Vulnerability Reportapache/zeppelin:0.11.0

apache/zeppelin:0.11.0
DIGESTsha256:073da47d69effc8ad281ea5a4c802372e33b45e813440649966a2e4445136fc9

Executive Summary

Threat Score
100/100DANGEROUS
Reputation
RELIABLE

This image poses a critical security risk and must not be used in production, especially as an internet-facing service. An attacker could achieve remote code execution via Log4Shell (CVE-2021-44228) by sending a crafted JNDI string in log messages, bypass the Jinjava template sandbox (CVE-2025-59340) to read local files or execute code, or exploit jackson-databind deserialization (CVE-2018-14721) through the Zeppelin REST API. Setting the JNDI lookup disabled flag (log4j2.formatMsgNoLookups=true) fully mitigates CVE-2021-44228, but the jinjava and jackson-databind vulnerabilities require library updates; no other compensating controls fully eliminate the risk without patching.

Vulnerabilities

Vulnerability Log

1328 total
CVE IDAdjusted SeverityPackageExploit ProbabilityRisk Context
CVE-2018-14721CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
10.5%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-14721CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
10.5%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-14721CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
10.5%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2025-59340CRITICAL10
com.hubspot.jinjava:jinjava
2.4.0
fixed in 2.8.1, 2.7.5
2.3%
Low-Moderate Risk
Directly ExposedContext importance: HIGH
CVE-2025-59340CRITICAL10
com.hubspot.jinjava:jinjava
2.4.12
fixed in 2.8.1, 2.7.5
2.3%
Low-Moderate Risk
Directly ExposedContext importance: HIGH
CVE-2025-59340CRITICAL10
com.hubspot.jinjava:jinjava
2.5.4
fixed in 2.8.1, 2.7.5
2.3%
Low-Moderate Risk
Directly ExposedContext importance: HIGH
CVE-2021-44228CRITICAL10
org.apache.logging.log4j:log4j-core
2.6.1
fixed in 2.15.0, 2.3.1, 2.12.2
100.0%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2024-47175CRITICAL10
libcups2
2.3.1-9ubuntu1.6
fixed in 2.3.1-9ubuntu1.9
73.1%
Actively Exploited
Directly Exposed
CVE-2017-17485CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.4, 2.8.11, 2.7.9.2
50.0%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2017-7525CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.6.7.1, 2.7.9.1, 2.8.9
37.9%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-14718CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3
12.7%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-19362CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3
10.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-7489CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5
20.5%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2019-14540CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
10.7%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2020-8840CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3
26.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2020-9547CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.7%
High Exploitation Risk
Directly Exposed
CVE-2020-9548CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.3%
High Exploitation Risk
Directly Exposed
CVE-2017-17485CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.4, 2.8.11, 2.7.9.2
50.0%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2017-7525CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.6.7.1, 2.7.9.1, 2.8.9
37.9%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-14718CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3
12.7%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-19362CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3
10.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-7489CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5
20.5%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2019-14540CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
10.7%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2020-8840CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3
26.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2020-9547CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.7%
High Exploitation Risk
Directly Exposed
CVE-2020-9548CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.3%
High Exploitation Risk
Directly Exposed
CVE-2017-17485CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.4, 2.8.11, 2.7.9.2
50.0%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-7489CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5
20.5%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2020-8840CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3
26.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2020-9547CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.7%
High Exploitation Risk
Directly Exposed
CVE-2020-9548CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.3%
High Exploitation Risk
Directly Exposed
CVE-2017-17485CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.4, 2.8.11, 2.7.9.2
50.0%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2017-7525CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.6.7.1, 2.7.9.1, 2.8.9
37.9%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-14718CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3
12.7%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-19360CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.8, 2.8.11.3, 2.7.9.5
10.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-19361CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.7.9.5, 2.9.8, 2.8.11.3
10.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-19362CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3
10.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-7489CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5
20.5%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2019-14540CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
10.7%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2020-8840CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3
26.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2020-9547CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.7%
High Exploitation Risk
Directly Exposed
CVE-2020-9548CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.3%
High Exploitation Risk
Directly Exposed
CVE-2017-17485CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.4, 2.8.11, 2.7.9.2
50.0%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-14718CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3
12.7%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-19360CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.8, 2.8.11.3, 2.7.9.5
10.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-19361CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.7.9.5, 2.9.8, 2.8.11.3
10.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-19362CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3
10.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-7489CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5
20.5%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2019-14540CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
10.7%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2020-8840CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3
26.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2020-9547CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.7%
High Exploitation Risk
Directly Exposed
CVE-2020-9548CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.3%
High Exploitation Risk
Directly Exposed
CVE-2017-17485CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.4, 2.8.11, 2.7.9.2
50.0%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2017-7525CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.6.7.1, 2.7.9.1, 2.8.9
37.9%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-14718CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3
12.7%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-19360CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.8, 2.8.11.3, 2.7.9.5
10.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-19361CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.7.9.5, 2.9.8, 2.8.11.3
10.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-19362CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3
10.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2018-7489CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5
20.5%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2019-14540CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
10.7%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2020-8840CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3
26.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2020-9547CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.7%
High Exploitation Risk
Directly Exposed
CVE-2020-9548CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.3%
High Exploitation Risk
Directly Exposed
CVE-2020-8840CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3
26.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2020-9547CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.7%
High Exploitation Risk
Directly Exposed
CVE-2020-9548CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.3%
High Exploitation Risk
Directly Exposed
CVE-2019-14540CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
10.7%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2020-8840CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3
26.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2020-9547CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.7%
High Exploitation Risk
Directly Exposed
CVE-2020-9548CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.3%
High Exploitation Risk
Directly Exposed
CVE-2019-14540CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
10.7%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2020-8840CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3
26.6%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2020-9547CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.7%
High Exploitation Risk
Directly Exposed
CVE-2020-9548CRITICAL10
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.4, 2.8.11.6, 2.7.9.7
18.3%
High Exploitation Risk
Directly Exposed
CVE-2019-17195CRITICAL10
com.nimbusds:nimbus-jose-jwt
4.41.2
fixed in 7.9
11.0%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2022-23305CRITICAL10
log4j:log4j
1.2.17
No fix yet
67.5%
Actively Exploited
Directly Exposed
CVE-2015-7501CRITICAL10
org.apache.commons:commons-collections4
4.0
fixed in 4.1
83.3%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2015-6420CRITICAL10
org.apache.commons:commons-collections4
4.0
fixed in 4.1
18.8%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2022-33980CRITICAL10
org.apache.commons:commons-configuration2
2.7
fixed in 2.8.0
34.8%
High Exploitation Risk
