Vulnerability Reportapache/hive:3.1.3

apache/hive:3.1.3
DIGESTsha256:d102ba29ad07e93c303894896203a80b903c0001d80221f1cb9fea92dcac06e4

Executive Summary

Threat Score
100/100DANGEROUS
Reputation
UNVERIFIED

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could exploit multiple vulnerabilities to achieve remote code execution (e.g., CVE-2024-2961) or bypass authentication (e.g., CVE-2017-7658) to access sensitive Hive data. With 396 critical or high-severity exposures and a maximum severity of 10.0, the attack surface is unacceptably large. No workaround fully mitigates the most severe issues.

Vulnerabilities

Vulnerability Log

939 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2017-7658CRITICAL10
org.eclipse.jetty:jetty-server
9.3.19.v20170502
fixed in 9.2.25.v20180606, 9.3.24.v20180605, 9.4.11.v20180605
21.0%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2017-7658CRITICAL10
org.eclipse.jetty:jetty-server
9.3.20.v20170531
fixed in 9.2.25.v20180606, 9.3.24.v20180605, 9.4.11.v20180605
21.0%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2019-20445CRITICAL10
io.netty:netty
3.10.5.Final
fixed in 4.0.0
13.5%
High Exploitation Risk
Directly Exposed
CVE-2019-20445CRITICAL10
io.netty:netty
3.10.6.Final
fixed in 4.0.0
13.5%
High Exploitation Risk
Directly Exposed
CVE-2019-20445CRITICAL10
io.netty:netty
3.6.2.Final
fixed in 4.0.0
13.5%
High Exploitation Risk
Directly Exposed
CVE-2019-20445CRITICAL10
io.netty:netty-handler
4.0.52.Final
fixed in 4.1.45
13.5%
High Exploitation Risk
Directly Exposed
CVE-2019-20445CRITICAL10
io.netty:netty-handler
4.1.17.Final
fixed in 4.1.45
13.5%
High Exploitation Risk
Directly Exposed
CVE-2024-2961CRITICAL10
libc-bin
2.31-13+deb11u3
fixed in 2.31-13+deb11u9
88.3%
Actively Exploited
Directly Exposed
CVE-2024-2961CRITICAL10
libc6
2.31-13+deb11u3
fixed in 2.31-13+deb11u9
88.3%
Actively Exploited
Directly Exposed
CVE-2022-23307CRITICAL10
log4j:log4j
1.2.17
No fix yet
52.5%
Actively Exploited
Directly Exposed
CVE-2022-23302CRITICAL10
log4j:log4j
1.2.17
No fix yet
61.8%
Actively Exploited
Directly Exposed
CVE-2020-13936CRITICAL10
org.apache.velocity:velocity
1.7
No fix yet
22.7%
High Exploitation Risk
Directly Exposed
CVE-2023-4911CRITICAL10
libc-bin
2.31-13+deb11u3
fixed in 2.31-13+deb11u7
78.6%
Actively Exploited
Directly Exposed
CVE-2023-4911CRITICAL10
libc6
2.31-13+deb11u3
fixed in 2.31-13+deb11u7
78.6%
Actively Exploited
Directly Exposed
CVE-2019-1010022CRITICAL9.8
libc-bin
2.31-13+deb11u3
No fix yet
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2019-1010022CRITICAL9.8
libc6
2.31-13+deb11u3
No fix yet
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-45853CRITICAL9.8
zlib1g
1:1.2.11.dfsg-2+deb11u1
No fix yet
2.9%
Low-Moderate Risk
Directly Exposed
CVE-2017-15095CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2
8.4%
Low-Moderate Risk
Directly Exposed
CVE-2018-11307CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-14719CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
9.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-14379CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2019-16335CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-16942CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-16943CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-17267CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10, 2.8.11.5
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-17531CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2019-20330CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2
8.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-14892CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.6.7.3, 2.8.11.5, 2.9.10
5.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-15095CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2
8.4%
Low-Moderate Risk
Directly Exposed
CVE-2018-11307CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-14719CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
9.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-14379CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2019-16335CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-16942CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-16943CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-17267CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10, 2.8.11.5
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-17531CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2019-20330CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2
8.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-14892CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.6.7.3, 2.8.11.5, 2.9.10
5.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-15095CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2
8.4%
Low-Moderate Risk
Directly Exposed
CVE-2018-11307CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-14719CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
9.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-14720CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2019-14379CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2019-16335CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-16942CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-16943CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-17267CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10, 2.8.11.5
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-17531CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2019-20330CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2
8.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-14892CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.6.7.3, 2.8.11.5, 2.9.10
5.4%
Low-Moderate Risk
Directly Exposed
CVE-2018-11307CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-14719CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
9.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-14720CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2019-14379CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2019-16335CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-16942CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-16943CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-17267CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10, 2.8.11.5
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-17531CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2019-20330CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2
8.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-9546CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.4
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-14892CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.6.7.3, 2.8.11.5, 2.9.10
5.4%
Low-Moderate Risk
Directly Exposed
CVE-2019-14893CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10
4.0%
Low-Moderate Risk
Directly Exposed
CVE-2022-39135CRITICAL9.8
org.apache.calcite:calcite-core
1.16.0
fixed in 1.32.0
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-46337CRITICAL9.8
org.apache.derby:derby
10.14.1.0
fixed in 10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2021-37404CRITICAL9.8
org.apache.hadoop:hadoop-common
3.1.0
fixed in 3.3.2, 3.2.3, 2.10.2
2.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-25168CRITICAL9.8
org.apache.hadoop:hadoop-common
3.1.0
fixed in 2.10.2, 3.2.4, 3.3.3
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2018-17190CRITICAL9.8
org.apache.spark:spark-core_2.11
2.3.0
No fix yet
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-10202CRITICAL9.8
org.codehaus.jackson:jackson-mapper-asl
1.9.13
No fix yet
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2022-41853CRITICAL9.8
org.hsqldb:hsqldb
2.3.4
fixed in 2.7.1
3.5%
Low-Moderate Risk
Directly Exposed
CVE-2024-1597CRITICAL9.8
org.postgresql:postgresql
9.4.1208.jre7
fixed in 42.2.28, 42.3.9, 42.4.4, 42.5.5, 42.6.1, 42.7.2
4.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-21724CRITICAL9.8
org.postgresql:postgresql
9.4.1208.jre7
fixed in 42.2.25, 42.3.2
3.0%
Low-Moderate Risk
Directly Exposed
CVE-2023-50387CRITICAL9.75
libsystemd0
247.3-7
fixed in 247.3-7+deb11u6
100.0%
Actively Exploited
Directly Exposed
CVE-2023-50868CRITICAL9.75
libsystemd0
247.3-7
fixed in 247.3-7+deb11u6
82.8%
Actively Exploited
Directly Exposed
CVE-2023-50387CRITICAL9.75
libudev1
247.3-7
fixed in 247.3-7+deb11u6
100.0%
Actively Exploited
Directly Exposed
CVE-2023-50868CRITICAL9.75
libudev1
247.3-7
fixed in 247.3-7+deb11u6
82.8%
Actively Exploited
Directly Exposed
CVE-2014-0114CRITICAL9.75
commons-beanutils:commons-beanutils
1.9.3
fixed in 1.9.4
95.8%
Actively Exploited
Directly Exposed
CVE-2021-4104CRITICAL9.75
log4j:log4j
1.2.17
No fix yet
81.1%
Actively Exploited
Directly Exposed
CVE-2017-5637CRITICAL9.75
org.apache.zookeeper:zookeeper
3.4.6
fixed in 3.4.10, 3.5.3
73.7%
Actively Exploited
Directly Exposed
CVE-2017-5637CRITICAL9.75
org.apache.zookeeper:zookeeper
3.4.9
fixed in 3.4.10, 3.5.3
73.7%
Actively Exploited
Directly Exposed
CVE-2021-28165CRITICAL9.75
org.eclipse.jetty:jetty-server
9.3.19.v20170502
fixed in 9.4.39, 10.0.2, 11.0.2
53.9%
Actively Exploited
Directly Exposed
CVE-2021-28165CRITICAL9.75
org.eclipse.jetty:jetty-server
9.3.20.v20170531
fixed in 9.4.39, 10.0.2, 11.0.2
53.9%
Actively Exploited
Directly Exposed
CVE-2023-0286CRITICAL9.62
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u4
62.0%
Actively Exploited
Directly Exposed
CVE-2020-35728CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8
12.5%
High Exploitation Risk
Directly Exposed
CVE-2020-36179CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8, 2.6.7.5
20.9%
High Exploitation Risk
Directly Exposed
CVE-2020-36184CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8
10.4%
High Exploitation Risk
Directly Exposed
CVE-2020-36188CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8, 2.6.7.5
10.9%
High Exploitation Risk
Directly Exposed
CVE-2020-35728CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.8
12.5%
High Exploitation Risk
Directly Exposed
CVE-2020-36179CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.8, 2.6.7.5
20.9%
High Exploitation Risk
Directly Exposed
CVE-2020-36184CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.8
10.4%
High Exploitation Risk
Directly Exposed
CVE-2020-36188CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.8, 2.6.7.5
10.9%
High Exploitation Risk
Directly Exposed
CVE-2020-35728CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.8
12.5%
High Exploitation Risk
Directly Exposed
CVE-2020-36179CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.8, 2.6.7.5
20.9%
High Exploitation Risk
Directly Exposed
CVE-2020-36184CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.8
10.4%
High Exploitation Risk
Directly Exposed
CVE-2020-36188CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.8, 2.6.7.5
10.9%
High Exploitation Risk
Directly Exposed
CVE-2020-35728CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.8
12.5%
High Exploitation Risk
Directly Exposed
CVE-2020-36179CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.8, 2.6.7.5
20.9%
High Exploitation Risk
Directly Exposed
CVE-2020-36184CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.8
10.4%
High Exploitation Risk
Directly Exposed
CVE-2020-36188CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.8, 2.6.7.5
10.9%
High Exploitation Risk
Directly Exposed
CVE-2024-37371CRITICAL9.1
libgssapi-krb5-2
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u5
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2024-37371CRITICAL9.1
libk5crypto3
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u5
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2024-37371CRITICAL9.1
libkrb5-3
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u5
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2024-37371CRITICAL9.1
libkrb5support0
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u5
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-1586CRITICAL9.1
libpcre2-8-0
10.36-2
fixed in 10.36-2+deb11u1
3.0%
Low-Moderate Risk
Directly Exposed
CVE-2022-1587CRITICAL9.1
libpcre2-8-0
10.36-2
fixed in 10.36-2+deb11u1
2.4%
Low-Moderate Risk
Directly Exposed
CVE-2021-46848CRITICAL9.1
libtasn1-6
4.16.0-2
fixed in 4.16.0-2+deb11u1
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2019-20444CRITICAL9.1
io.netty:netty
3.10.5.Final
fixed in 4.0.0
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-20444CRITICAL9.1
io.netty:netty
3.10.6.Final
fixed in 4.0.0
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-20444CRITICAL9.1
io.netty:netty
3.6.2.Final
fixed in 4.0.0
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-20444CRITICAL9.1
io.netty:netty-codec-http
4.0.52.Final
fixed in 4.1.44
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-20444CRITICAL9.1
io.netty:netty-codec-http
4.1.17.Final
fixed in 4.1.44
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2022-37865CRITICAL9.1
