.0 |
3.25.5, 4.27.5, 4.28.2 |
https://access.redhat.com/security/cve/CVE-2024-7254
https://github.com/advisories/GHSA-735f-pc8j-v9w8
https://github.com/protocolbuffers/protobuf
https://github.com/protocolbuffers/protobuf/commit/4728531c162f2f9e8c2ca1add713cfee2db6be3b
https://github.com/protocolbuffers/protobuf/commit/850fcce9176e2c9070614dab53537760498c926b
https://github.com/protocolbuffers/protobuf/commit/9a5f5fe752a20cbac2e722b06949ac985abdd534
https://github.com/protocolbuffers/protobuf/commit/ac9fb5b4c71b0dd80985b27684e265d1f03abf46
https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa
https://github.com/protocolbuffers/protobuf/commit/d6c82fc55a76481c676f541a255571e8950bb8c3
https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-735f-pc8j-v9w8
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/google-protobuf/CVE-2024-7254.yml
https://nvd.nist.gov/vuln/detail/CVE-2024-7254
https://security.netapp.com/advisory/ntap-20241213-0010
https://security.netapp.com/advisory/ntap-20241213-0010/
https://security.netapp.com/advisory/ntap-20250418-0006
https://security.netapp.com/advisory/ntap-20250418-0006/
https://ubuntu.com/security/notices/USN-7435-1
https://www.cve.org/CVERecord?id=CVE-2024-7254
|
| com.google.protobuf:protobuf-java |
CVE-2022-3171 |
MEDIUM |
3.7.0 |
3.21.7, 3.20.3, 3.19.6, 3.16.3 |
https://access.redhat.com/security/cve/CVE-2022-3171
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48771
https://github.com/protocolbuffers/protobuf
https://github.com/protocolbuffers/protobuf/releases/tag/v21.7
https://github.com/protocolbuffers/protobuf/releases/tag/v3.16.3
https://github.com/protocolbuffers/protobuf/releases/tag/v3.19.6
https://github.com/protocolbuffers/protobuf/releases/tag/v3.20.3
https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/google-protobuf/CVE-2022-3171.yml
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CBAUKJQL6O4TIWYBENORSY5P43TVB4M3/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBAUKJQL6O4TIWYBENORSY5P43TVB4M3
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP
https://nvd.nist.gov/vuln/detail/CVE-2022-3171
https://security.gentoo.org/glsa/202301-09
https://www.cve.org/CVERecord?id=CVE-2022-3171
|
| com.google.protobuf:protobuf-java |
CVE-2022-3171 |
MEDIUM |
3.7.0 |
3.21.7, 3.20.3, 3.19.6, 3.16.3 |
https://access.redhat.com/security/cve/CVE-2022-3171
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48771
https://github.com/protocolbuffers/protobuf
https://github.com/protocolbuffers/protobuf/releases/tag/v21.7
https://github.com/protocolbuffers/protobuf/releases/tag/v3.16.3
https://github.com/protocolbuffers/protobuf/releases/tag/v3.19.6
https://github.com/protocolbuffers/protobuf/releases/tag/v3.20.3
https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/google-protobuf/CVE-2022-3171.yml
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CBAUKJQL6O4TIWYBENORSY5P43TVB4M3/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBAUKJQL6O4TIWYBENORSY5P43TVB4M3
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP
https://nvd.nist.gov/vuln/detail/CVE-2022-3171
https://security.gentoo.org/glsa/202301-09
https://www.cve.org/CVERecord?id=CVE-2022-3171
|
| com.squareup.okio:okio |
CVE-2023-3635 |
MEDIUM |
1.17.2 |
3.4.0, 1.17.6 |
https://access.redhat.com/security/cve/CVE-2023-3635
https://github.com/square/okio
https://github.com/square/okio/blob/master/CHANGELOG.md#version-1176
https://github.com/square/okio/commit/81bce1a30af244550b0324597720e4799281da7b
https://github.com/square/okio/commit/b4fa875dc24950680c386e4b1c593660ce4f7839
https://github.com/square/okio/pull/1280
https://github.com/square/okio/pull/1334
https://nvd.nist.gov/vuln/detail/CVE-2023-3635
https://research.jfrog.com/vulnerabilities/okio-gzip-source-unhandled-exception-dos-xray-523195
https://research.jfrog.com/vulnerabilities/okio-gzip-source-unhandled-exception-dos-xray-523195/
https://www.cve.org/CVERecord?id=CVE-2023-3635
|
| com.squareup.okio:okio |
CVE-2023-3635 |
MEDIUM |
1.17.2 |
3.4.0, 1.17.6 |
https://access.redhat.com/security/cve/CVE-2023-3635
https://github.com/square/okio
https://github.com/square/okio/blob/master/CHANGELOG.md#version-1176
https://github.com/square/okio/commit/81bce1a30af244550b0324597720e4799281da7b