Directly Exposed
CVE-2022-42889CRITICAL10
org.apache.commons:commons-text
1.8
fixed in 1.10.0
99.9%
Actively Exploited
Directly Exposed
CVE-2021-41303CRITICAL10
org.apache.shiro:shiro-core
1.7.0
fixed in 1.8.0
75.6%
Actively Exploited
Directly Exposed
CVE-2022-32532CRITICAL10
org.apache.shiro:shiro-core
1.7.0
fixed in 1.9.1
20.1%
High Exploitation Risk
Directly Exposed
CVE-2020-17523CRITICAL10
org.apache.shiro:shiro-web
1.7.0
fixed in 1.7.1
85.9%
Actively Exploited
Directly ExposedContext importance: HIGH
CVE-2017-7657CRITICAL10
org.eclipse.jetty:jetty-server
8.1.19.v20160209
fixed in 9.2.25.v20180606, 9.3.24.v20180605
16.2%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2017-7658CRITICAL10
org.eclipse.jetty:jetty-server
8.1.19.v20160209
fixed in 9.2.25.v20180606, 9.3.24.v20180605, 9.4.11.v20180605
21.0%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2017-7657CRITICAL10
org.eclipse.jetty:jetty-server
8.2.0.v20160908
fixed in 9.2.25.v20180606, 9.3.24.v20180605
16.2%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2017-7658CRITICAL10
org.eclipse.jetty:jetty-server
8.2.0.v20160908
fixed in 9.2.25.v20180606, 9.3.24.v20180605, 9.4.11.v20180605
21.0%
High Exploitation Risk
Directly ExposedContext importance: HIGH
CVE-2022-1471CRITICAL10
org.yaml:snakeyaml
1.15
fixed in 2.0
99.6%
Actively Exploited
Directly Exposed
CVE-2022-1471CRITICAL10
org.yaml:snakeyaml
1.26
fixed in 2.0
99.6%
Actively Exploited
Directly Exposed
CVE-2022-1471CRITICAL10
org.yaml:snakeyaml
1.9
fixed in 2.0
99.6%
Actively Exploited
Directly Exposed
CVE-2023-47248CRITICAL10
pyarrow
9.0.0
fixed in 14.0.1
18.3%
High Exploitation Risk
Directly Exposed
CVE-2019-20445CRITICAL10
io.netty:netty
3.10.6.Final
fixed in 4.0.0
13.5%
High Exploitation Risk
Directly Exposed
CVE-2019-20445CRITICAL10
io.netty:netty
3.4.0.Final
fixed in 4.0.0
13.5%
High Exploitation Risk
Directly Exposed
CVE-2019-20445CRITICAL10
io.netty:netty
3.6.2.Final
fixed in 4.0.0
13.5%
High Exploitation Risk
Directly Exposed
CVE-2019-20445CRITICAL10
io.netty:netty
3.7.0.Final
fixed in 4.0.0
13.5%
High Exploitation Risk
Directly Exposed
CVE-2019-20445CRITICAL10
io.netty:netty
3.9.9.Final
fixed in 4.0.0
13.5%
High Exploitation Risk
Directly Exposed
CVE-2019-20445CRITICAL10
io.netty:netty-handler
4.1.0.CR1
fixed in 4.1.45
13.5%
High Exploitation Risk
Directly Exposed
CVE-2019-20445CRITICAL10
io.netty:netty-handler
4.1.27.Final
fixed in 4.1.45
13.5%
High Exploitation Risk
Directly Exposed
CVE-2019-20445CRITICAL10
io.netty:netty-handler
4.1.8.Final
fixed in 4.1.45
13.5%
High Exploitation Risk
Directly Exposed
CVE-2019-20445CRITICAL10
org.jboss.netty:netty
3.2.2.Final
fixed in 4.0.0
13.5%
High Exploitation Risk
Directly Exposed
CVE-2024-3596CRITICAL10
libgssapi-krb5-2
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.8
14.9%
High Exploitation Risk
Directly Exposed
CVE-2024-3596CRITICAL10
libk5crypto3
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.8
14.9%
High Exploitation Risk
Directly Exposed
CVE-2024-3596CRITICAL10
libkrb5-3
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.8
14.9%
High Exploitation Risk
Directly Exposed
CVE-2024-3596CRITICAL10
libkrb5support0
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.8
14.9%
High Exploitation Risk
Directly Exposed
CVE-2021-45046CRITICAL10
org.apache.logging.log4j:log4j-core
2.6.1
fixed in 2.16.0, 2.12.2
100.0%
Actively Exploited
Directly Exposed
CVE-2024-2961CRITICAL10
libc-bin
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.15
88.3%
Actively Exploited
Directly Exposed
CVE-2024-2961CRITICAL10
libc6
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.15
88.3%
Actively Exploited
Directly Exposed
CVE-2022-23307CRITICAL10
log4j:log4j
1.2.17
No fix yet
52.5%
Actively Exploited
Directly Exposed
CVE-2022-23302CRITICAL10
log4j:log4j
1.2.17
No fix yet
61.8%
Actively Exploited
Directly Exposed
CVE-2023-4863CRITICAL10
Pillow
9.2.0
fixed in 10.0.1
99.7%
Actively Exploited
Directly Exposed
CVE-2016-1585CRITICAL9.8
libapparmor1
2.13.3-7ubuntu5.3
fixed in 2.13.3-7ubuntu5.4
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-45491CRITICAL9.8
libexpat1
2.2.9-1ubuntu0.6
fixed in 2.2.9-1ubuntu0.7
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-45492CRITICAL9.8
libexpat1
2.2.9-1ubuntu0.6
fixed in 2.2.9-1ubuntu0.7
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-15095CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2
8.4%
Low-Moderate Risk
Directly Exposed
CVE-2018-11307CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-14719CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
9.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-14379CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2019-16335CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-16942CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-16943CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-17267CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10, 2.8.11.5
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-17531CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2019-20330CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2
8.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-14892CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.6.7.3, 2.8.11.5, 2.9.10
5.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-15095CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2
8.4%
Low-Moderate Risk
Directly Exposed
CVE-2018-11307CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-14719CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
9.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-14379CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2019-16335CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-16942CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-16943CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-17267CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10, 2.8.11.5
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-17531CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2019-20330CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2
8.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-14892CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.6.7.3, 2.8.11.5, 2.9.10
5.4%
Low-Moderate Risk
Directly Exposed
CVE-2018-11307CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-14719CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
9.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-14379CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2019-17267CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10, 2.8.11.5
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-20330CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2
8.6%
Low-Moderate Risk
Directly Exposed
CVE-2017-15095CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2
8.4%
Low-Moderate Risk
Directly Exposed
CVE-2018-11307CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-14719CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
9.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-14720CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2019-14379CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2019-16335CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-16942CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-16943CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-17267CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10, 2.8.11.5
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-17531CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2019-20330CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2
8.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-14892CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.6.7.3, 2.8.11.5, 2.9.10
5.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-15095CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2
8.4%
Low-Moderate Risk
Directly Exposed
CVE-2018-11307CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-14719CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
9.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-14720CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2019-14379CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2019-16335CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-16942CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-16943CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-17267CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10, 2.8.11.5
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-17531CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2019-20330CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2
8.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-14892CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.6.7.3, 2.8.11.5, 2.9.10
5.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-15095CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2
8.4%
Low-Moderate Risk
Directly Exposed
CVE-2018-11307CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-14719CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
9.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-14720CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.7, 2.8.11.3, 2.7.9.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2019-14379CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2019-16335CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-16942CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-16943CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-17267CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10, 2.8.11.5
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-17531CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2019-20330CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2
8.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-14892CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.6.7.3, 2.8.11.5, 2.9.10
5.4%
Low-Moderate Risk
Directly Exposed
CVE-2019-20330CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2
8.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-9546CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.4
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-14379CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2019-16335CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-16942CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-16943CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-17267CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10, 2.8.11.5
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-17531CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2019-20330CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2
8.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-9546CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.4