org.apache.ivy:ivy
2.4.0
fixed in 2.5.1
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-44981CRITICAL9.1
org.apache.zookeeper:zookeeper
3.4.6
fixed in 3.7.2, 3.8.3, 3.9.1
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-44981CRITICAL9.1
org.apache.zookeeper:zookeeper
3.4.9
fixed in 3.7.2, 3.8.3, 3.9.1
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-1010023HIGH8.8
libc-bin
2.31-13+deb11u3
No fix yet
3.1%
Low-Moderate Risk
Directly Exposed
CVE-2019-1010023HIGH8.8
libc6
2.31-13+deb11u3
No fix yet
3.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-42898HIGH8.8
libgssapi-krb5-2
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u3
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-42898HIGH8.8
libk5crypto3
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u3
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-42898HIGH8.8
libkrb5-3
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u3
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-42898HIGH8.8
libkrb5support0
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u3
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2020-10673HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.4, 2.6.7.4
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10673HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.4, 2.6.7.4
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10673HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.4, 2.6.7.4
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10672HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.4
3.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10673HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.4, 2.6.7.4
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10968HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.4
3.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-10969HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.4
3.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-11111HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.4
3.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-11112HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.4
3.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-11113HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.4
6.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-48734HIGH8.8
commons-beanutils:commons-beanutils
1.9.3
fixed in 1.11.0
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2024-47561HIGH8.8
org.apache.avro:avro
1.7.7
fixed in 1.11.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-47561HIGH8.8
org.apache.avro:avro
1.8.2
fixed in 1.11.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2022-36364HIGH8.8
org.apache.calcite.avatica:avatica-core
1.11.0
fixed in 1.22.0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-9492HIGH8.8
org.apache.hadoop:hadoop-common
3.1.0
fixed in 3.2.2, 3.1.4, 2.10.1
4.4%
Low-Moderate Risk
Directly Exposed
CVE-2021-33036HIGH8.8
org.apache.hadoop:hadoop-yarn-server-common
3.1.0
fixed in 2.10.2, 3.2.3, 3.3.2
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2022-4450HIGH8.62
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u4
20.4%
High Exploitation Risk
Directly Exposed
CVE-2019-12086HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3
21.9%
High Exploitation Risk
Directly Exposed
CVE-2019-14439HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3
10.8%
High Exploitation Risk
Directly Exposed
CVE-2019-12086HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3
21.9%
High Exploitation Risk
Directly Exposed
CVE-2019-14439HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3
10.8%
High Exploitation Risk
Directly Exposed
CVE-2020-25649HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.6.7.4, 2.9.10.7, 2.10.5.1
17.6%
High Exploitation Risk
Directly Exposed
CVE-2019-12086HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3
21.9%
High Exploitation Risk
Directly Exposed
CVE-2019-14439HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3
10.8%
High Exploitation Risk
Directly Exposed
CVE-2020-25649HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.6.7.4, 2.9.10.7, 2.10.5.1
17.6%
High Exploitation Risk
Directly Exposed
CVE-2019-12086HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3
21.9%
High Exploitation Risk
Directly Exposed
CVE-2019-14439HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3
10.8%
High Exploitation Risk
Directly Exposed
CVE-2020-25649HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.6.7.4, 2.9.10.7, 2.10.5.1
17.6%
High Exploitation Risk
Directly Exposed
CVE-2022-40152HIGH8.62
com.fasterxml.woodstox:woodstox-core
5.0.3
fixed in 6.4.0, 5.4.0
19.5%
High Exploitation Risk
Directly Exposed
CVE-2022-25647HIGH8.62
com.google.code.gson:gson
2.2.4
fixed in 2.8.9
12.0%
High Exploitation Risk
Directly Exposed
CVE-2022-25647HIGH8.62
com.google.code.gson:gson
2.8.1
fixed in 2.8.9
12.0%
High Exploitation Risk
Directly Exposed
CVE-2021-35515HIGH8.62
org.apache.commons:commons-compress
1.19
fixed in 1.21
11.9%
High Exploitation Risk
Directly Exposed
CVE-2021-35516HIGH8.62
org.apache.commons:commons-compress
1.19
fixed in 1.21
12.7%
High Exploitation Risk
Directly Exposed
CVE-2021-35517HIGH8.62
org.apache.commons:commons-compress
1.19
fixed in 1.21
10.9%
High Exploitation Risk
Directly Exposed
CVE-2021-36090HIGH8.62
org.apache.commons:commons-compress
1.19
fixed in 1.21
13.3%
High Exploitation Risk
Directly Exposed
CVE-2021-35515HIGH8.62
org.apache.commons:commons-compress
1.4.1
fixed in 1.21
11.9%
High Exploitation Risk
Directly Exposed
CVE-2021-35516HIGH8.62
org.apache.commons:commons-compress
1.4.1
fixed in 1.21
12.7%
High Exploitation Risk
Directly Exposed
CVE-2021-35517HIGH8.62
org.apache.commons:commons-compress
1.4.1
fixed in 1.21
10.9%
High Exploitation Risk
Directly Exposed
CVE-2021-36090HIGH8.62
org.apache.commons:commons-compress
1.4.1
fixed in 1.21
13.3%
High Exploitation Risk
Directly Exposed
CVE-2019-10172HIGH8.62
org.codehaus.jackson:jackson-mapper-asl
1.9.13
No fix yet
17.0%
High Exploitation Risk
Directly Exposed
CVE-2021-33813HIGH8.62
org.jdom:jdom
1.1
No fix yet
19.4%
High Exploitation Risk
Directly Exposed
CVE-2017-18640HIGH8.62
org.yaml:snakeyaml
1.16
fixed in 1.26
26.7%
High Exploitation Risk
Directly Exposed
CVE-2012-0881HIGH8.62
xerces:xercesImpl
2.9.1
fixed in 2.12.0
17.1%
High Exploitation Risk
Directly Exposed
CVE-2023-2650HIGH8.45
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u5
77.9%
Actively Exploited
Directly Exposed
CVE-2019-10086HIGH8.39
commons-beanutils:commons-beanutils
1.9.3
fixed in 1.9.4
28.8%
High Exploitation Risk
Directly Exposed
CVE-2026-42010HIGH8.33
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u10
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-42581HIGH8.33
io.netty:netty-codec-http
4.0.52.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42581HIGH8.33
io.netty:netty-codec-http
4.1.17.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-32988HIGH8.2
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u8
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2022-46751HIGH8.2
org.apache.ivy:ivy
2.4.0
fixed in 2.5.2
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2013-4002HIGH8.16
xerces:xercesImpl
2.9.1
fixed in 2.12.0
24.7%
High Exploitation Risk
Directly Exposed
CVE-2026-45447HIGH8.1
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u8
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2018-5968HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.8.11.1, 2.9.4, 2.7.9.5
7.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10650HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24616HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.6
9.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24750HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.6.7.5, 2.9.10.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-35490HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8
7.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-35491HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8
9.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-36180HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36181HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36182HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36183HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36185HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36186HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36187HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36189HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-20190HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.7, 2.6.7.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2018-5968HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.8.11.1, 2.9.4, 2.7.9.5
7.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10650HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24616HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.6
9.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24750HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.6.7.5, 2.9.10.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-35490HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.8
7.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-35491HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.8
9.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-36180HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36181HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36182HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36183HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36185HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36186HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36187HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36189HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-20190HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.7, 2.6.7.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2018-5968HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.8.11.1, 2.9.4, 2.7.9.5
7.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10650HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24616HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.6
9.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24750HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.6.7.5, 2.9.10.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-35490HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.8
7.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-35491HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.8
9.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-36180HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36181HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36182HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36183HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36185HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36186HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36187HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36189HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-20190HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.7, 2.6.7.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-10650HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-11619HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.4
3.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-11620HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.4
5.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-14060HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.5
8.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-14061HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.5
4.4%
Low-Moderate Risk
Directly Exposed
CVE-2020-14062HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.5
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-14195HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.5
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-24616HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.6
9.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24750HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.6.7.5, 2.9.10.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-35490HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.8
7.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-35491HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.8
9.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-36180HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36181HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36182HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36183HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36185HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36186HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36187HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36189HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-20190HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.7, 2.6.7.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2018-14721HIGH8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