https://github.com/square/okio/commit/b4fa875dc24950680c386e4b1c593660ce4f7839
https://github.com/square/okio/pull/1280
https://github.com/square/okio/pull/1334
https://nvd.nist.gov/vuln/detail/CVE-2023-3635
https://research.jfrog.com/vulnerabilities/okio-gzip-source-unhandled-exception-dos-xray-523195
https://research.jfrog.com/vulnerabilities/okio-gzip-source-unhandled-exception-dos-xray-523195/
https://www.cve.org/CVERecord?id=CVE-2023-3635
|
| commons-io:commons-io |
CVE-2024-47554 |
HIGH |
2.6 |
2.14.0 |
http://www.openwall.com/lists/oss-security/2024/10/03/2
https://access.redhat.com/security/cve/CVE-2024-47554
https://github.com/apache/commons-io
https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1
https://nvd.nist.gov/vuln/detail/CVE-2024-47554
https://security.netapp.com/advisory/ntap-20250131-0010
https://security.netapp.com/advisory/ntap-20250131-0010/
https://www.cve.org/CVERecord?id=CVE-2024-47554
|
| commons-io:commons-io |
CVE-2024-47554 |
HIGH |
2.6 |
2.14.0 |
http://www.openwall.com/lists/oss-security/2024/10/03/2
https://access.redhat.com/security/cve/CVE-2024-47554
https://github.com/apache/commons-io
https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1
https://nvd.nist.gov/vuln/detail/CVE-2024-47554
https://security.netapp.com/advisory/ntap-20250131-0010
https://security.netapp.com/advisory/ntap-20250131-0010/
https://www.cve.org/CVERecord?id=CVE-2024-47554
|
| commons-io:commons-io |
CVE-2021-29425 |
MEDIUM |
2.6 |
2.7 |
https://access.redhat.com/security/cve/CVE-2021-29425
https://arxiv.org/pdf/2306.05534.pdf
https://github.com/jensdietrich/xshady-release/tree/main/CVE-2021-29425
https://issues.apache.org/jira/browse/IO-556
https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436%40%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71%40%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe%40%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34%40%3Cdev.myfaces.apache.org%3E
https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E
https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e%40%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2%40%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r477c285126ada5c3b47946bb702cb222ac4e7fd3100c8549bdd6d3b2%40%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r477c285126ada5c3b47946bb702cb222ac4e7fd3100c8549bdd6d3b2@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r5149f78be265be69d34eacb4e4b0fc7c9c697bcdfa91a1c1658d717b%40%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r5149f78be265be69d34eacb4e4b0fc7c9c697bcdfa91a1c1658d717b@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r523a6ffad58f71c4f3761e3cee72df878e48cdc89ebdce933be1475c%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r523a6ffad58f71c4f3761e3cee72df878e48cdc89ebdce933be1475c@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r808be7d93b17a7055c1981a8453ae5f0d0fce5855407793c5d0ffffa%40%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/r808be7d93b17a7055c1981a8453ae5f0d0fce5855407793c5d0ffffa@%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r86528f4b7d222aed7891e7ac03d69a0db2a2dfa17b86ac3470d7f374%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r86528f4b7d222aed7891e7ac03d69a0db2a2dfa17b86ac3470d7f374@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r873d5ddafc0a68fd999725e559776dc4971d1ab39c0f5cc81bd9bc04%40%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r873d5ddafc0a68fd999725e559776dc4971d1ab39c0f5cc81bd9bc04@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r8bfc7235e6b39d90e6f446325a5a44c3e9e50da18860fdabcee23e29%40%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8bfc7235e6b39d90e6f446325a5a44c3e9e50da18860fdabcee23e29@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31%40%3Cdev.commons.apache.org%3E
https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31@%3Cdev.commons.apache.org%3E