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-14892CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.6.7.3, 2.8.11.5, 2.9.10
5.4%
Low-Moderate Risk
Directly Exposed
CVE-2019-14893CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10
4.0%
Low-Moderate Risk
Directly Exposed
CVE-2019-14379CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2019-16335CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-16942CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-16943CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2019-17267CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10, 2.8.11.5
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-17531CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.1, 2.8.11.5, 2.6.7.3
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2019-20330CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2
8.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-9546CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.4
4.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-14892CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.6.7.3, 2.8.11.5, 2.9.10
5.4%
Low-Moderate Risk
Directly Exposed
CVE-2019-14893CRITICAL9.8
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10
4.0%
Low-Moderate Risk
Directly Exposed
CVE-2014-125087CRITICAL9.8
com.jamesmurty.utils:java-xmlbuilder
0.4
fixed in 1.2
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2022-23848CRITICAL9.8
org.alluxio:alluxio-core-common
1.0.0
fixed in 2.7.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2022-39135CRITICAL9.8
org.apache.calcite:calcite-core
1.2.0-incubating
fixed in 1.32.0
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2021-37404CRITICAL9.8
org.apache.hadoop:hadoop-common
2.3.0
fixed in 3.3.2, 3.2.3, 2.10.2
2.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-25168CRITICAL9.8
org.apache.hadoop:hadoop-common
2.3.0
fixed in 2.10.2, 3.2.4, 3.3.3
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2022-26612CRITICAL9.8
org.apache.hadoop:hadoop-common
2.3.0
fixed in 3.2.3, 2.10.2, 3.3.3
4.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-37404CRITICAL9.8
org.apache.hadoop:hadoop-common
2.5.1
fixed in 3.3.2, 3.2.3, 2.10.2
2.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-25168CRITICAL9.8
org.apache.hadoop:hadoop-common
2.5.1
fixed in 2.10.2, 3.2.4, 3.3.3
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2022-26612CRITICAL9.8
org.apache.hadoop:hadoop-common
2.5.1
fixed in 3.2.3, 2.10.2, 3.3.3
4.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-37404CRITICAL9.8
org.apache.hadoop:hadoop-common
2.6.5
fixed in 3.3.2, 3.2.3, 2.10.2
2.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-25168CRITICAL9.8
org.apache.hadoop:hadoop-common
2.6.5
fixed in 2.10.2, 3.2.4, 3.3.3
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2022-26612CRITICAL9.8
org.apache.hadoop:hadoop-common
2.6.5
fixed in 3.2.3, 2.10.2, 3.3.3
4.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-37404CRITICAL9.8
org.apache.hadoop:hadoop-common
2.7.7
fixed in 3.3.2, 3.2.3, 2.10.2
2.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-25168CRITICAL9.8
org.apache.hadoop:hadoop-common
2.7.7
fixed in 2.10.2, 3.2.4, 3.3.3
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2022-26612CRITICAL9.8
org.apache.hadoop:hadoop-common
2.7.7
fixed in 3.2.3, 2.10.2, 3.3.3
4.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-40664CRITICAL9.8
org.apache.shiro:shiro-core
1.7.0
fixed in 1.10.0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-34478CRITICAL9.8
org.apache.shiro:shiro-web
1.7.0
fixed in 1.12.0, 2.0.0-alpha-3
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2022-47937CRITICAL9.8
org.apache.sling:org.apache.sling.commons.json
2.0.6
No fix yet
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2018-17190CRITICAL9.8
org.apache.spark:spark-core_2.10
1.6.2
No fix yet
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-17190CRITICAL9.8
org.apache.spark:spark-core_2.10
1.6.3
No fix yet
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-17190CRITICAL9.8
org.apache.spark:spark-core_2.11
2.4.5
No fix yet
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-10202CRITICAL9.8
org.codehaus.jackson:jackson-mapper-asl
1.9.13
No fix yet
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2021-4104CRITICAL9.75
log4j:log4j
1.2.17
No fix yet
81.1%
Actively Exploited
Directly Exposed
CVE-2015-2080CRITICAL9.75
org.eclipse.jetty:jetty-server
8.1.19.v20160209
fixed in 9.2.9.v20150224
74.9%
Actively Exploited
Directly Exposed
CVE-2021-28165CRITICAL9.75
org.eclipse.jetty:jetty-server
8.1.19.v20160209
fixed in 9.4.39, 10.0.2, 11.0.2
53.9%
Actively Exploited
Directly Exposed
CVE-2015-2080CRITICAL9.75
org.eclipse.jetty:jetty-server
8.2.0.v20160908
fixed in 9.2.9.v20150224
74.9%
Actively Exploited
Directly Exposed
CVE-2021-28165CRITICAL9.75
org.eclipse.jetty:jetty-server
8.2.0.v20160908
fixed in 9.4.39, 10.0.2, 11.0.2
53.9%
Actively Exploited
Directly Exposed
CVE-2021-28165CRITICAL9.75
org.eclipse.jetty:jetty-server
9.3.27.v20190418
fixed in 9.4.39, 10.0.2, 11.0.2
53.9%
Actively Exploited
Directly Exposed
CVE-2021-28165CRITICAL9.75
org.eclipse.jetty:jetty-server
9.4.31.v20200723
fixed in 9.4.39, 10.0.2, 11.0.2
53.9%
Actively Exploited
Directly Exposed
CVE-2023-0286CRITICAL9.62
cryptography
3.2.1
fixed in 39.0.1
62.0%
Actively Exploited
Directly Exposed
CVE-2025-27363CRITICAL9.31
libfreetype6
2.10.1-2ubuntu0.3
fixed in 2.10.1-2ubuntu0.4
23.4%
High Exploitation Risk
Directly Exposed
CVE-2020-35728CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8
12.5%
High Exploitation Risk
Directly Exposed
CVE-2020-36179CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8, 2.6.7.5
20.9%
High Exploitation Risk
Directly Exposed
CVE-2020-36184CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8
10.4%
High Exploitation Risk
Directly Exposed
CVE-2020-36188CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8, 2.6.7.5
10.9%
High Exploitation Risk
Directly Exposed
CVE-2020-35728CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.8
12.5%
High Exploitation Risk
Directly Exposed
CVE-2020-36179CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.8, 2.6.7.5
20.9%
High Exploitation Risk
Directly Exposed
CVE-2020-36184CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.8
10.4%
High Exploitation Risk
Directly Exposed
CVE-2020-36188CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.8, 2.6.7.5
10.9%
High Exploitation Risk
Directly Exposed
CVE-2020-35728CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.8
12.5%
High Exploitation Risk
Directly Exposed
CVE-2020-36179CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.8, 2.6.7.5
20.9%
High Exploitation Risk
Directly Exposed
CVE-2020-36184CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.8
10.4%
High Exploitation Risk
Directly Exposed
CVE-2020-36188CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.8, 2.6.7.5
10.9%
High Exploitation Risk
Directly Exposed
CVE-2020-35728CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.8
12.5%
High Exploitation Risk
Directly Exposed
CVE-2020-36179CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.8, 2.6.7.5
20.9%
High Exploitation Risk
Directly Exposed
CVE-2020-36184CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.8
10.4%
High Exploitation Risk
Directly Exposed
CVE-2020-36188CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.8, 2.6.7.5
10.9%
High Exploitation Risk
Directly Exposed
CVE-2020-35728CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.8
12.5%
High Exploitation Risk
Directly Exposed
CVE-2020-36179CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.8, 2.6.7.5
20.9%
High Exploitation Risk
Directly Exposed
CVE-2020-36184CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.8
10.4%
High Exploitation Risk
Directly Exposed
CVE-2020-36188CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.8, 2.6.7.5
10.9%
High Exploitation Risk
Directly Exposed
CVE-2020-35728CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.8
12.5%
High Exploitation Risk
Directly Exposed
CVE-2020-36179CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.8, 2.6.7.5
20.9%
High Exploitation Risk
Directly Exposed
CVE-2020-36184CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.8
10.4%
High Exploitation Risk
Directly Exposed
CVE-2020-36188CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.8, 2.6.7.5
10.9%
High Exploitation Risk
Directly Exposed
CVE-2020-35728CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.8
12.5%
High Exploitation Risk
Directly Exposed
CVE-2020-36179CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.8, 2.6.7.5
20.9%
High Exploitation Risk
Directly Exposed
CVE-2020-36184CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.8
10.4%
High Exploitation Risk
Directly Exposed
CVE-2020-36188CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.8, 2.6.7.5
10.9%
High Exploitation Risk
Directly Exposed
CVE-2020-35728CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.9.10.8
12.5%
High Exploitation Risk
Directly Exposed
CVE-2020-36179CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.9.10.8, 2.6.7.5
20.9%
High Exploitation Risk
Directly Exposed
CVE-2020-36184CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.9.10.8
10.4%
High Exploitation Risk
Directly Exposed
CVE-2020-36188CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.9.10.8, 2.6.7.5
10.9%
High Exploitation Risk
Directly Exposed
CVE-2020-35728CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.8
12.5%
High Exploitation Risk
Directly Exposed
CVE-2020-36179CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.8, 2.6.7.5
20.9%
High Exploitation Risk
Directly Exposed
CVE-2020-36184CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.8
10.4%
High Exploitation Risk
Directly Exposed
CVE-2020-36188CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.8, 2.6.7.5
10.9%
High Exploitation Risk
Directly Exposed
CVE-2020-35728CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.8
12.5%
High Exploitation Risk
Directly Exposed
CVE-2020-36179CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.8, 2.6.7.5
20.9%
High Exploitation Risk
Directly Exposed
CVE-2020-36184CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.8
10.4%
High Exploitation Risk
Directly Exposed
CVE-2020-36188CRITICAL9.31
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.8, 2.6.7.5
10.9%
High Exploitation Risk
Directly Exposed
CVE-2024-37371CRITICAL9.1
libgssapi-krb5-2
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.6
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2024-37371CRITICAL9.1
libk5crypto3
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.6
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2024-37371CRITICAL9.1
libkrb5-3
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.6
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2024-37371CRITICAL9.1
libkrb5support0
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.6