10.5%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-14721HIGH8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
10.5%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2017-17485HIGH8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.4, 2.8.11, 2.7.9.2
50.0%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2017-7525HIGH8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.6.7.1, 2.7.9.1, 2.8.9
37.9%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-14718HIGH8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3
12.7%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-19362HIGH8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3
10.6%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-7489HIGH8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5
20.5%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2019-14540HIGH8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
10.7%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2020-8840HIGH8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3
26.6%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2020-9547HIGH8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.7%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2020-9548HIGH8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.3%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2017-17485HIGH8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.4, 2.8.11, 2.7.9.2
50.0%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-14718HIGH8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3
12.7%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-19362HIGH8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3
10.6%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-7489HIGH8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5
20.5%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2019-14540HIGH8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
10.7%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2020-8840HIGH8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3
26.6%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2020-9547HIGH8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.7%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2020-9548HIGH8
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.3%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2017-17485HIGH8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.4, 2.8.11, 2.7.9.2
50.0%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2017-7525HIGH8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.6.7.1, 2.7.9.1, 2.8.9
37.9%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-14718HIGH8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3
12.7%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-19360HIGH8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.8, 2.8.11.3, 2.7.9.5
10.6%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-19361HIGH8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.7.9.5, 2.9.8, 2.8.11.3
10.6%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-19362HIGH8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3
10.6%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-7489HIGH8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5
20.5%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2019-14540HIGH8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
10.7%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2020-8840HIGH8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3
26.6%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2020-9547HIGH8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.7%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2020-9548HIGH8
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.3%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-14718HIGH8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3
12.7%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-19360HIGH8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.8, 2.8.11.3, 2.7.9.5
10.6%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-19361HIGH8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.7.9.5, 2.9.8, 2.8.11.3
10.6%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-19362HIGH8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3
10.6%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2018-7489HIGH8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5
20.5%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2019-14540HIGH8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
10.7%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2020-8840HIGH8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3
26.6%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2020-9547HIGH8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.7%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2020-9548HIGH8
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.3%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2019-17195HIGH8
com.nimbusds:nimbus-jose-jwt
4.41.1
fixed in 7.9
11.0%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2017-7657HIGH8
org.eclipse.jetty:jetty-server
9.3.19.v20170502
fixed in 9.2.25.v20180606, 9.3.24.v20180605
16.2%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2017-7657HIGH8
org.eclipse.jetty:jetty-server
9.3.20.v20170531
fixed in 9.2.25.v20180606, 9.3.24.v20180605
16.2%
High Exploitation Risk
Directly ExposedContext importance: MEDIUM
CVE-2022-1471HIGH8
org.yaml:snakeyaml
1.16
fixed in 2.0
99.6%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2022-31197HIGH8
org.postgresql:postgresql
9.4.1208.jre7
fixed in 42.2.26, 42.4.1, 42.3.7
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2022-1304HIGH7.8
libcom-err2
1.46.2-2
fixed in 1.46.2-2+deb11u1
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2022-1304HIGH7.8
libext2fs2
1.46.2-2
fixed in 1.46.2-2+deb11u1
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2017-7245HIGH7.8
libpcre3
2:8.39-13
No fix yet
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2017-7246HIGH7.8
libpcre3
2:8.39-13
No fix yet
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2022-1304HIGH7.8
libss2
1.46.2-2
fixed in 1.46.2-2+deb11u1
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2026-33845HIGH7.73
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u10
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42584HIGH7.73
io.netty:netty-codec-http
4.0.52.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42584HIGH7.73
io.netty:netty-codec-http
4.1.17.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-0286HIGH7.7
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u4
62.0%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2024-33599HIGH7.6
libc-bin
2.31-13+deb11u3
fixed in 2.31-13+deb11u10
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-33599HIGH7.6
libc6
2.31-13+deb11u3
fixed in 2.31-13+deb11u10
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-25638HIGH7.57
dnsjava:dnsjava
2.1.7
fixed in 3.6.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2018-20796HIGH7.5
libc-bin
2.31-13+deb11u3
No fix yet
5.8%
Low-Moderate Risk
Directly Exposed
CVE-2019-9192HIGH7.5
libc-bin
2.31-13+deb11u3
No fix yet
2.4%
Low-Moderate Risk
Directly Exposed
CVE-2018-20796HIGH7.5
libc6
2.31-13+deb11u3
No fix yet
5.8%
Low-Moderate Risk
Directly Exposed
CVE-2019-9192HIGH7.5
libc6
2.31-13+deb11u3
No fix yet
2.4%
Low-Moderate Risk
Directly Exposed
CVE-2021-33560HIGH7.5
libgcrypt20
1.8.7-6
No fix yet
2.3%
Low-Moderate Risk
Directly Exposed
CVE-2018-6829HIGH7.5
libgcrypt20
1.8.7-6
No fix yet
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-2509HIGH7.5
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u2
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2024-0553HIGH7.5
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u5
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2024-0567HIGH7.5
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u5
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2018-5709HIGH7.5
libgssapi-krb5-2
1.18.3-6+deb11u1
No fix yet
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-5709HIGH7.5
libk5crypto3
1.18.3-6+deb11u1
No fix yet
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-5709HIGH7.5
libkrb5-3
1.18.3-6+deb11u1
No fix yet
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-5709HIGH7.5
libkrb5support0
1.18.3-6+deb11u1
No fix yet
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2017-11164HIGH7.5
libpcre3
2:8.39-13
No fix yet
3.1%
Low-Moderate Risk
Directly Exposed
CVE-2019-20838HIGH7.5
libpcre3
2:8.39-13
No fix yet
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-0215HIGH7.5
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u4
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-0464HIGH7.5
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u5
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-46828HIGH7.5
libtirpc-common
1.3.1-1
fixed in 1.3.1-1+deb11u1
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-46828HIGH7.5
libtirpc3
1.3.1-1
fixed in 1.3.1-1+deb11u1
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-4899HIGH7.5
libzstd1
1.4.8+dfsg-2.1
No fix yet
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.12.0
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-46877HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.12.0
fixed in 2.12.6, 2.13.1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.12.0
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.12.0
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-12022HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-12022HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-12022HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2018-12023HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
8.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-12022HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2018-12023HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
8.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2024-7254HIGH7.5
com.google.protobuf:protobuf-java
2.5.0
fixed in 3.25.5, 4.27.5, 4.28.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-3171HIGH7.5
com.google.protobuf:protobuf-java
2.5.0
fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-7254HIGH7.5
com.google.protobuf:protobuf-java
3.3.0
fixed in 3.25.5, 4.27.5, 4.28.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-3171HIGH7.5
com.google.protobuf:protobuf-java
3.3.0
fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-7254HIGH7.5
com.google.protobuf:protobuf-java
3.3.1
fixed in 3.25.5, 4.27.5, 4.28.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-3171HIGH7.5
com.google.protobuf:protobuf-java
3.3.1
fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2023-3635HIGH7.5
com.squareup.okio:okio
1.6.0
fixed in 3.4.0, 1.17.6
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-37136HIGH7.5
io.netty:netty
3.10.5.Final
fixed in 4.0.0
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-37137HIGH7.5
io.netty:netty
3.10.5.Final
fixed in 4.0.0
6.3%
Low-Moderate Risk
Directly Exposed
CVE-2021-37136HIGH7.5
io.netty:netty
3.10.6.Final
fixed in 4.0.0
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-37137HIGH7.5
io.netty:netty
3.10.6.Final
fixed in 4.0.0
6.3%
Low-Moderate Risk
Directly Exposed
CVE-2015-2156HIGH7.5
io.netty:netty
3.6.2.Final
fixed in 3.10.3.Final, 3.9.8.Final
5.4%
Low-Moderate Risk
Directly Exposed
CVE-2021-37136HIGH7.5
io.netty:netty
3.6.2.Final
fixed in 4.0.0
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-37137HIGH7.5
io.netty:netty
3.6.2.Final
fixed in 4.0.0
6.3%
Low-Moderate Risk
Directly Exposed
CVE-2019-16869HIGH7.5
io.netty:netty-all
4.0.52.Final
fixed in 4.1.42.Final
8.4%
Low-Moderate Risk
Directly Exposed
CVE-2019-16869HIGH7.5
io.netty:netty-all
4.1.12.Final
fixed in 4.1.42.Final
8.4%
Low-Moderate Risk
Directly Exposed
CVE-2019-16869HIGH7.5
io.netty:netty-all
4.1.17.Final
fixed in 4.1.42.Final
8.4%
Low-Moderate Risk
Directly Exposed
CVE-2021-37136HIGH7.5
io.netty:netty-codec
4.0.52.Final
fixed in 4.1.68.Final
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-37137HIGH7.5
io.netty:netty-codec
4.0.52.Final
fixed in 4.1.68.Final
6.3%
Low-Moderate Risk
Directly Exposed
CVE-2021-37136HIGH7.5
io.netty:netty-codec
4.1.17.Final
fixed in 4.1.68.Final
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-37137HIGH7.5
io.netty:netty-codec
4.1.17.Final
fixed in 4.1.68.Final
6.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-11612HIGH7.5
io.netty:netty-handler
4.1.17.Final
fixed in 4.1.46
9.4%
Low-Moderate Risk
Directly Exposed
CVE-2023-26464HIGH7.5
log4j:log4j
1.2.17
fixed in 2.0