https://lists.apache.org/thread.html/r92ea904f4bae190b03bd42a4355ce3c2fbe8f36ab673e03f6ca3f9fa%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r92ea904f4bae190b03bd42a4355ce3c2fbe8f36ab673e03f6ca3f9fa@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ra8ef65aedc086d2d3d21492b4c08ae0eb8a3a42cc52e29ba1bc009d8%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/ra8ef65aedc086d2d3d21492b4c08ae0eb8a3a42cc52e29ba1bc009d8@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rad4ae544747df32ccd58fff5a86cd556640396aeb161aa71dd3d192a%40%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/rad4ae544747df32ccd58fff5a86cd556640396aeb161aa71dd3d192a@%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/rbebd3e19651baa7a4a5503a9901c95989df9d40602c8e35cb05d3eb5%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rbebd3e19651baa7a4a5503a9901c95989df9d40602c8e35cb05d3eb5@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rc10fa20ef4d13cbf6ebe0b06b5edb95466a1424a9b7673074ed03260%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc10fa20ef4d13cbf6ebe0b06b5edb95466a1424a9b7673074ed03260@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc2dd3204260e9227a67253ef68b6f1599446005bfa0e1ddce4573a80%40%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rc2dd3204260e9227a67253ef68b6f1599446005bfa0e1ddce4573a80@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rc359823b5500e9a9a2572678ddb8e01d3505a7ffcadfa8d13b8780ab%40%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/rc5f3df5316c5237b78a3dff5ab95b311ad08e61d418cd992ca7e34ae%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc5f3df5316c5237b78a3dff5ab95b311ad08e61d418cd992ca7e34ae@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc65f9bc679feffe4589ea0981ee98bc0af9139470f077a91580eeee0%40%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rc65f9bc679feffe4589ea0981ee98bc0af9139470f077a91580eeee0@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rca71a10ca533eb9bfac2d590533f02e6fb9064d3b6aa3ec90fdc4f51%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rca71a10ca533eb9bfac2d590533f02e6fb9064d3b6aa3ec90fdc4f51@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd09d4ab3e32e4b3a480e2ff6ff118712981ca82e817f28f2a85652a6%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd09d4ab3e32e4b3a480e2ff6ff118712981ca82e817f28f2a85652a6@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re41e9967bee064e7369411c28f0f5b2ad28b8334907c9c6208017279%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re41e9967bee064e7369411c28f0f5b2ad28b8334907c9c6208017279@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/red3aea910403d8620c73e1c7b9c9b145798d0469eb3298a7be7891af%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/red3aea910403d8620c73e1c7b9c9b145798d0469eb3298a7be7891af@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rfcd2c649c205f12b72dde044f905903460669a220a2eb7e12652d19d%40%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rfcd2c649c205f12b72dde044f905903460669a220a2eb7e12652d19d@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330%40%3Cdev.commons.apache.org%3E
https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330@%3Cdev.commons.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/08/msg00016.html
https://nvd.nist.gov/vuln/detail/CVE-2021-29425
https://security.netapp.com/advisory/ntap-20220210-0004
https://security.netapp.com/advisory/ntap-20220210-0004/
https://ubuntu.com/security/notices/USN-5095-1
https://www.cve.org/CVERecord?id=CVE-2021-29425
https://www.openwall.com/lists/oss-security/2021/04/12/1
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpujul2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| commons-io:commons-io |
CVE-2021-29425 |
MEDIUM |
2.6 |
2.7 |
https://access.redhat.com/security/cve/CVE-2021-29425
https://arxiv.org/pdf/2306.05534.pdf
https://github.com/jensdietrich/xshady-release/tree/main/CVE-2021-29425
https://issues.apache.org/jira/browse/IO-556
https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436%40%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71%40%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe%40%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34%40%3Cdev.myfaces.apache.org%3E
https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E