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-7692CRITICAL9.1
com.google.oauth-client:google-oauth-client
1.23.0
fixed in 1.31.0
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-7692CRITICAL9.1
com.google.oauth-client:google-oauth-client
1.30.5
fixed in 1.31.0
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2022-36437CRITICAL9.1
com.hazelcast.jet:hazelcast-jet
0.6.1
fixed in 4.5.4
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2022-36437CRITICAL9.1
com.hazelcast:hazelcast
3.10
fixed in 3.12.13, 4.1.10, 4.2.6, 5.0.4, 5.1.3
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2019-20444CRITICAL9.1
io.netty:netty
3.10.6.Final
fixed in 4.0.0
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-20444CRITICAL9.1
io.netty:netty
3.4.0.Final
fixed in 4.0.0
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-20444CRITICAL9.1
io.netty:netty
3.6.2.Final
fixed in 4.0.0
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-20444CRITICAL9.1
io.netty:netty
3.7.0.Final
fixed in 4.0.0
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-20444CRITICAL9.1
io.netty:netty
3.9.9.Final
fixed in 4.0.0
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-20444CRITICAL9.1
io.netty:netty-codec-http
4.1.0.CR1
fixed in 4.1.44
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-20444CRITICAL9.1
io.netty:netty-codec-http
4.1.27.Final
fixed in 4.1.44
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2019-20444CRITICAL9.1
io.netty:netty-codec-http
4.1.8.Final
fixed in 4.1.44
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-1963CRITICAL9.1
org.apache.ignite:ignite-core
2.7.6
fixed in 2.8.1
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2019-20444CRITICAL9.1
org.jboss.netty:netty
3.2.2.Final
fixed in 4.0.0
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-36242CRITICAL9.1
cryptography
3.2.1
fixed in 3.3.2
6.7%
Low-Moderate Risk
Directly Exposed
CVE-2024-52577CRITICAL9
org.apache.ignite:ignite-core
2.7.6
fixed in 2.17.0
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-10673HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.4, 2.6.7.4
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10673HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.4, 2.6.7.4
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10673HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.4, 2.6.7.4
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10673HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.4, 2.6.7.4
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10673HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.4, 2.6.7.4
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10673HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.4, 2.6.7.4
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10672HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.4
3.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10673HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.4, 2.6.7.4
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10968HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.4
3.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-10969HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.4
3.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-11111HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.4
3.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-11112HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.4
3.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-11113HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.4
6.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-10672HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.4
3.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10673HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.4, 2.6.7.4
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10968HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.4
3.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-10969HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.4
3.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-11111HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.4
3.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-11112HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.4
3.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-11113HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.4
6.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-10672HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.4
3.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10673HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.4, 2.6.7.4
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10968HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.4
3.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-10969HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.4
3.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-11111HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.4
3.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-11112HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.4
3.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-11113HIGH8.8
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.4
6.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-48734HIGH8.8
commons-beanutils:commons-beanutils
1.9.4
fixed in 1.11.0
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2024-47561HIGH8.8
org.apache.avro:avro
1.7.4
fixed in 1.11.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-47561HIGH8.8
org.apache.avro:avro
1.7.5
fixed in 1.11.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-47561HIGH8.8
org.apache.avro:avro
1.7.7
fixed in 1.11.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-47561HIGH8.8
org.apache.avro:avro
1.8.1
fixed in 1.11.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-47561HIGH8.8
org.apache.avro:avro
1.8.2
fixed in 1.11.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2016-6811HIGH8.8
org.apache.hadoop:hadoop-common
2.3.0
fixed in 2.7.4
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-9492HIGH8.8
org.apache.hadoop:hadoop-common
2.3.0
fixed in 3.2.2, 3.1.4, 2.10.1
4.4%
Low-Moderate Risk
Directly Exposed
CVE-2016-6811HIGH8.8
org.apache.hadoop:hadoop-common
2.5.1
fixed in 2.7.4
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-9492HIGH8.8
org.apache.hadoop:hadoop-common
2.5.1
fixed in 3.2.2, 3.1.4, 2.10.1
4.4%
Low-Moderate Risk
Directly Exposed
CVE-2016-6811HIGH8.8
org.apache.hadoop:hadoop-common
2.6.5
fixed in 2.7.4
2.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-9492HIGH8.8
org.apache.hadoop:hadoop-common
2.6.5
fixed in 3.2.2, 3.1.4, 2.10.1
4.4%
Low-Moderate Risk
Directly Exposed
CVE-2020-9492HIGH8.8
org.apache.hadoop:hadoop-common
2.7.7
fixed in 3.2.2, 3.1.4, 2.10.1
4.4%
Low-Moderate Risk
Directly Exposed
CVE-2021-33036HIGH8.8
org.apache.hadoop:hadoop-yarn-server-common
2.3.0
fixed in 2.10.2, 3.2.3, 3.3.2
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2021-33036HIGH8.8
org.apache.hadoop:hadoop-yarn-server-common
2.6.0
fixed in 2.10.2, 3.2.3, 3.3.2
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2021-33036HIGH8.8
org.apache.hadoop:hadoop-yarn-server-common
2.6.5
fixed in 2.10.2, 3.2.3, 3.3.2
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2021-33036HIGH8.8
org.apache.hadoop:hadoop-yarn-server-common
2.7.7
fixed in 2.10.2, 3.2.3, 3.3.2
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-4759HIGH8.8
org.eclipse.jgit:org.eclipse.jgit
4.5.4.201711221230-r
fixed in 6.6.1.202309021850-r, 5.13.3.202401111512-r
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-39286HIGH8.8
jupyter_core
4.11.1
fixed in 4.11.2
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2020-25649HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.10.3
fixed in 2.6.7.4, 2.9.10.7, 2.10.5.1
17.6%
High Exploitation Risk
Directly Exposed
CVE-2019-12086HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3
21.9%
High Exploitation Risk
Directly Exposed
CVE-2019-14439HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3
10.8%
High Exploitation Risk
Directly Exposed
CVE-2019-12086HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3
21.9%
High Exploitation Risk
Directly Exposed
CVE-2019-14439HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3
10.8%
High Exploitation Risk
Directly Exposed
CVE-2020-25649HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.6.7.4, 2.9.10.7, 2.10.5.1
17.6%
High Exploitation Risk
Directly Exposed
CVE-2019-12086HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3
21.9%
High Exploitation Risk
Directly Exposed
CVE-2019-14439HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3
10.8%
High Exploitation Risk
Directly Exposed
CVE-2020-25649HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.6.7.4, 2.9.10.7, 2.10.5.1
17.6%
High Exploitation Risk
Directly Exposed
CVE-2019-12086HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3
21.9%
High Exploitation Risk
Directly Exposed
CVE-2019-14439HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3
10.8%
High Exploitation Risk
Directly Exposed
CVE-2020-25649HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.6.7.4, 2.9.10.7, 2.10.5.1
17.6%
High Exploitation Risk
Directly Exposed
CVE-2019-12086HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3
21.9%
High Exploitation Risk
Directly Exposed
CVE-2019-14439HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3
10.8%
High Exploitation Risk
Directly Exposed
CVE-2020-25649HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.6.7.4, 2.9.10.7, 2.10.5.1
17.6%
High Exploitation Risk
Directly Exposed
CVE-2020-25649HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.6.7.4, 2.9.10.7, 2.10.5.1
17.6%
High Exploitation Risk
Directly Exposed
CVE-2020-25649HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.6.7.4, 2.9.10.7, 2.10.5.1
17.6%
High Exploitation Risk
Directly Exposed
CVE-2019-12086HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3
21.9%
High Exploitation Risk
Directly Exposed
CVE-2019-14439HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3
10.8%
High Exploitation Risk
Directly Exposed
CVE-2020-25649HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.6.7.4, 2.9.10.7, 2.10.5.1
17.6%
High Exploitation Risk
Directly Exposed
CVE-2019-14439HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3
10.8%
High Exploitation Risk
Directly Exposed
CVE-2020-25649HIGH8.62
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.6.7.4, 2.9.10.7, 2.10.5.1
17.6%
High Exploitation Risk
Directly Exposed
CVE-2022-25647HIGH8.62
com.google.code.gson:gson
2.8.5
fixed in 2.8.9
12.0%
High Exploitation Risk
Directly Exposed
CVE-2022-25647HIGH8.62
com.google.code.gson:gson
2.8.6
fixed in 2.8.9
12.0%
High Exploitation Risk
Directly Exposed
CVE-2016-4970HIGH8.62
io.netty:netty-handler
4.1.0.CR1
fixed in 4.0.37.Final, 4.1.1.Final
11.3%
High Exploitation Risk