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2023-1370HIGH7.5
net.minidev:json-smart
2.3
fixed in 2.4.9
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-39410HIGH7.5
org.apache.avro:avro
1.7.7
fixed in 1.11.3
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-39410HIGH7.5
org.apache.avro:avro
1.8.2
fixed in 1.11.3
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-37866HIGH7.5
org.apache.ivy:ivy
2.4.0
fixed in 2.5.1
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-10099HIGH7.5
org.apache.spark:spark-core_2.11
2.3.0
fixed in 2.3.3
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2018-1320HIGH7.5
org.apache.thrift:libthrift
0.9.3
fixed in 0.9.3-1, 0.12.0
8.2%
Low-Moderate Risk
Directly Exposed
CVE-2019-0205HIGH7.5
org.apache.thrift:libthrift
0.9.3
fixed in 0.13.0
9.1%
Low-Moderate Risk
Directly Exposed
CVE-2020-13949HIGH7.5
org.apache.thrift:libthrift
0.9.3
fixed in 0.14.0
6.8%
Low-Moderate Risk
Directly Exposed
CVE-2018-8012HIGH7.5
org.apache.zookeeper:zookeeper
3.4.6
fixed in 3.4.10, 3.5.4-beta
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-8012HIGH7.5
org.apache.zookeeper:zookeeper
3.4.9
fixed in 3.4.10, 3.5.4-beta
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2022-40150HIGH7.5
org.codehaus.jettison:jettison
1.1
fixed in 1.5.2
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2022-45685HIGH7.5
org.codehaus.jettison:jettison
1.1
fixed in 1.5.2
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-45693HIGH7.5
org.codehaus.jettison:jettison
1.1
fixed in 1.5.2
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2023-1436HIGH7.5
org.codehaus.jettison:jettison
1.1
fixed in 1.5.4
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2022-40149HIGH7.5
org.codehaus.jettison:jettison
1.1
fixed in 1.5.1
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2022-40150HIGH7.5
org.codehaus.jettison:jettison
1.3.4
fixed in 1.5.2
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2022-45685HIGH7.5
org.codehaus.jettison:jettison
1.3.4
fixed in 1.5.2
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-45693HIGH7.5
org.codehaus.jettison:jettison
1.3.4
fixed in 1.5.2
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2023-1436HIGH7.5
org.codehaus.jettison:jettison
1.3.4
fixed in 1.5.4
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2022-40149HIGH7.5
org.codehaus.jettison:jettison
1.3.4
fixed in 1.5.1
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2017-7656HIGH7.5
org.eclipse.jetty:jetty-server
9.3.19.v20170502
fixed in 9.3.24.v20180605, 9.4.11.v20180605
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-9735HIGH7.5
org.eclipse.jetty:jetty-server
9.3.19.v20170502
fixed in 9.4.6.v20170531, 9.3.20.v20170531, 9.2.22.v20170606
5.8%
Low-Moderate Risk
Directly Exposed
CVE-2018-12545HIGH7.5
org.eclipse.jetty:jetty-server
9.3.19.v20170502
fixed in 9.4.12.v20180830, 9.3.25.v20180904
5.1%
Low-Moderate Risk
Directly Exposed
CVE-2017-7656HIGH7.5
org.eclipse.jetty:jetty-server
9.3.20.v20170531
fixed in 9.3.24.v20180605, 9.4.11.v20180605
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2018-12545HIGH7.5
org.eclipse.jetty:jetty-server
9.3.20.v20170531
fixed in 9.4.12.v20180830, 9.3.25.v20180904
5.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-34455HIGH7.5
org.xerial.snappy:snappy-java
1.0.5
fixed in 1.1.10.1
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-43642HIGH7.5
org.xerial.snappy:snappy-java
1.0.5
fixed in 1.1.10.4
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2023-34453HIGH7.5
org.xerial.snappy:snappy-java
1.0.5
fixed in 1.1.10.1
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-34454HIGH7.5
org.xerial.snappy:snappy-java
1.0.5
fixed in 1.1.10.1
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-34455HIGH7.5
org.xerial.snappy:snappy-java
1.1.4
fixed in 1.1.10.1
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-43642HIGH7.5
org.xerial.snappy:snappy-java
1.1.4
fixed in 1.1.10.4
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2023-34453HIGH7.5
org.xerial.snappy:snappy-java
1.1.4
fixed in 1.1.10.1
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-34454HIGH7.5
org.xerial.snappy:snappy-java
1.1.4
fixed in 1.1.10.1
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2022-25857HIGH7.5
org.yaml:snakeyaml
1.16
fixed in 1.31
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-0361HIGH7.4
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u3
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2020-27216HIGH7
org.eclipse.jetty:jetty-webapp
9.3.19.v20170502
fixed in 9.4.33.v20201020, 10.0.0.beta3, 11.0.0.beta3
4.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-27216HIGH7
org.eclipse.jetty:jetty-webapp
9.3.20.v20170531
fixed in 9.4.33.v20201020, 10.0.0.beta3, 11.0.0.beta3
4.3%
Low-Moderate Risk
Directly Exposed
CVE-2025-32990MEDIUM6.97
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u8
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-42013MEDIUM6.97
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u10
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-5260MEDIUM6.97
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u10
0.7%
Theoretical Threat
Directly Exposed
CVE-2021-28169MEDIUM6.89
org.eclipse.jetty:jetty-servlets
9.3.20.v20170531
fixed in 9.4.41, 10.0.3, 11.0.3
78.5%
Actively Exploited
Directly Exposed
CVE-2026-0861MEDIUM6.88
libc-bin
2.31-13+deb11u3
fixed in 2.31-13+deb11u14
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0861MEDIUM6.88
libc6
2.31-13+deb11u3
fixed in 2.31-13+deb11u14
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-28387MEDIUM6.88
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u7
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-44249MEDIUM6.88
io.netty:netty-handler
4.0.52.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-44249MEDIUM6.88
io.netty:netty-handler
4.1.17.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2022-4304MEDIUM6.79
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u4
16.2%
High Exploitation Risk
Directly Exposed
CVE-2019-12384MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
45.2%
High Exploitation Risk
Directly Exposed
CVE-2019-12814MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
11.0%
High Exploitation Risk
Directly Exposed
CVE-2019-12384MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
45.2%
High Exploitation Risk
Directly Exposed
CVE-2019-12814MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.6.7.1
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
11.0%
High Exploitation Risk
Directly Exposed
CVE-2019-12384MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
45.2%
High Exploitation Risk
Directly Exposed
CVE-2019-12814MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.7.8
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
11.0%
High Exploitation Risk
Directly Exposed
CVE-2019-12384MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
45.2%
High Exploitation Risk
Directly Exposed
CVE-2019-12814MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.9.4
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
11.0%
High Exploitation Risk
Directly Exposed
CVE-2021-21295MEDIUM6.79
io.netty:netty
3.10.5.Final
fixed in 4.0.0
18.9%
High Exploitation Risk
Directly Exposed
CVE-2021-21295MEDIUM6.79
io.netty:netty
3.10.6.Final
fixed in 4.0.0
18.9%
High Exploitation Risk
Directly Exposed
CVE-2021-21295MEDIUM6.79
io.netty:netty
3.6.2.Final
fixed in 4.0.0
18.9%
High Exploitation Risk
Directly Exposed
CVE-2023-2650MEDIUM6.76
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u5
77.9%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2025-54920MEDIUM6.7
org.apache.spark:spark-core_2.11
2.3.0
No fix yet
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2021-3999MEDIUM6.63
libc-bin
2.31-13+deb11u3
fixed in 2.31-13+deb11u4
0.7%
Theoretical Threat
Directly Exposed
CVE-2021-3999MEDIUM6.63
libc6
2.31-13+deb11u3
fixed in 2.31-13+deb11u4
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-29111MEDIUM6.63
libsystemd0
247.3-7
fixed in 247.3-7+deb11u8
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-29111MEDIUM6.63
libudev1
247.3-7
fixed in 247.3-7+deb11u8
0.1%
Theoretical Threat
Directly Exposed
CVE-2023-36054MEDIUM6.5
libgssapi-krb5-2
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u4
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-36054MEDIUM6.5
libk5crypto3
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u4
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-36054MEDIUM6.5
libkrb5-3
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u4
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-36054MEDIUM6.5
libkrb5support0
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u4
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-31159MEDIUM6.5
com.amazonaws:aws-java-sdk-s3
1.11.271
fixed in 1.12.261
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2021-37533MEDIUM6.5
commons-net:commons-net
3.6
fixed in 3.9.0
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-43797MEDIUM6.5
io.netty:netty
3.10.5.Final
fixed in 4.0.0
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-43797MEDIUM6.5
io.netty:netty
3.10.6.Final
fixed in 4.0.0
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-43797MEDIUM6.5
io.netty:netty
3.6.2.Final
fixed in 4.0.0
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-43797MEDIUM6.5
io.netty:netty-codec-http
4.0.52.Final
fixed in 4.1.71.Final
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-43797MEDIUM6.5
io.netty:netty-codec-http
4.1.17.Final
fixed in 4.1.71.Final
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-34462MEDIUM6.5
io.netty:netty-handler
4.0.52.Final
fixed in 4.1.94.Final
2.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-34462MEDIUM6.5
io.netty:netty-handler
4.1.17.Final
fixed in 4.1.94.Final
2.5%
Low-Moderate Risk
Directly Exposed
CVE-2018-11798MEDIUM6.5
org.apache.thrift:libthrift
0.9.3
fixed in 0.12.0
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2024-8184MEDIUM6.5
org.eclipse.jetty:jetty-server
9.3.19.v20170502
fixed in 12.0.9, 10.0.24, 11.0.24, 9.4.56
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-8184MEDIUM6.5
org.eclipse.jetty:jetty-server
9.3.20.v20170531
fixed in 12.0.9, 10.0.24, 11.0.24, 9.4.56
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2022-38749MEDIUM6.5
org.yaml:snakeyaml
1.16
fixed in 1.31
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2022-38751MEDIUM6.5
org.yaml:snakeyaml
1.16
fixed in 1.31
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2022-38752MEDIUM6.5
org.yaml:snakeyaml
1.16
fixed in 1.32
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2022-41854MEDIUM6.5
org.yaml:snakeyaml
1.16
fixed in 1.32
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2022-23437MEDIUM6.5
xerces:xercesImpl
2.9.1
fixed in 2.12.2
4.4%
Low-Moderate Risk
Directly Exposed
CVE-2026-33846MEDIUM6.38
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u10
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-42009MEDIUM6.38
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u10
0.8%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libgssapi-krb5-2
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u5
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libk5crypto3
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u5
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libkrb5-3
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u5
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libkrb5support0
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u5
0.7%
Theoretical Threat
Directly Exposed
CVE-2022-41409MEDIUM6.38
libpcre2-8-0
10.36-2
No fix yet
1.0%
Theoretical Threat
Directly Exposed
CVE-2025-69421MEDIUM6.38
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u5
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28388MEDIUM6.38
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u7
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-28389MEDIUM6.38
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u7
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-28390MEDIUM6.38
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u7
0.8%
Theoretical Threat
Directly Exposed
CVE-2023-34610MEDIUM6.38
com.cedarsoftware:json-io
2.5.1
fixed in 4.14.1
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.12.0
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.4.0
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.6.7
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.7.8
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.9.4
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2022-3509MEDIUM6.38
com.google.protobuf:protobuf-java
3.3.0
fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7
0.6%
Theoretical Threat
Directly Exposed
CVE-2022-3510MEDIUM6.38
com.google.protobuf:protobuf-java
3.3.0
fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2022-3509MEDIUM6.38
com.google.protobuf:protobuf-java
3.3.1
fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7