https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e%40%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e@%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2%40%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r477c285126ada5c3b47946bb702cb222ac4e7fd3100c8549bdd6d3b2%40%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r477c285126ada5c3b47946bb702cb222ac4e7fd3100c8549bdd6d3b2@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r5149f78be265be69d34eacb4e4b0fc7c9c697bcdfa91a1c1658d717b%40%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r5149f78be265be69d34eacb4e4b0fc7c9c697bcdfa91a1c1658d717b@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r523a6ffad58f71c4f3761e3cee72df878e48cdc89ebdce933be1475c%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r523a6ffad58f71c4f3761e3cee72df878e48cdc89ebdce933be1475c@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r808be7d93b17a7055c1981a8453ae5f0d0fce5855407793c5d0ffffa%40%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/r808be7d93b17a7055c1981a8453ae5f0d0fce5855407793c5d0ffffa@%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r86528f4b7d222aed7891e7ac03d69a0db2a2dfa17b86ac3470d7f374%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r86528f4b7d222aed7891e7ac03d69a0db2a2dfa17b86ac3470d7f374@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r873d5ddafc0a68fd999725e559776dc4971d1ab39c0f5cc81bd9bc04%40%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r873d5ddafc0a68fd999725e559776dc4971d1ab39c0f5cc81bd9bc04@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r8bfc7235e6b39d90e6f446325a5a44c3e9e50da18860fdabcee23e29%40%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8bfc7235e6b39d90e6f446325a5a44c3e9e50da18860fdabcee23e29@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31%40%3Cdev.commons.apache.org%3E
https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31@%3Cdev.commons.apache.org%3E
https://lists.apache.org/thread.html/r92ea904f4bae190b03bd42a4355ce3c2fbe8f36ab673e03f6ca3f9fa%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r92ea904f4bae190b03bd42a4355ce3c2fbe8f36ab673e03f6ca3f9fa@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ra8ef65aedc086d2d3d21492b4c08ae0eb8a3a42cc52e29ba1bc009d8%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/ra8ef65aedc086d2d3d21492b4c08ae0eb8a3a42cc52e29ba1bc009d8@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rad4ae544747df32ccd58fff5a86cd556640396aeb161aa71dd3d192a%40%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/rad4ae544747df32ccd58fff5a86cd556640396aeb161aa71dd3d192a@%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/rbebd3e19651baa7a4a5503a9901c95989df9d40602c8e35cb05d3eb5%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rbebd3e19651baa7a4a5503a9901c95989df9d40602c8e35cb05d3eb5@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rc10fa20ef4d13cbf6ebe0b06b5edb95466a1424a9b7673074ed03260%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc10fa20ef4d13cbf6ebe0b06b5edb95466a1424a9b7673074ed03260@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc2dd3204260e9227a67253ef68b6f1599446005bfa0e1ddce4573a80%40%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rc2dd3204260e9227a67253ef68b6f1599446005bfa0e1ddce4573a80@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rc359823b5500e9a9a2572678ddb8e01d3505a7ffcadfa8d13b8780ab%40%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/rc5f3df5316c5237b78a3dff5ab95b311ad08e61d418cd992ca7e34ae%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc5f3df5316c5237b78a3dff5ab95b311ad08e61d418cd992ca7e34ae@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc65f9bc679feffe4589ea0981ee98bc0af9139470f077a91580eeee0%40%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rc65f9bc679feffe4589ea0981ee98bc0af9139470f077a91580eeee0@%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rca71a10ca533eb9bfac2d590533f02e6fb9064d3b6aa3ec90fdc4f51%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rca71a10ca533eb9bfac2d590533f02e6fb9064d3b6aa3ec90fdc4f51@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd09d4ab3e32e4b3a480e2ff6ff118712981ca82e817f28f2a85652a6%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd09d4ab3e32e4b3a480e2ff6ff118712981ca82e817f28f2a85652a6@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re41e9967bee064e7369411c28f0f5b2ad28b8334907c9c6208017279%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re41e9967bee064e7369411c28f0f5b2ad28b8334907c9c6208017279@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/red3aea910403d8620c73e1c7b9c9b145798d0469eb3298a7be7891af%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/red3aea910403d8620c73e1c7b9c9b145798d0469eb3298a7be7891af@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c@%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rfcd2c649c205f12b72dde044f905903460669a220a2eb7e12652d19d%40%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rfcd2c649c205f12b72dde044f905903460669a220a2eb7e12652d19d@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330%40%3Cdev.commons.apache.org%3E