Directly Exposed
CVE-2021-35515HIGH8.62
org.apache.commons:commons-compress
1.14
fixed in 1.21
11.9%
High Exploitation Risk
Directly Exposed
CVE-2021-35516HIGH8.62
org.apache.commons:commons-compress
1.14
fixed in 1.21
12.7%
High Exploitation Risk
Directly Exposed
CVE-2021-35517HIGH8.62
org.apache.commons:commons-compress
1.14
fixed in 1.21
10.9%
High Exploitation Risk
Directly Exposed
CVE-2021-36090HIGH8.62
org.apache.commons:commons-compress
1.14
fixed in 1.21
13.3%
High Exploitation Risk
Directly Exposed
CVE-2019-12402HIGH8.62
org.apache.commons:commons-compress
1.18
fixed in 1.19
16.2%
High Exploitation Risk
Directly Exposed
CVE-2021-35515HIGH8.62
org.apache.commons:commons-compress
1.18
fixed in 1.21
11.9%
High Exploitation Risk
Directly Exposed
CVE-2021-35516HIGH8.62
org.apache.commons:commons-compress
1.18
fixed in 1.21
12.7%
High Exploitation Risk
Directly Exposed
CVE-2021-35517HIGH8.62
org.apache.commons:commons-compress
1.18
fixed in 1.21
10.9%
High Exploitation Risk
Directly Exposed
CVE-2021-36090HIGH8.62
org.apache.commons:commons-compress
1.18
fixed in 1.21
13.3%
High Exploitation Risk
Directly Exposed
CVE-2021-35515HIGH8.62
org.apache.commons:commons-compress
1.4.1
fixed in 1.21
11.9%
High Exploitation Risk
Directly Exposed
CVE-2021-35516HIGH8.62
org.apache.commons:commons-compress
1.4.1
fixed in 1.21
12.7%
High Exploitation Risk
Directly Exposed
CVE-2021-35517HIGH8.62
org.apache.commons:commons-compress
1.4.1
fixed in 1.21
10.9%
High Exploitation Risk
Directly Exposed
CVE-2021-36090HIGH8.62
org.apache.commons:commons-compress
1.4.1
fixed in 1.21
13.3%
High Exploitation Risk
Directly Exposed
CVE-2021-35515HIGH8.62
org.apache.commons:commons-compress
1.5
fixed in 1.21
11.9%
High Exploitation Risk
Directly Exposed
CVE-2021-35516HIGH8.62
org.apache.commons:commons-compress
1.5
fixed in 1.21
12.7%
High Exploitation Risk
Directly Exposed
CVE-2021-35517HIGH8.62
org.apache.commons:commons-compress
1.5
fixed in 1.21
10.9%
High Exploitation Risk
Directly Exposed
CVE-2021-36090HIGH8.62
org.apache.commons:commons-compress
1.5
fixed in 1.21
13.3%
High Exploitation Risk
Directly Exposed
CVE-2021-35515HIGH8.62
org.apache.commons:commons-compress
1.8.1
fixed in 1.21
11.9%
High Exploitation Risk
Directly Exposed
CVE-2021-35516HIGH8.62
org.apache.commons:commons-compress
1.8.1
fixed in 1.21
12.7%
High Exploitation Risk
Directly Exposed
CVE-2021-35517HIGH8.62
org.apache.commons:commons-compress
1.8.1
fixed in 1.21
10.9%
High Exploitation Risk
Directly Exposed
CVE-2021-36090HIGH8.62
org.apache.commons:commons-compress
1.8.1
fixed in 1.21
13.3%
High Exploitation Risk
Directly Exposed
CVE-2021-35515HIGH8.62
org.apache.commons:commons-compress
1.9
fixed in 1.21
11.9%
High Exploitation Risk
Directly Exposed
CVE-2021-35516HIGH8.62
org.apache.commons:commons-compress
1.9
fixed in 1.21
12.7%
High Exploitation Risk
Directly Exposed
CVE-2021-35517HIGH8.62
org.apache.commons:commons-compress
1.9
fixed in 1.21
10.9%
High Exploitation Risk
Directly Exposed
CVE-2021-36090HIGH8.62
org.apache.commons:commons-compress
1.9
fixed in 1.21
13.3%
High Exploitation Risk
Directly Exposed
CVE-2019-10172HIGH8.62
org.codehaus.jackson:jackson-mapper-asl
1.9.13
No fix yet
17.0%
High Exploitation Risk
Directly Exposed
CVE-2021-33813HIGH8.62
org.jdom:jdom
1.1
No fix yet
19.4%
High Exploitation Risk
Directly Exposed
CVE-2017-18640HIGH8.62
org.yaml:snakeyaml
1.15
fixed in 1.26
26.7%
High Exploitation Risk
Directly Exposed
CVE-2017-18640HIGH8.62
org.yaml:snakeyaml
1.9
fixed in 1.26
26.7%
High Exploitation Risk
Directly Exposed
CVE-2021-44832HIGH8.58
org.apache.logging.log4j:log4j-core
2.6.1
fixed in 2.3.2, 2.12.4, 2.17.1
98.1%
Actively Exploited
Directly Exposed
CVE-2026-27727HIGH8.33
com.mchange:mchange-commons-java
0.2.15
fixed in 0.4.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42581HIGH8.33
io.netty:netty-codec-http
4.1.0.CR1
fixed in 4.2.13.Final, 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42581HIGH8.33
io.netty:netty-codec-http
4.1.27.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42581HIGH8.33
io.netty:netty-codec-http
4.1.8.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-66034HIGH8.33
fonttools
4.38.0
fixed in 4.60.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2018-5968HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.8.11.1, 2.9.4, 2.7.9.5
7.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10650HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24616HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.6
9.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24750HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.6.7.5, 2.9.10.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-35490HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8
7.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-35491HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8
9.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-36180HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36181HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36182HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36183HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36185HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36186HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36187HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36189HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-20190HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.10.7, 2.6.7.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2018-5968HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.8.11.1, 2.9.4, 2.7.9.5
7.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10650HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24616HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.6
9.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24750HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.6.7.5, 2.9.10.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-35490HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.8
7.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-35491HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.8
9.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-36180HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36181HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36182HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36183HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36185HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36186HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36187HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36189HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-20190HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.10.7, 2.6.7.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2018-5968HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.8.11.1, 2.9.4, 2.7.9.5
7.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10650HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24616HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.6
9.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24750HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.6.7.5, 2.9.10.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-35490HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.8
7.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-35491HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.8
9.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-36180HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36181HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36182HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36183HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36185HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36186HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36187HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36189HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-20190HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.9.10.7, 2.6.7.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2018-5968HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.8.11.1, 2.9.4, 2.7.9.5
7.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10650HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24616HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.6
9.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24750HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.6.7.5, 2.9.10.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-35490HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.8
7.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-35491HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.8
9.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-36180HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36181HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36182HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36183HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36185HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36186HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36187HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36189HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-20190HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.10.7, 2.6.7.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2018-5968HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.8.11.1, 2.9.4, 2.7.9.5
7.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10650HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24616HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.6
9.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24750HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.6.7.5, 2.9.10.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-35490HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.8
7.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-35491HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.8
9.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-36180HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36181HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36182HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36183HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36185HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36186HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36187HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36189HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-20190HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.10.7, 2.6.7.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2018-5968HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.8.11.1, 2.9.4, 2.7.9.5
7.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-10650HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24616HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.6