0.6%
Theoretical Threat
Directly Exposed
CVE-2022-3510MEDIUM6.38
com.google.protobuf:protobuf-java
3.3.1
fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-52428MEDIUM6.38
com.nimbusds:nimbus-jose-jwt
4.41.1
fixed in 9.37.2
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-67721MEDIUM6.38
io.airlift:aircompressor
0.10
fixed in 2.0.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-58057MEDIUM6.38
io.netty:netty-codec
4.0.52.Final
fixed in 4.1.125.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-58057MEDIUM6.38
io.netty:netty-codec
4.1.17.Final
fixed in 4.1.125.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-33870MEDIUM6.38
io.netty:netty-codec-http
4.0.52.Final
fixed in 4.1.132.Final, 4.2.10.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http
4.0.52.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42585MEDIUM6.38
io.netty:netty-codec-http
4.0.52.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-58056MEDIUM6.38
io.netty:netty-codec-http
4.0.52.Final
fixed in 4.1.125.Final, 4.2.5.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-33870MEDIUM6.38
io.netty:netty-codec-http
4.1.17.Final
fixed in 4.1.132.Final, 4.2.10.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http
4.1.17.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42585MEDIUM6.38
io.netty:netty-codec-http
4.1.17.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-58056MEDIUM6.38
io.netty:netty-codec-http
4.1.17.Final
fixed in 4.1.125.Final, 4.2.5.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-45416MEDIUM6.38
io.netty:netty-handler
4.0.52.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-50010MEDIUM6.38
io.netty:netty-handler
4.0.52.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45416MEDIUM6.38
io.netty:netty-handler
4.1.17.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-50010MEDIUM6.38
io.netty:netty-handler
4.1.17.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-66566MEDIUM6.38
net.jpountz.lz4:lz4
1.2.0
No fix yet
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34479MEDIUM6.38
org.apache.logging.log4j:log4j-1.2-api
2.17.1
fixed in 2.25.4
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34480MEDIUM6.38
org.apache.logging.log4j:log4j-core
2.17.1
fixed in 2.25.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2024-9823MEDIUM6.38
org.eclipse.jetty:jetty-servlets
9.3.20.v20170531
fixed in 9.4.54, 10.0.18, 11.0.18
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-66566MEDIUM6.38
org.lz4:lz4-java
1.4.0
No fix yet
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-21634MEDIUM6.38
software.amazon.ion:ion-java
1.0.2
fixed in 1.10.5
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-3833MEDIUM6.29
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u10
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42011MEDIUM6.29
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u10
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-69419MEDIUM6.29
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u5
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-43869MEDIUM6.21
org.apache.thrift:libthrift
0.9.3
fixed in 0.23.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2020-13529MEDIUM6.1
libsystemd0
247.3-7
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2020-13529MEDIUM6.1
libudev1
247.3-7
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2019-10241MEDIUM6.1
org.eclipse.jetty:jetty-server
9.3.19.v20170502
fixed in 9.2.27.v20190403, 9.3.26.v20190403, 9.4.16.v20190411
9.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-10241MEDIUM6.1
org.eclipse.jetty:jetty-server
9.3.20.v20170531
fixed in 9.2.27.v20190403, 9.3.26.v20190403, 9.4.16.v20190411
9.6%
Low-Moderate Risk
Directly Exposed
CVE-2026-42012MEDIUM6.03
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u10
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
11.0.2
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
14.0.1
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
16.0.1
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
19.0
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
22.0
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-4802MEDIUM5.95
libc-bin
2.31-13+deb11u3
fixed in 2.31-13+deb11u13
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-4802MEDIUM5.95
libc6
2.31-13+deb11u3
fixed in 2.31-13+deb11u13
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-4806MEDIUM5.9
libc-bin
2.31-13+deb11u3
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2023-4813MEDIUM5.9
libc-bin
2.31-13+deb11u3
No fix yet
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-4806MEDIUM5.9
libc6
2.31-13+deb11u3
No fix yet
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2023-4813MEDIUM5.9
libc6
2.31-13+deb11u3
No fix yet
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2024-2236MEDIUM5.9
libgcrypt20
1.8.7-6
No fix yet
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-5981MEDIUM5.9
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u4
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libgssapi-krb5-2
1.18.3-6+deb11u1
No fix yet
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libk5crypto3
1.18.3-6+deb11u1
No fix yet
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libkrb5-3
1.18.3-6+deb11u1
No fix yet
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libkrb5support0
1.18.3-6+deb11u1
No fix yet
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-5535MEDIUM5.9
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u2
5.6%
Low-Moderate Risk
Directly Exposed
CVE-2025-13151MEDIUM5.9
libtasn1-6
4.16.0-2
No fix yet
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-10237MEDIUM5.9
com.google.guava:guava
11.0.2
fixed in 24.1.1-android
5.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-10237MEDIUM5.9
com.google.guava:guava
14.0.1
fixed in 24.1.1-android
5.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-10237MEDIUM5.9
com.google.guava:guava
16.0.1
fixed in 24.1.1-android
5.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-10237MEDIUM5.9
com.google.guava:guava
19.0
fixed in 24.1.1-android
5.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-10237MEDIUM5.9
com.google.guava:guava
22.0
fixed in 24.1.1-android
5.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-21409MEDIUM5.9
io.netty:netty
3.10.5.Final
fixed in 4.0.0
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-21409MEDIUM5.9
io.netty:netty
3.10.6.Final
fixed in 4.0.0
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-21409MEDIUM5.9
io.netty:netty
3.6.2.Final
fixed in 4.0.0
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-27568MEDIUM5.9
net.minidev:json-smart
2.3
fixed in 1.3.2, 2.4.1, 2.3.1
2.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-13955MEDIUM5.9
org.apache.calcite:calcite-core
1.16.0
fixed in 1.26.0
2.4%
Low-Moderate Risk
Directly Exposed
CVE-2020-13955MEDIUM5.9
org.apache.calcite:calcite-druid
1.16.0
fixed in 1.26.0
2.4%
Low-Moderate Risk
Directly Exposed
CVE-2019-0201MEDIUM5.9
org.apache.zookeeper:zookeeper
3.4.6
fixed in 3.4.14, 3.5.5
9.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-0201MEDIUM5.9
org.apache.zookeeper:zookeeper
3.4.9
fixed in 3.4.14, 3.5.5
9.6%
Low-Moderate Risk
Directly Exposed
CVE-2026-40490MEDIUM5.78
org.asynchttpclient:async-http-client
2.0.37
fixed in 3.0.9, 2.14.5
0.3%
Theoretical Threat
Directly Exposed
CVE-2009-2625MEDIUM5.75
xerces:xercesImpl
2.9.1
fixed in 2.10.0
30.4%
High Exploitation Risk
Directly Exposed
CVE-2026-4105MEDIUM5.7
libsystemd0
247.3-7
fixed in 247.3-7+deb11u8
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-4105MEDIUM5.7
libudev1
247.3-7
fixed in 247.3-7+deb11u8
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-42014MEDIUM5.61
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u10
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-9230MEDIUM5.6
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u4
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2024-4741MEDIUM5.6
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u2
2.9%
Low-Moderate Risk
Directly Exposed
CVE-2011-3389MEDIUM5.59
libgnutls30
3.7.1-5+deb11u1
No fix yet
73.3%
Actively Exploited
Directly Exposed
CVE-2026-6238MEDIUM5.52
libc-bin
2.31-13+deb11u3
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-6238MEDIUM5.52
libc6
2.31-13+deb11u3
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-6395MEDIUM5.52
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u8
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-24528MEDIUM5.52
libgssapi-krb5-2
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u6
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-24528MEDIUM5.52
libk5crypto3
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u6
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-24528MEDIUM5.52
libkrb5-3
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u6
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-24528MEDIUM5.52
libkrb5support0
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u6
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-67735MEDIUM5.52
io.netty:netty-codec-http
4.0.52.Final
fixed in 4.2.8.Final, 4.1.129.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-41417MEDIUM5.52
io.netty:netty-codec-http
4.0.52.Final
fixed in 4.1.133.Final, 4.2.13.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42580MEDIUM5.52
io.netty:netty-codec-http
4.0.52.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-67735MEDIUM5.52
io.netty:netty-codec-http
4.1.17.Final
fixed in 4.2.8.Final, 4.1.129.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-41417MEDIUM5.52
io.netty:netty-codec-http
4.1.17.Final
fixed in 4.1.133.Final, 4.2.13.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42580MEDIUM5.52
io.netty:netty-codec-http
4.1.17.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-12183MEDIUM5.52
net.jpountz.lz4:lz4
1.2.0
No fix yet
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-12183MEDIUM5.52
org.lz4:lz4-java
1.4.0
fixed in 1.8.1
0.7%
Theoretical Threat
Directly Exposed
CVE-2021-29425MEDIUM5.52
commons-io:commons-io
2.4
fixed in 2.7
10.6%
High Exploitation Risk
Directly Exposed
CVE-2021-29425MEDIUM5.52
commons-io:commons-io
2.5
fixed in 2.7
10.6%
High Exploitation Risk
Directly Exposed
CVE-2021-29425MEDIUM5.52
commons-io:commons-io
2.6
fixed in 2.7
10.6%
High Exploitation Risk
Directly Exposed
CVE-2024-0727MEDIUM5.5
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u2
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2021-22569MEDIUM5.5
com.google.protobuf:protobuf-java
2.5.0
fixed in 3.16.1, 3.18.2, 3.19.2
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-22569MEDIUM5.5
com.google.protobuf:protobuf-java
3.3.0
fixed in 3.16.1, 3.18.2, 3.19.2
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-22569MEDIUM5.5
com.google.protobuf:protobuf-java
3.3.1
fixed in 3.16.1, 3.18.2, 3.19.2
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-21290MEDIUM5.5
io.netty:netty
3.10.5.Final
fixed in 4.0.0
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2021-21290MEDIUM5.5
io.netty:netty
3.10.6.Final
fixed in 4.0.0
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2021-21290MEDIUM5.5
io.netty:netty
3.6.2.Final
fixed in 4.0.0
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2021-21290MEDIUM5.5
io.netty:netty-codec-http
4.0.52.Final
fixed in 4.1.59.Final
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-24823MEDIUM5.5
io.netty:netty-codec-http
4.0.52.Final
fixed in 4.1.77.Final
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2021-21290MEDIUM5.5
io.netty:netty-codec-http
4.1.17.Final
fixed in 4.1.59.Final
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-24823MEDIUM5.5
io.netty:netty-codec-http
4.1.17.Final
fixed in 4.1.77.Final
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-15250MEDIUM5.5
junit:junit
4.11
fixed in 4.13.1
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-17521MEDIUM5.5
org.codehaus.groovy:groovy-all
2.4.11
fixed in 2.4.21, 2.5.14, 3.0.7
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-11770MEDIUM5.46
org.apache.spark:spark-core_2.11
2.3.0
No fix yet
65.9%
Actively Exploited
Directly Exposed
CVE-2026-40225MEDIUM5.44
libsystemd0
247.3-7
fixed in 247.3-7+deb11u8
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-40226MEDIUM5.44
libsystemd0
247.3-7
fixed in 247.3-7+deb11u8
<0.1%
Theoretical Threat
Directly Exposed
CVE-2026-40225MEDIUM5.44
libudev1
247.3-7
fixed in 247.3-7+deb11u8
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-40226MEDIUM5.44
libudev1
247.3-7
fixed in 247.3-7+deb11u8
<0.1%
Theoretical Threat
Directly Exposed
CVE-2018-8024MEDIUM5.4
org.apache.spark:spark-core_2.11
2.3.0
fixed in 2.1.3, 2.2.2, 2.3.1
5.5%
Low-Moderate Risk
Directly Exposed
CVE-2022-31777MEDIUM5.4
org.apache.spark:spark-core_2.11
2.3.0
fixed in 3.2.2
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2024-33600MEDIUM5.3
libc-bin
2.31-13+deb11u3
fixed in 2.31-13+deb11u10