https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330@%3Cdev.commons.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/08/msg00016.html
https://nvd.nist.gov/vuln/detail/CVE-2021-29425
https://security.netapp.com/advisory/ntap-20220210-0004
https://security.netapp.com/advisory/ntap-20220210-0004/
https://ubuntu.com/security/notices/USN-5095-1
https://www.cve.org/CVERecord?id=CVE-2021-29425
https://www.openwall.com/lists/oss-security/2021/04/12/1
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpujul2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
|
| org.apache.commons:commons-compress |
CVE-2024-25710 |
MEDIUM |
1.21 |
1.26.0 |
http://www.openwall.com/lists/oss-security/2024/02/19/1
https://access.redhat.com/security/cve/CVE-2024-25710
https://github.com/apache/commons-compress
https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf
https://nvd.nist.gov/vuln/detail/CVE-2024-25710
https://security.netapp.com/advisory/ntap-20240307-0010
https://security.netapp.com/advisory/ntap-20240307-0010/
https://www.cve.org/CVERecord?id=CVE-2024-25710
|
| org.apache.commons:commons-compress |
CVE-2024-25710 |
MEDIUM |
1.21 |
1.26.0 |
http://www.openwall.com/lists/oss-security/2024/02/19/1
https://access.redhat.com/security/cve/CVE-2024-25710
https://github.com/apache/commons-compress
https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf
https://nvd.nist.gov/vuln/detail/CVE-2024-25710
https://security.netapp.com/advisory/ntap-20240307-0010
https://security.netapp.com/advisory/ntap-20240307-0010/
https://www.cve.org/CVERecord?id=CVE-2024-25710
|
| org.apache.commons:commons-compress |
CVE-2024-26308 |
MEDIUM |
1.21 |
1.26.0 |
http://www.openwall.com/lists/oss-security/2024/02/19/2
https://access.redhat.com/security/cve/CVE-2024-26308
https://github.com/apache/commons-compress
https://lists.apache.org/thread/ch5yo2d21p7vlqrhll9b17otbyq4npfg
https://nvd.nist.gov/vuln/detail/CVE-2024-26308
https://security.netapp.com/advisory/ntap-20240307-0009
https://security.netapp.com/advisory/ntap-20240307-0009/
https://www.cve.org/CVERecord?id=CVE-2024-26308
https://www.openwall.com/lists/oss-security/2024/02/19/2
|
| org.apache.commons:commons-compress |
CVE-2024-26308 |
MEDIUM |
1.21 |
1.26.0 |
http://www.openwall.com/lists/oss-security/2024/02/19/2
https://access.redhat.com/security/cve/CVE-2024-26308
https://github.com/apache/commons-compress
https://lists.apache.org/thread/ch5yo2d21p7vlqrhll9b17otbyq4npfg
https://nvd.nist.gov/vuln/detail/CVE-2024-26308
https://security.netapp.com/advisory/ntap-20240307-0009
https://security.netapp.com/advisory/ntap-20240307-0009/
https://www.cve.org/CVERecord?id=CVE-2024-26308
https://www.openwall.com/lists/oss-security/2024/02/19/2
|
| org.codehaus.plexus:plexus-archiver |
CVE-2023-37460 |
HIGH |
4.2.6 |
4.8.0 |
https://access.redhat.com/security/cve/CVE-2023-37460
https://github.com/codehaus-plexus/plexus-archiver
https://github.com/codehaus-plexus/plexus-archiver/commit/54759839fbdf85caf8442076f001d5fd64e0dcb2
https://github.com/codehaus-plexus/plexus-archiver/releases/tag/plexus-archiver-4.8.0
https://github.com/codehaus-plexus/plexus-archiver/security/advisories/GHSA-wh3p-fphp-9h2m
https://linux.oracle.com/cve/CVE-2023-37460.html
https://linux.oracle.com/errata/ELSA-2023-6886.html
https://nvd.nist.gov/vuln/detail/CVE-2023-37460
https://research.jfrog.com/vulnerabilities/plexus-archiver-arbitrary-file-overwrite-xray-526292/
https://www.cve.org/CVERecord?id=CVE-2023-37460
|
| org.codehaus.plexus:plexus-archiver |
CVE-2023-37460 |
HIGH |
4.2.6 |
4.8.0 |
https://access.redhat.com/security/cve/CVE-2023-37460