9.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24750HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.6.7.5, 2.9.10.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-35490HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.8
7.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-35491HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.8
9.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-36180HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36181HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36182HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36183HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36185HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36186HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36187HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36189HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-20190HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.10.7, 2.6.7.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-10650HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-11619HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.4
3.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-11620HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.4
5.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-14060HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.5
8.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-14061HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.5
4.4%
Low-Moderate Risk
Directly Exposed
CVE-2020-14062HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.5
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-14195HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.5
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-24616HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.6
9.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24750HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.6.7.5, 2.9.10.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-35490HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.8
7.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-35491HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.8
9.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-36180HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36181HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36182HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36183HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36185HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36186HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36187HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36189HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-20190HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.9.10.7, 2.6.7.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-35490HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.9.10.8
7.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-35491HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.9.10.8
9.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-36180HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36181HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36182HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36183HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36185HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36186HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36187HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36189HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-20190HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.9.10.7, 2.6.7.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-10650HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-11619HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.4
3.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-11620HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.4
5.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-14060HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.5
8.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-14061HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.5
4.4%
Low-Moderate Risk
Directly Exposed
CVE-2020-14062HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.5
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-14195HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.5
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-24616HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.6
9.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24750HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.6.7.5, 2.9.10.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-35490HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.8
7.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-35491HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.8
9.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-36180HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36181HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36182HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36183HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36185HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36186HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36187HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36189HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-20190HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.10.7, 2.6.7.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-10650HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.4
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-11619HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.4
3.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-11620HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.4
5.6%
Low-Moderate Risk
Directly Exposed
CVE-2020-14060HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.5
8.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-14061HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.5
4.4%
Low-Moderate Risk
Directly Exposed
CVE-2020-14062HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.5
8.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-14195HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.5
4.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-24616HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.6
9.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-24750HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.6.7.5, 2.9.10.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-35490HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.8
7.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-35491HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.8
9.5%
Low-Moderate Risk
Directly Exposed
CVE-2020-36180HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36181HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36182HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.8, 2.6.7.5
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-36183HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36185HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36186HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36187HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.8
5.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-36189HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.8, 2.6.7.5
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-20190HIGH8.1
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.10.7, 2.6.7.5
7.5%
Low-Moderate Risk
Directly Exposed
CVE-2016-10750HIGH8.1
com.hazelcast:hazelcast
3.10
fixed in 3.11
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-35213HIGH8.1
io.atomix:atomix
3.0.0-rc4
No fix yet
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2019-7611HIGH8.1
org.elasticsearch:elasticsearch
2.4.3
fixed in 5.6.15, 6.6.1
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-50447HIGH8.1
Pillow
9.2.0
fixed in 10.2.0
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-43804HIGH8.1
urllib3
1.25.11
fixed in 2.0.6, 1.26.17
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2019-17571HIGH8
log4j:log4j
1.2.17
No fix yet
69.1%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2017-5645HIGH8
org.apache.logging.log4j:log4j-core
2.6.1
fixed in 2.8.2
89.0%
Actively Exploited
Directly ExposedContext importance: MEDIUM
CVE-2019-0204HIGH7.8
org.apache.mesos:mesos
0.21.1
fixed in 1.4.3, 1.5.3, 1.6.2, 1.7.2
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2026-42584HIGH7.73
io.netty:netty-codec-http
4.1.0.CR1
fixed in 4.2.13.Final, 4.1.133.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42584HIGH7.73
io.netty:netty-codec-http
4.1.27.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42584HIGH7.73
io.netty:netty-codec-http
4.1.8.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-2332HIGH7.73
org.eclipse.jetty:jetty-http
9.4.31.v20200723
fixed in 12.1.7, 12.0.33
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-58782HIGH7.7
org.apache.jackrabbit:jackrabbit-jcr-commons
1.6.5
fixed in 2.22.2
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2021-45105HIGH7.67
org.apache.logging.log4j:log4j-core
2.6.1
fixed in 2.12.3, 2.17.0, 2.3.1
100.0%
Actively Exploited
Directly Exposed
CVE-2024-33599HIGH7.6
libc-bin
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.16
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-33599HIGH7.6
libc6
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.16
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-45490HIGH7.5
libexpat1
2.2.9-1ubuntu0.6
fixed in 2.2.9-1ubuntu0.7
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.10.3
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-46877HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.10.3
fixed in 2.12.6, 2.13.1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.10.3
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.10.3
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.11.2
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-46877HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.11.2
fixed in 2.12.6, 2.13.1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.11.2
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.11.2
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-12022HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-12022HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-12022HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.6.7.3
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-12022HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2018-12023HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
8.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-12022HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2018-12023HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