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2019-1010024MEDIUM5.3
libc-bin
2.31-13+deb11u3
No fix yet
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2019-1010025MEDIUM5.3
libc-bin
2.31-13+deb11u3
No fix yet
2.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-33600MEDIUM5.3
libc6
2.31-13+deb11u3
fixed in 2.31-13+deb11u10
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2019-1010024MEDIUM5.3
libc6
2.31-13+deb11u3
No fix yet
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2019-1010025MEDIUM5.3
libc6
2.31-13+deb11u3
No fix yet
2.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-12243MEDIUM5.3
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u7
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2022-2097MEDIUM5.3
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u4
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2023-0465MEDIUM5.3
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u5
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-0466MEDIUM5.3
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u5
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-3446MEDIUM5.3
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1v-0~deb11u1
5.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-3817MEDIUM5.3
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1v-0~deb11u1
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-5678MEDIUM5.3
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u2
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2024-12133MEDIUM5.3
libtasn1-6
4.16.0-2
fixed in 4.16.0-2+deb11u2
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-29025MEDIUM5.3
io.netty:netty-codec-http
4.0.52.Final
fixed in 4.1.108.Final
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2024-29025MEDIUM5.3
io.netty:netty-codec-http
4.1.17.Final
fixed in 4.1.108.Final
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2025-27553MEDIUM5.3
org.apache.commons:commons-vfs2
2.1
fixed in 2.10.0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2018-1313MEDIUM5.3
org.apache.derby:derby
10.14.1.0
fixed in 10.14.2.0
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-13956MEDIUM5.3
org.apache.httpcomponents:httpclient
4.5.2
fixed in 4.5.13, 5.0.3
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-40167MEDIUM5.3
org.eclipse.jetty:jetty-http
9.3.19.v20170502
fixed in 9.4.52, 10.0.16, 11.0.16, 12.0.1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-40167MEDIUM5.3
org.eclipse.jetty:jetty-http
9.3.20.v20170531
fixed in 9.4.52, 10.0.16, 11.0.16, 12.0.1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-12536MEDIUM5.3
org.eclipse.jetty:jetty-server
9.3.19.v20170502
fixed in 9.4.11.v20180605, 9.3.24.v20180605
4.3%
Low-Moderate Risk
Directly Exposed
CVE-2019-10246MEDIUM5.3
org.eclipse.jetty:jetty-server
9.3.19.v20170502
fixed in 9.2.28.v20190418, 9.3.27.v20190418, 9.4.17.v20190418
4.0%
Low-Moderate Risk
Directly Exposed
CVE-2019-10247MEDIUM5.3
org.eclipse.jetty:jetty-server
9.3.19.v20170502
fixed in 9.2.28.v20190418, 9.3.27.v20190418, 9.4.17.v20190418
5.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-26048MEDIUM5.3
org.eclipse.jetty:jetty-server
9.3.19.v20170502
fixed in 9.4.51.v20230217, 10.0.14, 11.0.14
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2023-26049MEDIUM5.3
org.eclipse.jetty:jetty-server
9.3.19.v20170502
fixed in 9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2018-12536MEDIUM5.3
org.eclipse.jetty:jetty-server
9.3.20.v20170531
fixed in 9.4.11.v20180605, 9.3.24.v20180605
4.3%
Low-Moderate Risk
Directly Exposed
CVE-2019-10246MEDIUM5.3
org.eclipse.jetty:jetty-server
9.3.20.v20170531
fixed in 9.2.28.v20190418, 9.3.27.v20190418, 9.4.17.v20190418
4.0%
Low-Moderate Risk
Directly Exposed
CVE-2019-10247MEDIUM5.3
org.eclipse.jetty:jetty-server
9.3.20.v20170531
fixed in 9.2.28.v20190418, 9.3.27.v20190418, 9.4.17.v20190418
5.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-26048MEDIUM5.3
org.eclipse.jetty:jetty-server
9.3.20.v20170531
fixed in 9.4.51.v20230217, 10.0.14, 11.0.14
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2023-26049MEDIUM5.3
org.eclipse.jetty:jetty-server
9.3.20.v20170531
fixed in 9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-14338MEDIUM5.3
xerces:xercesImpl
2.9.1
fixed in 2.12.0.sp3
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2025-14104MEDIUM5.18
libblkid1
2.36.1-8+deb11u1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-14104MEDIUM5.18
libmount1
2.36.1-8+deb11u1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-14104MEDIUM5.18
libsmartcols1
2.36.1-8+deb11u1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-14104MEDIUM5.18
libuuid1
2.36.1-8+deb11u1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
libc-bin
2.31-13+deb11u3
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-15281MEDIUM5.02
libc-bin
2.31-13+deb11u3
fixed in 2.31-13+deb11u14
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5435MEDIUM5.02
libc6
2.31-13+deb11u3
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-15281MEDIUM5.02
libc6
2.31-13+deb11u3
fixed in 2.31-13+deb11u14
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libgssapi-krb5-2
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u7
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-40355MEDIUM5.02
libgssapi-krb5-2
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-40356MEDIUM5.02
libgssapi-krb5-2
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u8
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libgssapi-krb5-2
1.18.3-6+deb11u1
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libk5crypto3
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u7
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-40355MEDIUM5.02
libk5crypto3
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-40356MEDIUM5.02
libk5crypto3
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u8
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libk5crypto3
1.18.3-6+deb11u1
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libkrb5-3
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u7
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-40355MEDIUM5.02
libkrb5-3
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-40356MEDIUM5.02
libkrb5-3
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u8
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libkrb5-3
1.18.3-6+deb11u1
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libkrb5support0
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u7
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-40355MEDIUM5.02
libkrb5support0
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-40356MEDIUM5.02
libkrb5support0
1.18.3-6+deb11u1
fixed in 1.18.3-6+deb11u8
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libkrb5support0
1.18.3-6+deb11u1
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-69420MEDIUM5.02
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u5
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-22796MEDIUM5.02
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u5
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-9076MEDIUM5.02
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u8
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-7008MEDIUM5.02
libsystemd0
247.3-7
fixed in 247.3-7+deb11u6
0.8%
Theoretical Threat
Directly Exposed
CVE-2023-7008MEDIUM5.02
libudev1
247.3-7
fixed in 247.3-7+deb11u6
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-34477MEDIUM5.02
org.apache.logging.log4j:log4j-core
2.17.1
fixed in 2.25.4
0.4%
Theoretical Threat
Directly Exposed
CVE-2014-0193MEDIUM5
io.netty:netty
3.6.2.Final
fixed in 3.6.9.Final, 3.7.1.Final, 3.8.2.Final, 3.9.1.Final, 4.0.19.Final
4.3%
Low-Moderate Risk
Directly Exposed
CVE-2025-53864MEDIUM4.93
com.nimbusds:nimbus-jose-jwt
4.41.1
fixed in 10.0.2, 9.37.4
0.8%
Theoretical Threat
Directly Exposed
CVE-2024-2511MEDIUM4.81
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u2
54.0%
Actively Exploited
Directly Exposed
CVE-2022-0563MEDIUM4.67
libblkid1
2.36.1-8+deb11u1
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-0395MEDIUM4.67
libc-bin
2.31-13+deb11u3
fixed in 2.31-13+deb11u12
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-0395MEDIUM4.67
libc6
2.31-13+deb11u3
fixed in 2.31-13+deb11u12
0.3%
Theoretical Threat
Directly Exposed
CVE-2022-0563MEDIUM4.67
libmount1
2.36.1-8+deb11u1
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2017-16231MEDIUM4.67
libpcre3
2:8.39-13
No fix yet
0.5%
Theoretical Threat
Directly Exposed
CVE-2022-0563MEDIUM4.67
libsmartcols1
2.36.1-8+deb11u1
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-22795MEDIUM4.67
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u5
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-7383MEDIUM4.67
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u8
0.3%
Theoretical Threat
Directly Exposed
CVE-2022-3821MEDIUM4.67
libsystemd0
247.3-7
fixed in 247.3-7+deb11u2
0.4%
Theoretical Threat
Directly Exposed
CVE-2022-4415MEDIUM4.67
libsystemd0
247.3-7
fixed in 247.3-7+deb11u2
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-3821MEDIUM4.67
libudev1
247.3-7
fixed in 247.3-7+deb11u2
0.4%
Theoretical Threat
Directly Exposed
CVE-2022-4415MEDIUM4.67
libudev1
247.3-7
fixed in 247.3-7+deb11u2
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-0563MEDIUM4.67
libuuid1
2.36.1-8+deb11u1
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-27171MEDIUM4.67
zlib1g
1:1.2.11.dfsg-2+deb11u1
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-47535MEDIUM4.67
io.netty:netty-common
4.1.17.Final
fixed in 4.1.115.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-25193MEDIUM4.67
io.netty:netty-common
4.1.17.Final
fixed in 4.1.118.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-25710MEDIUM4.67
org.apache.commons:commons-compress
1.19
fixed in 1.26.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-25710MEDIUM4.67
org.apache.commons:commons-compress
1.4.1
fixed in 1.26.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2022-38750MEDIUM4.67
org.yaml:snakeyaml
1.16
fixed in 1.31
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42496MEDIUM4.64
perl-base
5.32.1-4+deb11u2
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2019-17571MEDIUM4.58
log4j:log4j
1.2.17
No fix yet
69.1%
Actively Exploited
Post-Exploit
CVE-2022-23305MEDIUM4.58
log4j:log4j
1.2.17
No fix yet
67.5%
Actively Exploited
Post-Exploit
CVE-2023-0215MEDIUM4.5
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u4
4.5%
Low-Moderate Risk
Post-Exploit
CVE-2023-0464MEDIUM4.5
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u5
3.7%
Low-Moderate Risk
Post-Exploit
CVE-2020-11979MEDIUM4.5
org.apache.ant:ant
1.9.1
fixed in 1.10.9
8.1%
Low-Moderate Risk
Post-Exploit
CVE-2026-3184MEDIUM4.5
libblkid1
2.36.1-8+deb11u1
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0915MEDIUM4.5
libc-bin
2.31-13+deb11u3
fixed in 2.31-13+deb11u14
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
libc-bin
2.31-13+deb11u3
fixed in 2.31-13+deb11u14
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0915MEDIUM4.5
libc6
2.31-13+deb11u3
fixed in 2.31-13+deb11u14
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-4046MEDIUM4.5
libc6
2.31-13+deb11u3
fixed in 2.31-13+deb11u14
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-28834MEDIUM4.5
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u6
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-14831MEDIUM4.5
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u9
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42015MEDIUM4.5
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u10
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-34743MEDIUM4.5
liblzma5
5.2.5-2.1~deb11u1
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-3184MEDIUM4.5
libmount1
2.36.1-8+deb11u1
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-3184MEDIUM4.5
libsmartcols1
2.36.1-8+deb11u1
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42766MEDIUM4.5
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u8
0.6%
Theoretical Threat
Directly Exposed
CVE-2023-31437MEDIUM4.5
libsystemd0
247.3-7
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-31438MEDIUM4.5
libsystemd0
247.3-7
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-31439MEDIUM4.5
libsystemd0
247.3-7
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-31437MEDIUM4.5
libudev1
247.3-7
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-31438MEDIUM4.5
libudev1
247.3-7
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2023-31439MEDIUM4.5
libudev1
247.3-7
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-3184MEDIUM4.5
libuuid1
2.36.1-8+deb11u1
No fix yet
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-50020MEDIUM4.5
io.netty:netty-codec-http
4.0.52.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-50020MEDIUM4.5
io.netty:netty-codec-http
4.1.17.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-6763MEDIUM4.5
org.eclipse.jetty:jetty-http
9.3.19.v20170502