https://github.com/codehaus-plexus/plexus-archiver
https://github.com/codehaus-plexus/plexus-archiver/commit/54759839fbdf85caf8442076f001d5fd64e0dcb2
https://github.com/codehaus-plexus/plexus-archiver/releases/tag/plexus-archiver-4.8.0
https://github.com/codehaus-plexus/plexus-archiver/security/advisories/GHSA-wh3p-fphp-9h2m
https://linux.oracle.com/cve/CVE-2023-37460.html
https://linux.oracle.com/errata/ELSA-2023-6886.html
https://nvd.nist.gov/vuln/detail/CVE-2023-37460
https://research.jfrog.com/vulnerabilities/plexus-archiver-arbitrary-file-overwrite-xray-526292/
https://www.cve.org/CVERecord?id=CVE-2023-37460
|
| org.iq80.snappy:snappy |
CVE-2024-36124 |
MEDIUM |
0.4 |
0.5 |
https://access.redhat.com/security/cve/CVE-2024-36124
https://github.com/dain/snappy
https://github.com/dain/snappy/security/advisories/GHSA-8wh2-6qhj-h7j9
https://nvd.nist.gov/vuln/detail/CVE-2024-36124
https://www.cve.org/CVERecord?id=CVE-2024-36124
|
| org.iq80.snappy:snappy |
CVE-2024-36124 |
MEDIUM |
0.4 |
0.5 |
https://access.redhat.com/security/cve/CVE-2024-36124
https://github.com/dain/snappy
https://github.com/dain/snappy/security/advisories/GHSA-8wh2-6qhj-h7j9
https://nvd.nist.gov/vuln/detail/CVE-2024-36124
https://www.cve.org/CVERecord?id=CVE-2024-36124
|
| org.jsoup:jsoup |
CVE-2022-36033 |
MEDIUM |
1.14.3 |
1.15.3 |
https://access.redhat.com/security/cve/CVE-2022-36033
https://github.com/jhy/jsoup
https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3
https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369
https://jsoup.org/news/release-1.15.3
https://nvd.nist.gov/vuln/detail/CVE-2022-36033
https://security.netapp.com/advisory/ntap-20221104-0006
https://security.netapp.com/advisory/ntap-20221104-0006/
https://www.cve.org/CVERecord?id=CVE-2022-36033
|
| org.jsoup:jsoup |
CVE-2022-36033 |
MEDIUM |
1.14.3 |
1.15.3 |
https://access.redhat.com/security/cve/CVE-2022-36033
https://github.com/jhy/jsoup
https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3
https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369
https://jsoup.org/news/release-1.15.3
https://nvd.nist.gov/vuln/detail/CVE-2022-36033
https://security.netapp.com/advisory/ntap-20221104-0006
https://security.netapp.com/advisory/ntap-20221104-0006/
https://www.cve.org/CVERecord?id=CVE-2022-36033
|
| org.jsoup:jsoup |
CVE-2022-36033 |
MEDIUM |
1.14.3 |
1.15.3 |
https://access.redhat.com/security/cve/CVE-2022-36033
https://github.com/jhy/jsoup
https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3
https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369
https://jsoup.org/news/release-1.15.3
https://nvd.nist.gov/vuln/detail/CVE-2022-36033
https://security.netapp.com/advisory/ntap-20221104-0006
https://security.netapp.com/advisory/ntap-20221104-0006/
https://www.cve.org/CVERecord?id=CVE-2022-36033
|
| org.jsoup:jsoup |
CVE-2022-36033 |
MEDIUM |
1.14.3 |
1.15.3 |
https://access.redhat.com/security/cve/CVE-2022-36033
https://github.com/jhy/jsoup
https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3
https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369
https://jsoup.org/news/release-1.15.3
https://nvd.nist.gov/vuln/detail/CVE-2022-36033
https://security.netapp.com/advisory/ntap-20221104-0006
https://security.netapp.com/advisory/ntap-20221104-0006/
https://www.cve.org/CVERecord?id=CVE-2022-36033
|
| org.scala-lang:scala-library |
CVE-2022-36944 |
CRITICAL |
2.13.8 |
2.13.9 |
https://access.redhat.com/security/cve/CVE-2022-36944
https://discuss.lightbend.com/t/impact-of-cve-2022-36944-on-akka-cluster-akka-actor-akka-remote/10007/2
https://github.com/scala/scala
https://github.com/scala/scala-collection-compat/releases/tag/v2.9.0
https://github.com/scala/scala/pull/10118
https://github.com/scala/scala/releases/tag/v2.13.9
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ZOZVWY3X72FZZCCRAKRJYTQOJ6LUD6Z/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3WMKPFAMFQE3HJVRQ5KOJUTWG264SXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6ZOZVWY3X72FZZCCRAKRJYTQOJ6LUD6Z
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3WMKPFAMFQE3HJVRQ5KOJUTWG264SXI
https://nvd.nist.gov/vuln/detail/CVE-2022-36944
https://www.cve.org/CVERecord?id=CVE-2022-36944
https://www.scala-lang.org/download