8.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-12022HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
7.3%
Low-Moderate Risk
Directly Exposed
CVE-2018-12023HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.7.9.4, 2.8.11.2, 2.9.6
8.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.9.10.1
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.9.10.6
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-36518HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.13.2.1, 2.12.6.1
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2022-42003HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.12.7.1, 2.13.4.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-42004HIGH7.5
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.12.7.1, 2.13.4
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-28491HIGH7.5
com.fasterxml.jackson.dataformat:jackson-dataformat-cbor
2.8.1
fixed in 2.11.4, 2.12.1
3.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-7254HIGH7.5
com.google.protobuf:protobuf-java
2.4.1
fixed in 3.25.5, 4.27.5, 4.28.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-3171HIGH7.5
com.google.protobuf:protobuf-java
2.4.1
fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-7254HIGH7.5
com.google.protobuf:protobuf-java
2.5.0
fixed in 3.25.5, 4.27.5, 4.28.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-3171HIGH7.5
com.google.protobuf:protobuf-java
2.5.0
fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-7254HIGH7.5
com.google.protobuf:protobuf-java
3.0.0-beta-1
fixed in 3.25.5, 4.27.5, 4.28.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-3171HIGH7.5
com.google.protobuf:protobuf-java
3.0.0-beta-1
fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-7254HIGH7.5
com.google.protobuf:protobuf-java
3.5.1
fixed in 3.25.5, 4.27.5, 4.28.2
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-3171HIGH7.5
com.google.protobuf:protobuf-java
3.5.1
fixed in 3.21.7, 3.20.3, 3.19.6, 3.16.3
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2023-3635HIGH7.5
com.squareup.okio:okio
1.15.0
fixed in 3.4.0, 1.17.6
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-3635HIGH7.5
com.squareup.okio:okio
1.17.3
fixed in 3.4.0, 1.17.6
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-3635HIGH7.5
com.squareup.okio:okio
1.6.0
fixed in 3.4.0, 1.17.6
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2014-3643HIGH7.5
com.sun.jersey:jersey-core
1.9
fixed in 1.13
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2020-35211HIGH7.5
io.atomix:atomix
3.0.0-rc4
No fix yet
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2021-37136HIGH7.5
io.netty:netty
3.10.6.Final
fixed in 4.0.0
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-37137HIGH7.5
io.netty:netty
3.10.6.Final
fixed in 4.0.0
6.3%
Low-Moderate Risk
Directly Exposed
CVE-2015-2156HIGH7.5
io.netty:netty
3.4.0.Final
fixed in 3.10.3.Final, 3.9.8.Final
5.4%
Low-Moderate Risk
Directly Exposed
CVE-2021-37136HIGH7.5
io.netty:netty
3.4.0.Final
fixed in 4.0.0
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-37137HIGH7.5
io.netty:netty
3.4.0.Final
fixed in 4.0.0
6.3%
Low-Moderate Risk
Directly Exposed
CVE-2015-2156HIGH7.5
io.netty:netty
3.6.2.Final
fixed in 3.10.3.Final, 3.9.8.Final
5.4%
Low-Moderate Risk
Directly Exposed
CVE-2021-37136HIGH7.5
io.netty:netty
3.6.2.Final
fixed in 4.0.0
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-37137HIGH7.5
io.netty:netty
3.6.2.Final
fixed in 4.0.0
6.3%
Low-Moderate Risk
Directly Exposed
CVE-2015-2156HIGH7.5
io.netty:netty
3.7.0.Final
fixed in 3.10.3.Final, 3.9.8.Final
5.4%
Low-Moderate Risk
Directly Exposed
CVE-2021-37136HIGH7.5
io.netty:netty
3.7.0.Final
fixed in 4.0.0
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-37137HIGH7.5
io.netty:netty
3.7.0.Final
fixed in 4.0.0
6.3%
Low-Moderate Risk
Directly Exposed
CVE-2021-37136HIGH7.5
io.netty:netty
3.9.9.Final
fixed in 4.0.0
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-37137HIGH7.5
io.netty:netty
3.9.9.Final
fixed in 4.0.0
6.3%
Low-Moderate Risk
Directly Exposed
CVE-2019-16869HIGH7.5
io.netty:netty-all
4.0.23.Final
fixed in 4.1.42.Final
8.4%
Low-Moderate Risk
Directly Exposed
CVE-2019-16869HIGH7.5
io.netty:netty-all
4.0.28.Final
fixed in 4.1.42.Final
8.4%
Low-Moderate Risk
Directly Exposed
CVE-2019-16869HIGH7.5
io.netty:netty-all
4.0.29.Final
fixed in 4.1.42.Final
8.4%
Low-Moderate Risk
Directly Exposed
CVE-2021-37136HIGH7.5
io.netty:netty-codec
4.1.27.Final
fixed in 4.1.68.Final
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-37137HIGH7.5
io.netty:netty-codec
4.1.27.Final
fixed in 4.1.68.Final
6.3%
Low-Moderate Risk
Directly Exposed
CVE-2021-37136HIGH7.5
io.netty:netty-codec
4.1.51.Final
fixed in 4.1.68.Final
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-37137HIGH7.5
io.netty:netty-codec
4.1.51.Final
fixed in 4.1.68.Final
6.3%
Low-Moderate Risk
Directly Exposed
CVE-2021-37136HIGH7.5
io.netty:netty-codec
4.1.8.Final
fixed in 4.1.68.Final
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-37137HIGH7.5
io.netty:netty-codec
4.1.8.Final
fixed in 4.1.68.Final
6.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-11612HIGH7.5
io.netty:netty-handler
4.1.27.Final
fixed in 4.1.46
9.4%
Low-Moderate Risk
Directly Exposed
CVE-2020-11612HIGH7.5
io.netty:netty-handler
4.1.8.Final
fixed in 4.1.46
9.4%
Low-Moderate Risk
Directly Exposed
CVE-2023-26464HIGH7.5
log4j:log4j
1.2.17
fixed in 2.0
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2023-1370HIGH7.5
net.minidev:json-smart
2.3
fixed in 2.4.9
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-39410HIGH7.5
org.apache.avro:avro
1.7.4
fixed in 1.11.3
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-39410HIGH7.5
org.apache.avro:avro
1.7.5
fixed in 1.11.3
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-39410HIGH7.5
org.apache.avro:avro
1.7.7
fixed in 1.11.3
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-39410HIGH7.5
org.apache.avro:avro
1.8.1
fixed in 1.11.3
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-39410HIGH7.5
org.apache.avro:avro
1.8.2
fixed in 1.11.3
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2017-7669HIGH7.5
org.apache.hadoop:hadoop-common
2.3.0
fixed in 2.8.1, 3.0.0-alpha3
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2017-7669HIGH7.5
org.apache.hadoop:hadoop-common
2.5.1
fixed in 2.8.1, 3.0.0-alpha3
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2017-7669HIGH7.5
org.apache.hadoop:hadoop-common
2.6.5
fixed in 2.8.1, 3.0.0-alpha3
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2017-7669HIGH7.5
org.apache.hadoop:hadoop-common
2.7.7
fixed in 2.8.1, 3.0.0-alpha3
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2021-39239HIGH7.5
org.apache.jena:jena-core
3.12.0
fixed in 4.2.0
4.0%
Low-Moderate Risk
Directly Exposed
CVE-2017-7687HIGH7.5
org.apache.mesos:mesos
0.21.1
fixed in 1.1.3, 1.2.2, 1.3.1
2.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-9790HIGH7.5
org.apache.mesos:mesos
0.21.1
fixed in 1.1.3, 1.2.2, 1.3.1
2.4%
Low-Moderate Risk
Directly Exposed
CVE-2018-11793HIGH7.5
org.apache.mesos:mesos
0.21.1
fixed in 1.4.3, 1.5.2, 1.6.2, 1.7.1
5.0%
Low-Moderate Risk
Directly Exposed
CVE-2018-11804HIGH7.5
org.apache.spark:spark-core_2.10
1.6.2
No fix yet
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-11804HIGH7.5
org.apache.spark:spark-core_2.10
1.6.3
No fix yet
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-13949HIGH7.5
org.apache.thrift:libthrift
0.13.0
fixed in 0.14.0
6.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-40150HIGH7.5
org.codehaus.jettison:jettison
1.4.0
fixed in 1.5.2
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2022-45685HIGH7.5
org.codehaus.jettison:jettison
1.4.0
fixed in 1.5.2
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-45693HIGH7.5
org.codehaus.jettison:jettison
1.4.0
fixed in 1.5.2
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2023-1436HIGH7.5
org.codehaus.jettison:jettison
1.4.0
fixed in 1.5.4
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2022-40149HIGH7.5
org.codehaus.jettison:jettison
1.4.0
fixed in 1.5.1
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2017-7656HIGH7.5
org.eclipse.jetty:jetty-server
8.1.19.v20160209
fixed in 9.3.24.v20180605, 9.4.11.v20180605
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-9735HIGH7.5
org.eclipse.jetty:jetty-server
8.1.19.v20160209
fixed in 9.4.6.v20170531, 9.3.20.v20170531, 9.2.22.v20170606
5.8%
Low-Moderate Risk
Directly Exposed
CVE-2017-7656HIGH7.5
org.eclipse.jetty:jetty-server
8.2.0.v20160908
fixed in 9.3.24.v20180605, 9.4.11.v20180605
6.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-9735HIGH7.5
org.eclipse.jetty:jetty-server
8.2.0.v20160908
fixed in 9.4.6.v20170531, 9.3.20.v20170531, 9.2.22.v20170606
5.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-31418HIGH7.5
org.elasticsearch:elasticsearch
2.4.3
fixed in 7.17.13, 8.9.0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2015-2156HIGH7.5
org.jboss.netty:netty
3.2.2.Final
fixed in 3.9.8.Final, 3.10.3.Final
5.4%
Low-Moderate Risk
Directly Exposed
CVE-2019-16869HIGH7.5
org.jboss.netty:netty
3.2.2.Final
fixed in 4.0.0
8.4%
Low-Moderate Risk
Directly Exposed
CVE-2021-37136HIGH7.5
org.jboss.netty:netty
3.2.2.Final
fixed in 4.0.0
5.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-37137HIGH7.5
org.jboss.netty:netty
3.2.2.Final
fixed in 4.0.0
6.3%
Low-Moderate Risk
Directly Exposed
CVE-2022-45688HIGH7.5
org.json:json
20160212
fixed in 20230227
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-5072HIGH7.5
org.json:json
20160212
fixed in 20231013
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-45688HIGH7.5
org.json:json
20160810
fixed in 20230227
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-5072HIGH7.5
org.json:json
20160810
fixed in 20231013
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2022-45688HIGH7.5
org.json:json
20180813
fixed in 20230227
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-5072HIGH7.5
org.json:json
20180813
fixed in 20231013
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2021-37714HIGH7.5
org.jsoup:jsoup
1.10.3
fixed in 1.14.2
6.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-37714HIGH7.5
org.jsoup:jsoup
1.11.3
fixed in 1.14.2
6.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-37714HIGH7.5
org.jsoup:jsoup
1.13.1
fixed in 1.14.2
6.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-37714HIGH7.5
org.jsoup:jsoup
1.8.1
fixed in 1.14.2
6.9%
Low-Moderate Risk
Directly Exposed
CVE-2023-34455HIGH7.5
org.xerial.snappy:snappy-java
1.0.4.1
fixed in 1.1.10.1
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-43642HIGH7.5
org.xerial.snappy:snappy-java
1.0.4.1
fixed in 1.1.10.4
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2023-34453HIGH7.5
org.xerial.snappy:snappy-java
1.0.4.1
fixed in 1.1.10.1