fixed in 12.0.12
1.0%
Theoretical Threat
Directly Exposed
CVE-2024-6763MEDIUM4.5
org.eclipse.jetty:jetty-http
9.3.20.v20170531
fixed in 12.0.12
1.0%
Theoretical Threat
Directly Exposed
CVE-2024-28085MEDIUM4.4
libblkid1
2.36.1-8+deb11u1
fixed in 2.36.1-8+deb11u2
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-28085MEDIUM4.4
libmount1
2.36.1-8+deb11u1
fixed in 2.36.1-8+deb11u2
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-28085MEDIUM4.4
libsmartcols1
2.36.1-8+deb11u1
fixed in 2.36.1-8+deb11u2
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-28085MEDIUM4.4
libuuid1
2.36.1-8+deb11u1
fixed in 2.36.1-8+deb11u2
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-29131MEDIUM4.4
org.apache.commons:commons-configuration2
2.1.1
fixed in 2.10.1
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-29133MEDIUM4.4
org.apache.commons:commons-configuration2
2.1.1
fixed in 2.10.1
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2024-47554MEDIUM4.3
commons-io:commons-io
2.4
fixed in 2.14.0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-47554MEDIUM4.3
commons-io:commons-io
2.5
fixed in 2.14.0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-47554MEDIUM4.3
commons-io:commons-io
2.6
fixed in 2.14.0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2026-42250MEDIUM4.25
libbz2-1.0
1.0.8-4
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-5450MEDIUM4.25
libc-bin
2.31-13+deb11u3
No fix yet
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-5928MEDIUM4.25
libc-bin
2.31-13+deb11u3
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-5450MEDIUM4.25
libc6
2.31-13+deb11u3
No fix yet
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-5928MEDIUM4.25
libc6
2.31-13+deb11u3
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-28835MEDIUM4.25
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u6
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-11850MEDIUM4.25
libgssapi-krb5-2
1.18.3-6+deb11u1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-11850MEDIUM4.25
libk5crypto3
1.18.3-6+deb11u1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-11850MEDIUM4.25
libkrb5-3
1.18.3-6+deb11u1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-11850MEDIUM4.25
libkrb5support0
1.18.3-6+deb11u1
No fix yet
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-34180MEDIUM4.25
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u8
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-28387MEDIUM4.13
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u7
0.6%
Theoretical Threat
Post-Exploit
CVE-2023-4039MEDIUM4.08
libgcc-s1
10.2.1-6
No fix yet
0.7%
Theoretical Threat
Directly Exposed
CVE-2023-4039MEDIUM4.08
libstdc++6
10.2.1-6
No fix yet
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-68161MEDIUM4.08
org.apache.logging.log4j:log4j-core
2.17.1
fixed in 2.25.3
0.7%
Theoretical Threat
Directly Exposed
CVE-2022-4304MEDIUM4.07
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u4
16.2%
High Exploitation Risk
Post-Exploit
CVE-2019-8457MEDIUM4.06
libdb5.3
5.3.28+dfsg1-0.8
No fix yet
45.4%
High Exploitation Risk
Post-Exploit
CVE-2022-37434MEDIUM4.06
zlib1g
1:1.2.11.dfsg-2+deb11u1
fixed in 1:1.2.11.dfsg-2+deb11u2
15.9%
High Exploitation Risk
Post-Exploit
CVE-2026-27456MEDIUM4
libblkid1
2.36.1-8+deb11u1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libmount1
2.36.1-8+deb11u1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libsmartcols1
2.36.1-8+deb11u1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2024-13176MEDIUM4
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u3
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-68160MEDIUM4
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u5
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-4598MEDIUM4
libsystemd0
247.3-7
fixed in 247.3-7+deb11u7
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-4598MEDIUM4
libudev1
247.3-7
fixed in 247.3-7+deb11u7
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-27456MEDIUM4
libuuid1
2.36.1-8+deb11u1
No fix yet
0.1%
Theoretical Threat
Directly Exposed
CVE-2018-1334MEDIUM4
org.apache.spark:spark-core_2.11
2.3.0
fixed in 2.1.3, 2.2.2, 2.3.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2010-4756MEDIUM4
libc-bin
2.31-13+deb11u3
No fix yet
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2024-33601MEDIUM4
libc-bin
2.31-13+deb11u3
fixed in 2.31-13+deb11u10
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2010-4756MEDIUM4
libc6
2.31-13+deb11u3
No fix yet
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2024-33601MEDIUM4
libc6
2.31-13+deb11u3
fixed in 2.31-13+deb11u10
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-3715LOW3.98
bash
5.1-2+deb11u1
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2020-16156LOW3.98
perl-base
5.32.1-4+deb11u2
fixed in 5.32.1-4+deb11u4
0.8%
Theoretical Threat
Post-Exploit
CVE-2023-47038LOW3.98
perl-base
5.32.1-4+deb11u2
fixed in 5.32.1-4+deb11u3
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-48962LOW3.98
perl-base
5.32.1-4+deb11u2
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-69421LOW3.82
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u5
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28388LOW3.82
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u7
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-28389LOW3.82
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u7
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-28390LOW3.82
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u7
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-42497LOW3.82
perl-base
5.32.1-4+deb11u2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-9538LOW3.82
perl-base
5.32.1-4+deb11u2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2020-1945LOW3.78
org.apache.ant:ant
1.9.1
fixed in 1.9.15, 1.10.8
1.9%
Low-Moderate Risk
Post-Exploit
CVE-2025-69419LOW3.77
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u5
0.4%
Theoretical Threat
Post-Exploit
CVE-2011-3374LOW3.7
libapt-pkg6.0
2.2.4
No fix yet
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-9143LOW3.7
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u2
6.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-48924LOW3.7
org.apache.commons:commons-lang3
3.4
fixed in 3.18.0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-48924LOW3.7
org.apache.commons:commons-lang3
3.9
fixed in 3.18.0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2013-7397LOW3.65
com.ning:async-http-client
1.8.16
fixed in 1.9.0
1.0%
Theoretical Threat
Directly Exposed
CVE-2013-7398LOW3.65
com.ning:async-http-client
1.8.16
fixed in 1.9.0
0.8%
Theoretical Threat
Directly Exposed
CVE-2005-2541LOW3.6
tar
1.34+dfsg-1
No fix yet
4.0%
Low-Moderate Risk
Post-Exploit
CVE-2025-68973LOW3.57
gpgv
2.2.27-2+deb11u2
fixed in 2.2.27-2+deb11u3
0.1%
Theoretical Threat
Post-Exploit
CVE-2025-8058LOW3.57
libc-bin
2.31-13+deb11u3
fixed in 2.31-13+deb11u14
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-8058LOW3.57
libc6
2.31-13+deb11u3
fixed in 2.31-13+deb11u14
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-5535LOW3.54
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u2
5.6%
Low-Moderate Risk
Post-Exploit
CVE-2024-33602LOW3.4
libc-bin
2.31-13+deb11u3
fixed in 2.31-13+deb11u10
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-33602LOW3.4
libc6
2.31-13+deb11u3
fixed in 2.31-13+deb11u10
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-9820LOW3.4
libgnutls30
3.7.1-5+deb11u1
fixed in 3.7.1-5+deb11u9
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-69418LOW3.4
libssl1.1
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u5
0.1%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.12.0
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.4.0
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.6.7
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.7.8
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.9.4
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-45536LOW3.4
io.netty:netty-transport-native-epoll
4.0.52.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-9230LOW3.36
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u4
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2024-4741LOW3.36
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u2
2.9%
Low-Moderate Risk
Post-Exploit
CVE-2016-2781LOW3.31
coreutils
8.32-4+b1
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-15649LOW3.31
perl-base
5.32.1-4+deb11u2
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2024-0727LOW3.3
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u2
3.2%
Low-Moderate Risk
Post-Exploit
CVE-2022-48303LOW3.3
tar
1.34+dfsg-1
fixed in 1.34+dfsg-1+deb11u1
4.5%
Low-Moderate Risk
Post-Exploit
CVE-2021-36373LOW3.3
org.apache.ant:ant
1.9.1
fixed in 1.9.16, 1.10.11
2.5%
Low-Moderate Risk
Post-Exploit
CVE-2021-36374LOW3.3
org.apache.ant:ant
1.9.1
fixed in 1.9.16, 1.10.11
2.6%
Low-Moderate Risk
Post-Exploit
CVE-2026-5958LOW3.21
sed
4.7-1
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2022-2097LOW3.18
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u4
2.0%
Low-Moderate Risk
Post-Exploit
CVE-2023-0465LOW3.18
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u5
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-0466LOW3.18
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u5
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-3446LOW3.18
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1v-0~deb11u1
5.5%
Low-Moderate Risk
Post-Exploit
CVE-2023-3817LOW3.18
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1v-0~deb11u1
2.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-5678LOW3.18
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u2
4.5%
Low-Moderate Risk
Post-Exploit
CVE-2025-14104LOW3.11
bsdutils
1:2.36.1-8+deb11u1
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-14104LOW3.11
mount
2.36.1-8+deb11u1
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-14104LOW3.11
util-linux
2.36.1-8+deb11u1
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2022-4450LOW3.1
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1n-0+deb11u4
20.4%
High Exploitation Risk
Post-Exploit
CVE-2023-36479LOW3.1
org.eclipse.jetty:jetty-servlets
9.3.20.v20170531
fixed in 9.4.52, 10.0.16, 11.0.16
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2025-69420LOW3.01
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u5
0.8%
Theoretical Threat
Post-Exploit
CVE-2026-22796LOW3.01
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u5
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-9076LOW3.01
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u8
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-40909LOW3.01
perl-base
5.32.1-4+deb11u2
fixed in 5.32.1-4+deb11u5
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-8376LOW3
perl-base
5.32.1-4+deb11u2
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2021-34428LOW2.98
org.eclipse.jetty:jetty-server
9.3.19.v20170502
fixed in 9.4.41, 10.0.3, 11.0.3
1.0%
Theoretical Threat
Directly Exposed
CVE-2021-34428LOW2.98
org.eclipse.jetty:jetty-server
9.3.20.v20170531
fixed in 9.4.41, 10.0.3, 11.0.3
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-45447LOW2.92
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u8
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2023-31484LOW2.92
perl-base
5.32.1-4+deb11u2
fixed in 5.32.1-4+deb11u4
1.6%
Low-Moderate Risk
Post-Exploit
CVE-2023-31486LOW2.92
perl-base
5.32.1-4+deb11u2
No fix yet
1.7%
Low-Moderate Risk
Post-Exploit
CVE-2024-2511LOW2.89
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u2
54.0%
Actively Exploited
Post-Exploit
CVE-2022-1304LOW2.81
e2fsprogs
1.46.2-2
fixed in 1.46.2-2+deb11u1
1.3%
Low-Moderate Risk
Post-Exploit
CVE-2022-1304LOW2.81
logsave
1.46.2-2
fixed in 1.46.2-2+deb11u1
1.3%
Low-Moderate Risk
Post-Exploit
CVE-2022-0563LOW2.8
bsdutils
1:2.36.1-8+deb11u1
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-4641LOW2.8
login
1:4.8.1-1
fixed in 1:4.8.1-1+deb11u1
0.3%
Theoretical Threat
Post-Exploit
CVE-2022-0563LOW2.8
mount
2.36.1-8+deb11u1
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-22795LOW2.8
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u5
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-7383LOW2.8
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u8
0.3%
Theoretical Threat
Post-Exploit
CVE-2023-4641LOW2.8
passwd
1:4.8.1-1
fixed in 1:4.8.1-1+deb11u1
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-5704LOW2.8
tar
1.34+dfsg-1
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2022-0563LOW2.8
util-linux
2.36.1-8+deb11u1
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-4016LOW2.8
libprocps8
2:3.3.17-5
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2021-36084LOW2.8
libsepol1
3.1-1
fixed in 3.1-1+deb11u1
0.5%
Theoretical Threat
Directly Exposed
CVE-2021-36085LOW2.8
libsepol1
3.1-1
fixed in 3.1-1+deb11u1
0.5%
Theoretical Threat
Directly Exposed
CVE-2021-36086LOW2.8