https://www.scala-lang.org/download/
|
| org.scala-lang:scala-library |
CVE-2022-36944 |
CRITICAL |
2.13.8 |
2.13.9 |
https://access.redhat.com/security/cve/CVE-2022-36944
https://discuss.lightbend.com/t/impact-of-cve-2022-36944-on-akka-cluster-akka-actor-akka-remote/10007/2
https://github.com/scala/scala
https://github.com/scala/scala-collection-compat/releases/tag/v2.9.0
https://github.com/scala/scala/pull/10118
https://github.com/scala/scala/releases/tag/v2.13.9
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ZOZVWY3X72FZZCCRAKRJYTQOJ6LUD6Z/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3WMKPFAMFQE3HJVRQ5KOJUTWG264SXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6ZOZVWY3X72FZZCCRAKRJYTQOJ6LUD6Z
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3WMKPFAMFQE3HJVRQ5KOJUTWG264SXI
https://nvd.nist.gov/vuln/detail/CVE-2022-36944
https://www.cve.org/CVERecord?id=CVE-2022-36944
https://www.scala-lang.org/download
https://www.scala-lang.org/download/
|
| org.scala-sbt:io_2.12 |
CVE-2023-46122 |
LOW |
1.6.0 |
1.9.7 |
https://github.com/sbt/io/commit/124538348db0713c80793cb57b915f97ec13188a
https://github.com/sbt/io/issues/358
https://github.com/sbt/io/pull/360
https://github.com/sbt/sbt
https://github.com/sbt/sbt/security/advisories/GHSA-h9mw-grgx-2fhf
https://nvd.nist.gov/vuln/detail/CVE-2023-46122
|
| org.scala-sbt:io_2.12 |
CVE-2023-46122 |
LOW |
1.6.0 |
1.9.7 |
https://github.com/sbt/io/commit/124538348db0713c80793cb57b915f97ec13188a
https://github.com/sbt/io/issues/358
https://github.com/sbt/io/pull/360
https://github.com/sbt/sbt
https://github.com/sbt/sbt/security/advisories/GHSA-h9mw-grgx-2fhf
https://nvd.nist.gov/vuln/detail/CVE-2023-46122
|
| org.scala-sbt:sbt |
CVE-2023-46122 |
LOW |
1.6.2 |
1.9.7 |
https://github.com/sbt/io/commit/124538348db0713c80793cb57b915f97ec13188a
https://github.com/sbt/io/issues/358
https://github.com/sbt/io/pull/360
https://github.com/sbt/sbt
https://github.com/sbt/sbt/security/advisories/GHSA-h9mw-grgx-2fhf
https://nvd.nist.gov/vuln/detail/CVE-2023-46122
|
| org.scala-sbt:sbt |
CVE-2023-46122 |
LOW |
1.6.2 |
1.9.7 |
https://github.com/sbt/io/commit/124538348db0713c80793cb57b915f97ec13188a
https://github.com/sbt/io/issues/358
https://github.com/sbt/io/pull/360
https://github.com/sbt/sbt
https://github.com/sbt/sbt/security/advisories/GHSA-h9mw-grgx-2fhf
https://nvd.nist.gov/vuln/detail/CVE-2023-46122
|
| org.yaml:snakeyaml |
CVE-2022-1471 |
HIGH |
1.27 |
2.0 |
http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html
http://www.openwall.com/lists/oss-security/2023/11/19/1
https://access.redhat.com/errata/RHSA-2022:9058
https://access.redhat.com/security/cve/CVE-2022-1471
https://bitbucket.org/snakeyaml/snakeyaml
https://bitbucket.org/snakeyaml/snakeyaml/commits/5014df1a36f50aca54405bb8433bc99a8847f758
https://bitbucket.org/snakeyaml/snakeyaml/commits/acc44099f5f4af26ff86b4e4e4cc1c874e2dc5c4
https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479
https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64634374
https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314
https://bitbucket.org/snakeyaml/snakeyaml/wiki/CVE-2022-1471
https://bugzilla.redhat.com/2150009
https://bugzilla.redhat.com/show_bug.cgi?id=2150009
https://confluence.atlassian.com/security/cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471
https://errata.almalinux.org/8/ALSA-2022-9058.html
https://errata.rockylinux.org/RLSA-2022:9058
https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2
https://github.com/mbechler/marshalsec
https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc
https://infosecwriteups.com/%EF%B8%8F-inside-the-160-comment-fight-to-fix-snakeyamls-rce-default-1a20c5ca4d4c
https://linux.oracle.com/cve/CVE-2022-1471.html
https://linux.oracle.com/errata/ELSA-2022-9058-1.html
https://nvd.nist.gov/vuln/detail/CVE-2022-1471
https://security.netapp.com/advisory/ntap-20230818-0015
https://security.netapp.com/advisory/ntap-20230818-0015/
https://security.netapp.com/advisory/ntap-20240621-0006
https://security.netapp.com/advisory/ntap-20240621-0006/
https://snyk.io/blog/unsafe-deserialization-snakeyaml-java-cve-2022-1471
https://www.cve.org/CVERecord?id=CVE-2022-1471
https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true
|
| org.yaml:snakeyaml |
CVE-2022-1471 |
HIGH |
1.27 |
2.0 |
http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html
http://www.openwall.com/lists/oss-security/2023/11/19/1
https://access.redhat.com/errata/RHSA-2022:9058
https://access.redhat.com/security/cve/CVE-2022-1471
https://bitbucket.org/snakeyaml/snakeyaml
https://bitbucket.org/snakeyaml/snakeyaml/commits/5014df1a36f50aca54405bb8433bc99a8847f758
https://bitbucket.org/snakeyaml/snakeyaml/commits/acc44099f5f4af26ff86b4e4e4cc1c874e2dc5c4
https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479
https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64634374
https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314
https://bitbucket.org/snakeyaml/snakeyaml/wiki/CVE-2022-1471
https://bugzilla.redhat.com/2150009
https://bugzilla.redhat.com/show_bug.cgi?id=2150009
https://confluence.atlassian.com/security/cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471
https://errata.almalinux.org/8/ALSA-2022-9058.html
https://errata.rockylinux.org/RLSA-2022:9058
https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2
https://github.com/mbechler/marshalsec
https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc
https://infosecwriteups.com/%EF%B8%8F-inside-the-160-comment-fight-to-fix-snakeyamls-rce-default-1a20c5ca4d4c
https://linux.oracle.com/cve/CVE-2022-1471.html
https://linux.oracle.com/errata/ELSA-2022-9058-1.html
https://nvd.nist.gov/vuln/detail/CVE-2022-1471
https://security.netapp.com/advisory/ntap-20230818-0015
https://security.netapp.com/advisory/ntap-20230818-0015/
https://security.netapp.com/advisory/ntap-20240621-0006
https://security.netapp.com/advisory/ntap-20240621-0006/
https://snyk.io/blog/unsafe-deserialization-snakeyaml-java-cve-2022-1471
https://www.cve.org/CVERecord?id=CVE-2022-1471
https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true
|
| org.yaml:snakeyaml |
CVE-2022-25857 |
HIGH |
1.27 |
1.31 |
https://access.redhat.com/errata/RHSA-2022:6820
https://access.redhat.com/security/cve/CVE-2022-25857
https://bitbucket.org/snakeyaml/snakeyaml/commits/fc300780da21f4bb92c148bc90257201220cf174
https://bitbucket.org/snakeyaml/snakeyaml/issues/525
https://bugzilla.redhat.com/2126789
https://bugzilla.redhat.com/show_bug.cgi?id=2126789
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25857
https://errata.almalinux.org/8/ALSA-2022-6820.html
https://errata.rockylinux.org/RLSA-2022:6820
https://github.com/snakeyaml/snakeyaml
https://github.com/snakeyaml/snakeyaml/commit/fc300780da21f4bb92c148bc90257201220cf174
https://linux.oracle.com/cve/CVE-2022-25857.html
https://linux.oracle.com/errata/ELSA-2022-6820.html
https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2022-25857
https://security.netapp.com/advisory/ntap-20240315-0010
https://security.netapp.com/advisory/ntap-20240315-0010/
https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360
https://ubuntu.com/security/notices/USN-5944-1
https://www.cve.org/CVERecord?id=CVE-2022-25857
|
| org.yaml:snakeyaml |
CVE-2022-25857 |
HIGH |
1.27 |
1.31 |
https://access.redhat.com/errata/RHSA-2022:6820
https://access.redhat.com/security/cve/CVE-2022-25857
https://bitbucket.org/snakeyaml/snakeyaml/commits/fc300780da21f4bb92c148bc90257201220cf174
https://bitbucket.org/snakeyaml/snakeyaml/issues/525
https://bugzilla.redhat.com/2126789
https://bugzilla.redhat.com/show_bug.cgi?id=2126789
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25857
https://errata.almalinux.org/8/ALSA-2022-6820.html
https://errata.rockylinux.org/RLSA-2022:6820
https://github.com/snakeyaml/snakeyaml
https://github.com/snakeyaml/snakeyaml/commit/fc300780da21f4bb92c148bc90257201220cf174
https://linux.oracle.com/cve/CVE-2022-25857.html
https://linux.oracle.com/errata/ELSA-2022-6820.html
https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2022-25857
https://security.netapp.com/advisory/ntap-20240315-0010
https://security.netapp.com/advisory/ntap-20240315-0010/
https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360
https://ubuntu.com/security/notices/USN-5944-1
https://www.cve.org/CVERecord?id=CVE-2022-25857
|
| 10 other vulnerabilities found... |
|---|
| No Misconfigurations found |
|---|