libsepol1
3.1-1
fixed in 3.1-1+deb11u1
0.6%
Theoretical Threat
Directly Exposed
CVE-2021-36087LOW2.8
libsepol1
3.1-1
fixed in 3.1-1+deb11u1
0.5%
Theoretical Threat
Directly Exposed
CVE-2013-4392LOW2.8
libsystemd0
247.3-7
No fix yet
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-40228LOW2.8
libsystemd0
247.3-7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2013-4392LOW2.8
libudev1
247.3-7
No fix yet
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-40228LOW2.8
libudev1
247.3-7
No fix yet
0.2%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
11.0.2
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
14.0.1
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
16.0.1
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
19.0
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
22.0
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-3184LOW2.7
bsdutils
1:2.36.1-8+deb11u1
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW2.7
mount
2.36.1-8+deb11u1
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-42766LOW2.7
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u8
0.6%
Theoretical Threat
Post-Exploit
CVE-2026-12087LOW2.7
perl-base
5.32.1-4+deb11u2
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2026-3184LOW2.7
util-linux
2.36.1-8+deb11u1
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-28085LOW2.64
bsdutils
1:2.36.1-8+deb11u1
fixed in 2.36.1-8+deb11u2
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-28085LOW2.64
mount
2.36.1-8+deb11u1
fixed in 2.36.1-8+deb11u2
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-28085LOW2.64
util-linux
2.36.1-8+deb11u1
fixed in 2.36.1-8+deb11u2
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2026-34180LOW2.55
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u8
0.5%
Theoretical Threat
Post-Exploit
CVE-2026-48959LOW2.55
perl-base
5.32.1-4+deb11u2
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-48961LOW2.55
perl-base
5.32.1-4+deb11u2
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2007-5686LOW2.5
login
1:4.8.1-1
No fix yet
0.9%
Theoretical Threat
Post-Exploit
CVE-2007-5686LOW2.5
passwd
1:4.8.1-1
No fix yet
0.9%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
bsdutils
1:2.36.1-8+deb11u1
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2017-18018LOW2.4
coreutils
8.32-4+b1
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2025-30258LOW2.4
gpgv
2.2.27-2+deb11u2
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2025-68972LOW2.4
gpgv
2.2.27-2+deb11u2
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2013-4235LOW2.4
login
1:4.8.1-1
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
mount
2.36.1-8+deb11u1
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2024-13176LOW2.4
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u3
0.6%
Theoretical Threat
Post-Exploit
CVE-2025-68160LOW2.4
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u5
0.2%
Theoretical Threat
Post-Exploit
CVE-2013-4235LOW2.4
passwd
1:4.8.1-1
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-27456LOW2.4
util-linux
2.36.1-8+deb11u1
No fix yet
0.1%
Theoretical Threat
Post-Exploit
CVE-2022-2047LOW2.29
org.eclipse.jetty:jetty-http
9.3.19.v20170502
fixed in 9.4.47, 10.0.10, 11.0.10
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-2047LOW2.29
org.eclipse.jetty:jetty-http
9.3.20.v20170531
fixed in 9.4.47, 10.0.10, 11.0.10
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-5278LOW2.24
coreutils
8.32-4+b1
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2011-3374LOW2.22
apt
2.2.4
No fix yet
1.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-9143LOW2.22
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u2
6.0%
Low-Moderate Risk
Post-Exploit
CVE-2025-69418LOW2.04
openssl
1.1.1n-0+deb11u3
fixed in 1.1.1w-0+deb11u5
0.1%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
login
1:4.8.1-1
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-56433LOW1.84
passwd
1:4.8.1-1
No fix yet
0.4%
Theoretical Threat
Post-Exploit
CVE-2022-3219LOW1.68
gpgv
2.2.27-2+deb11u2
No fix yet
0.3%
Theoretical Threat
Post-Exploit
CVE-2023-29383LOW1.68
login
1:4.8.1-1
fixed in 1:4.8.1-1+deb11u1
0.4%
Theoretical Threat
Post-Exploit
CVE-2023-29383LOW1.68
passwd
1:4.8.1-1
fixed in 1:4.8.1-1+deb11u1
0.4%
Theoretical Threat
Post-Exploit
CVE-2011-4116LOW1.68
perl-base
5.32.1-4+deb11u2
No fix yet
0.5%
Theoretical Threat
Post-Exploit
CVE-2023-4016LOW1.68
procps
2:3.3.17-5
No fix yet
0.2%
Theoretical Threat
Post-Exploit
CVE-2023-39804LOW1.68
tar
1.34+dfsg-1
fixed in 1.34+dfsg-1+deb11u1
0.3%
Theoretical Threat
Post-Exploit
CVE-2023-29491NONE0
libncurses6
6.2+20201114-2+deb11u1
fixed in 6.2+20201114-2+deb11u2
0.9%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
libncurses6
6.2+20201114-2+deb11u1
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2023-29491NONE0
libncursesw6
6.2+20201114-2+deb11u1
fixed in 6.2+20201114-2+deb11u2
0.9%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
libncursesw6
6.2+20201114-2+deb11u1
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2025-6020NONE0
libpam-modules
1.4.0-9+deb11u1
fixed in 1.4.0-9+deb11u2
0.4%
Theoretical Threat
Not Applicable
CVE-2025-6020NONE0
libpam-modules-bin
1.4.0-9+deb11u1
fixed in 1.4.0-9+deb11u2
0.4%
Theoretical Threat
Not Applicable
CVE-2025-6020NONE0
libpam-runtime
1.4.0-9+deb11u1
fixed in 1.4.0-9+deb11u2
0.4%
Theoretical Threat
Not Applicable
CVE-2025-6020NONE0
libpam0g
1.4.0-9+deb11u1
fixed in 1.4.0-9+deb11u2
0.4%
Theoretical Threat
Not Applicable
CVE-2023-29491NONE0
libtinfo6
6.2+20201114-2+deb11u1
fixed in 6.2+20201114-2+deb11u2
0.9%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
libtinfo6
6.2+20201114-2+deb11u1
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2023-29491NONE0
ncurses-base
6.2+20201114-2
fixed in 6.2+20201114-2+deb11u2
0.9%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
ncurses-base
6.2+20201114-2
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2023-29491NONE0
ncurses-bin
6.2+20201114-2
fixed in 6.2+20201114-2+deb11u2
0.9%
Theoretical Threat
Not Applicable
CVE-2025-69720NONE0
ncurses-bin
6.2+20201114-2
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2017-15288NONE0
org.scala-lang:scala-compiler
2.11.0
fixed in 2.10.7, 2.11.12, 2.12.4
0.4%
Theoretical Threat
Not Applicable
CVE-2022-29458NONE0
ncurses-base
6.2+20201114-2
fixed in 6.2+20201114-2+deb11u1
1.3%
Low-Moderate Risk
Not Applicable
CVE-2022-29458NONE0
ncurses-bin
6.2+20201114-2
fixed in 6.2+20201114-2+deb11u1
1.3%
Low-Moderate Risk
Not Applicable
CVE-2023-50495NONE0
libncurses6
6.2+20201114-2+deb11u1
No fix yet
1.0%
Theoretical Threat
Not Applicable
CVE-2023-50495NONE0
libncursesw6
6.2+20201114-2+deb11u1
No fix yet
1.0%
Theoretical Threat
Not Applicable
CVE-2023-50495NONE0
libtinfo6
6.2+20201114-2+deb11u1
No fix yet
1.0%
Theoretical Threat
Not Applicable
CVE-2023-50495NONE0
ncurses-base
6.2+20201114-2
No fix yet
1.0%
Theoretical Threat
Not Applicable
CVE-2023-50495NONE0
ncurses-bin
6.2+20201114-2
No fix yet
1.0%
Theoretical Threat
Not Applicable
CVE-2024-22365NONE0
libpam-modules
1.4.0-9+deb11u1
fixed in 1.4.0-9+deb11u2
0.5%
Theoretical Threat
Not Applicable
CVE-2024-22365NONE0
libpam-modules-bin
1.4.0-9+deb11u1
fixed in 1.4.0-9+deb11u2
0.5%
Theoretical Threat
Not Applicable
CVE-2024-22365NONE0
libpam-runtime
1.4.0-9+deb11u1
fixed in 1.4.0-9+deb11u2
0.5%
Theoretical Threat
Not Applicable
CVE-2024-22365NONE0
libpam0g
1.4.0-9+deb11u1
fixed in 1.4.0-9+deb11u2
0.5%
Theoretical Threat
Not Applicable
CVE-2023-4039NONE0
gcc-10-base
10.2.1-6
No fix yet
0.7%
Theoretical Threat
Not Applicable
CVE-2023-4039NONE0
gcc-9-base
9.3.0-22
No fix yet
0.7%
Theoretical Threat
Not Applicable
CVE-2026-54411NONE0
libpam-modules
1.4.0-9+deb11u1
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2026-54411NONE0
libpam-modules-bin
1.4.0-9+deb11u1
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2026-54411NONE0
libpam-runtime
1.4.0-9+deb11u1
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2026-54411NONE0
libpam0g
1.4.0-9+deb11u1
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2024-10041NONE0
libpam-modules
1.4.0-9+deb11u1
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2024-10041NONE0
libpam-modules-bin
1.4.0-9+deb11u1
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2024-10041NONE0
libpam-runtime
1.4.0-9+deb11u1
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2024-10041NONE0
libpam0g
1.4.0-9+deb11u1
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2025-48924NONE0
commons-lang:commons-lang
2.6
No fix yet
2.2%
Low-Moderate Risk
Not Applicable
CVE-2025-6141NONE0
libncurses6
6.2+20201114-2+deb11u1
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2025-6141NONE0
libncursesw6
6.2+20201114-2+deb11u1
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2025-6141NONE0
libtinfo6
6.2+20201114-2+deb11u1
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2025-6141NONE0
ncurses-base
6.2+20201114-2
No fix yet
0.2%
Theoretical Threat
Not Applicable
CVE-2025-6141NONE0
ncurses-bin
6.2+20201114-2
No fix yet
0.2%
Theoretical Threat
Not Applicable
TEMP-0841856-B18BAFNONE0
bash
5.1-2+deb11u1
No fix yet
Not Applicable
CVE-2026-53613NONE0
bsdutils
1:2.36.1-8+deb11u1
No fix yet
Not Applicable
CVE-2026-53615NONE0
bsdutils
1:2.36.1-8+deb11u1
No fix yet
Not Applicable
DLA-4485-1NONE0
ca-certificates
20210119
fixed in 20230311+deb12u1~deb11u1
Not Applicable
CVE-2025-6297NONE0
dpkg
1.20.11
No fix yet
0.3%
Theoretical Threat
Not Applicable
CVE-2026-53613NONE0
libblkid1
2.36.1-8+deb11u1
No fix yet
Not Applicable
CVE-2026-53615NONE0
libblkid1
2.36.1-8+deb11u1
No fix yet
Not Applicable
CVE-2026-53613NONE0
libmount1
2.36.1-8+deb11u1
No fix yet
Not Applicable
CVE-2026-53615NONE0
libmount1
2.36.1-8+deb11u1
No fix yet
Not Applicable
CVE-2026-53613NONE0
libsmartcols1
2.36.1-8+deb11u1
No fix yet
Not Applicable
CVE-2026-53615NONE0
libsmartcols1
2.36.1-8+deb11u1
No fix yet
Not Applicable
CVE-2025-27587NONE0
libssl1.1
1.1.1n-0+deb11u3
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2026-53613NONE0
libuuid1
2.36.1-8+deb11u1
No fix yet
Not Applicable
CVE-2026-53615NONE0
libuuid1
2.36.1-8+deb11u1
No fix yet
Not Applicable
TEMP-0628843-DBAD28NONE0
login
1:4.8.1-1
No fix yet
Not Applicable
CVE-2026-53613NONE0
mount
2.36.1-8+deb11u1
No fix yet
Not Applicable
CVE-2026-53615NONE0
mount
2.36.1-8+deb11u1
No fix yet
Not Applicable
CVE-2025-27587NONE0
openssl
1.1.1n-0+deb11u3
No fix yet
0.4%
Theoretical Threat
Not Applicable
TEMP-0628843-DBAD28NONE0
passwd
1:4.8.1-1
No fix yet
Not Applicable
CVE-2026-7010NONE0
perl-base
5.32.1-4+deb11u2
No fix yet
0.2%
Theoretical Threat
Not Applicable
TEMP-0517018-A83CE6NONE0
sysvinit-utils
2.96-7+deb11u1
No fix yet
Not Applicable
TEMP-0290435-0B57B5NONE0
tar
1.34+dfsg-1
No fix yet
Not Applicable
DLA-3972-1NONE0
tzdata
2021a-1+deb11u4
fixed in 2024b-0+deb11u1
Not Applicable
DLA-4085-1NONE0
tzdata
2021a-1+deb11u4
fixed in 2025a-0+deb11u1
Not Applicable
DLA-4105-1NONE0
tzdata
2021a-1+deb11u4
fixed in 2025b-0+deb11u1
Not Applicable
DLA-4403-1NONE0
tzdata
2021a-1+deb11u4
fixed in 2025b-0+deb11u2
Not Applicable
DLA-4569-1NONE0
tzdata
2021a-1+deb11u4
fixed in 2026b-0+deb11u1
Not Applicable
CVE-2026-53613NONE0
util-linux
2.36.1-8+deb11u1
No fix yet
Not Applicable
CVE-2026-53615NONE0
util-linux
2.36.1-8+deb11u1
No fix yet
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.12.0
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.4.0
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.6.7
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.7.8
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.9.4
fixed in 2.21.1, 2.18.6
Not Applicable
CVE-2024-36114NONE0
io.airlift:aircompressor
0.10
fixed in 0.27
0.5%
Theoretical Threat
Not Applicable
CVE-2026-42583NONE0
io.netty:netty-codec
4.0.52.Final
fixed in 4.1.133.Final
0.4%
Theoretical Threat
Not Applicable
CVE-2026-42583NONE0
io.netty:netty-codec
4.1.17.Final
fixed in 4.1.133.Final
0.4%
Theoretical Threat
Not Applicable
CVE-2025-30474NONE0
org.apache.commons:commons-vfs2
2.1
fixed in 2.10.0
0.7%
Theoretical Threat
Not Applicable
CVE-2024-23454NONE0
org.apache.hadoop:hadoop-common
3.1.0
fixed in 3.4.0
0.4%
Theoretical Threat
Not Applicable
CVE-2024-29869NONE0
org.apache.hive:hive-exec
3.1.3
fixed in 4.0.1
0.3%
Theoretical Threat
Not Applicable
CVE-2024-23953NONE0
org.apache.hive:hive-llap-common
3.1.3
fixed in 4.0.0
1.1%
Low-Moderate Risk
Not Applicable
CVE-2024-23945NONE0
org.apache.hive:hive-service
3.1.3
fixed in 4.0.0
1.4%
Low-Moderate Risk
Not Applicable
CVE-2026-45300NONE0
org.asynchttpclient:async-http-client
2.0.37
fixed in 3.0.10, 2.15.0
0.3%
Theoretical Threat
Not Applicable
GHSA-58qw-p7qm-5rvhNONE0
org.eclipse.jetty:jetty-xml
9.3.19.v20170502
fixed in 10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823
Not Applicable
GHSA-58qw-p7qm-5rvhNONE0
org.eclipse.jetty:jetty-xml
9.3.20.v20170531
fixed in 10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823
Not Applicable