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-34454HIGH7.5
org.xerial.snappy:snappy-java
1.0.4.1
fixed in 1.1.10.1
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2022-25857HIGH7.5
org.yaml:snakeyaml
1.15
fixed in 1.31
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-25857HIGH7.5
org.yaml:snakeyaml
1.26
fixed in 1.31
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-25857HIGH7.5
org.yaml:snakeyaml
1.9
fixed in 1.31
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2022-45199HIGH7.5
Pillow
9.2.0
fixed in 9.3.0
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-44271HIGH7.5
Pillow
9.2.0
fixed in 10.0.0
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-39689HIGH7.5
certifi
2024.2.2
fixed in 2024.7.4
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2023-50782HIGH7.5
cryptography
3.2.1
fixed in 42.0.0
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-45139HIGH7.5
fonttools
4.38.0
fixed in 4.43.0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-3651HIGH7.5
idna
2.10
fixed in 3.7
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-3651HIGH7.5
idna
3.6
fixed in 3.7
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-52804HIGH7.5
tornado
6.2
fixed in 6.4.2
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2021-33503HIGH7.5
urllib3
1.25.11
fixed in 1.26.5
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2023-33265HIGH7.48
com.hazelcast:hazelcast
3.10
fixed in 5.2.4, 5.1.7, 5.0.5
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-67030HIGH7.48
org.codehaus.plexus:plexus-utils
3.2.1
fixed in 4.0.3, 3.6.1
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-56201HIGH7.48
Jinja2
3.1.3
fixed in 3.1.5
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-27516HIGH7.48
Jinja2
3.1.3
fixed in 3.1.6
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-21147HIGH7.4
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u422-b05-1~20.04
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2020-27216HIGH7
org.eclipse.jetty:jetty-webapp
9.4.31.v20200723
fixed in 9.4.33.v20201020, 10.0.0.beta3, 11.0.0.beta3
4.3%
Low-Moderate Risk
Directly Exposed
CVE-2020-27223MEDIUM6.89
org.eclipse.jetty:jetty-server
9.4.31.v20200723
fixed in 9.4.37, 10.0.1, 11.0.1
78.0%
Actively Exploited
Directly Exposed
CVE-2021-28169MEDIUM6.89
org.eclipse.jetty:jetty-servlets
9.3.27.v20190418
fixed in 9.4.41, 10.0.3, 11.0.3
78.5%
Actively Exploited
Directly Exposed
CVE-2020-35214MEDIUM6.88
io.atomix:atomix
3.0.0-rc4
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-44249MEDIUM6.88
io.netty:netty-handler
4.1.0.CR1
fixed in 4.2.15.Final, 4.1.135.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-44249MEDIUM6.88
io.netty:netty-handler
4.1.27.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-44249MEDIUM6.88
io.netty:netty-handler
4.1.51.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-44249MEDIUM6.88
io.netty:netty-handler
4.1.8.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-27830MEDIUM6.8
com.mchange:c3p0
0.9.5.4
fixed in 0.12.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2019-12384MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
45.2%
High Exploitation Risk
Directly Exposed
CVE-2019-12814MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.4.0
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
11.0%
High Exploitation Risk
Directly Exposed
CVE-2019-12384MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
45.2%
High Exploitation Risk
Directly Exposed
CVE-2019-12814MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.4.4
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
11.0%
High Exploitation Risk
Directly Exposed
CVE-2019-12384MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
45.2%
High Exploitation Risk
Directly Exposed
CVE-2019-12814MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.7.0
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
11.0%
High Exploitation Risk
Directly Exposed
CVE-2019-12384MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
45.2%
High Exploitation Risk
Directly Exposed
CVE-2019-12814MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.7.9.1
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
11.0%
High Exploitation Risk
Directly Exposed
CVE-2019-12384MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
45.2%
High Exploitation Risk
Directly Exposed
CVE-2019-12814MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.8.2
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
11.0%
High Exploitation Risk
Directly Exposed
CVE-2019-12384MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
45.2%
High Exploitation Risk
Directly Exposed
CVE-2019-12814MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.9.8
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
11.0%
High Exploitation Risk
Directly Exposed
CVE-2019-12384MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
45.2%
High Exploitation Risk
Directly Exposed
CVE-2019-12814MEDIUM6.79
com.fasterxml.jackson.core:jackson-databind
2.9.9
fixed in 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3
11.0%
High Exploitation Risk
Directly Exposed
CVE-2016-5725MEDIUM6.79
com.jcraft:jsch
0.1.53
fixed in 0.1.54
24.1%
High Exploitation Risk
Directly Exposed
CVE-2021-21295MEDIUM6.79
io.netty:netty
3.10.6.Final
fixed in 4.0.0
18.9%
High Exploitation Risk
Directly Exposed
CVE-2021-21295MEDIUM6.79
io.netty:netty
3.4.0.Final
fixed in 4.0.0
18.9%
High Exploitation Risk
Directly Exposed
CVE-2021-21295MEDIUM6.79
io.netty:netty
3.6.2.Final
fixed in 4.0.0
18.9%
High Exploitation Risk
Directly Exposed
CVE-2021-21295MEDIUM6.79
io.netty:netty
3.7.0.Final
fixed in 4.0.0
18.9%
High Exploitation Risk
Directly Exposed
CVE-2021-21295MEDIUM6.79
io.netty:netty
3.9.9.Final
fixed in 4.0.0
18.9%
High Exploitation Risk
Directly Exposed
CVE-2021-21295MEDIUM6.79
io.netty:netty-codec-http2
4.1.0.CR1
fixed in 4.1.60.Final
18.9%
High Exploitation Risk
Directly Exposed
CVE-2021-21295MEDIUM6.79
io.netty:netty-codec-http2
4.1.27.Final
fixed in 4.1.60.Final
18.9%
High Exploitation Risk
Directly Exposed
CVE-2021-21295MEDIUM6.79
io.netty:netty-codec-http2
4.1.8.Final
fixed in 4.1.60.Final
18.9%
High Exploitation Risk
Directly Exposed
CVE-2021-21295MEDIUM6.79
org.jboss.netty:netty
3.2.2.Final
fixed in 4.0.0
18.9%
High Exploitation Risk
Directly Exposed
CVE-2024-35235MEDIUM6.7
libcups2
2.3.1-9ubuntu1.6
fixed in 2.3.1-9ubuntu1.7
2.4%
Low-Moderate Risk
Directly Exposed
CVE-2025-54920MEDIUM6.7
org.apache.spark:spark-core_2.10
1.6.2
No fix yet
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2025-54920MEDIUM6.7
org.apache.spark:spark-core_2.10
1.6.3
No fix yet
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2025-54920MEDIUM6.7
org.apache.spark:spark-core_2.11
2.4.5
No fix yet
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2017-12612MEDIUM6.63
org.apache.spark:spark-core_2.10
1.6.2
fixed in 2.1.2
0.7%
Theoretical Threat
Directly Exposed
CVE-2017-12612MEDIUM6.63
org.apache.spark:spark-core_2.10
1.6.3
fixed in 2.1.2
0.7%
Theoretical Threat
Directly Exposed
CVE-2022-31159MEDIUM6.5
com.amazonaws:aws-java-sdk-s3
1.11.736
fixed in 1.12.261
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-12668MEDIUM6.5
com.hubspot.jinjava:jinjava
2.4.0
fixed in 2.5.4
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2020-12668MEDIUM6.5
com.hubspot.jinjava:jinjava
2.4.12
fixed in 2.5.4
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2021-37533MEDIUM6.5
commons-net:commons-net
2.2
fixed in 3.9.0
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-37533MEDIUM6.5
commons-net:commons-net
3.1
fixed in 3.9.0
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-37533MEDIUM6.5
commons-net:commons-net
3.3
fixed in 3.9.0
1.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-43797MEDIUM6.5
io.netty:netty
3.10.6.Final
fixed in 4.0.0
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-43797MEDIUM6.5
io.netty:netty
3.4.0.Final
fixed in 4.0.0
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-43797MEDIUM6.5
io.netty:netty
3.6.2.Final
fixed in 4.0.0
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-43797MEDIUM6.5
io.netty:netty
3.7.0.Final
fixed in 4.0.0
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-43797MEDIUM6.5
io.netty:netty
3.9.9.Final
fixed in 4.0.0
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-43797MEDIUM6.5
io.netty:netty-codec-http
4.1.0.CR1
fixed in 4.1.71.Final
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-43797MEDIUM6.5
io.netty:netty-codec-http
4.1.27.Final
fixed in 4.1.71.Final
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-43797MEDIUM6.5
io.netty:netty-codec-http
4.1.8.Final
fixed in 4.1.71.Final
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-34462MEDIUM6.5
io.netty:netty-handler
4.1.0.CR1
fixed in 4.1.94.Final
2.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-34462MEDIUM6.5
io.netty:netty-handler
4.1.27.Final
fixed in 4.1.94.Final
2.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-34462MEDIUM6.5
io.netty:netty-handler
4.1.51.Final
fixed in 4.1.94.Final
2.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-34462MEDIUM6.5
io.netty:netty-handler
4.1.8.Final
fixed in 4.1.94.Final
2.5%
Low-Moderate Risk
Directly Exposed
CVE-2014-0229MEDIUM6.5
org.apache.hadoop:hadoop-common
2.3.0
fixed in 0.23.11, 2.4.1
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2023-46749MEDIUM6.5
org.apache.shiro:shiro-core
1.7.0
fixed in 1.13.0, 2.0.0-alpha4
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-29857MEDIUM6.5
org.bouncycastle:bcprov-jdk15on
1.60
fixed in 1.78
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-8184MEDIUM6.5
org.eclipse.jetty:jetty-server
9.3.27.v20190418
fixed in 12.0.9, 10.0.24, 11.0.24, 9.4.56
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-8184MEDIUM6.5
org.eclipse.jetty:jetty-server
9.4.31.v20200723
fixed in 12.0.9, 10.0.24, 11.0.24, 9.4.56
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2020-7019MEDIUM6.5
org.elasticsearch:elasticsearch
2.4.3
fixed in 7.9.0, 6.8.12
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2021-22144MEDIUM6.5
org.elasticsearch:elasticsearch
2.4.3
fixed in 6.8.17, 7.13.3
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-43797MEDIUM6.5
org.jboss.netty:netty
3.2.2.Final
fixed in 4.0.0
2.7%
Low-Moderate Risk
Directly Exposed
CVE-2022-38749MEDIUM6.5
org.yaml:snakeyaml
1.15
fixed in 1.31
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2022-38751MEDIUM6.5
org.yaml:snakeyaml
1.15
fixed in 1.31
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2022-38752MEDIUM6.5
org.yaml:snakeyaml
1.15
fixed in 1.32
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2022-41854MEDIUM6.5
org.yaml:snakeyaml
1.15
fixed in 1.32
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2022-38749MEDIUM6.5
org.yaml:snakeyaml
1.26
fixed in 1.31
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2022-38751MEDIUM6.5
org.yaml:snakeyaml
1.26
fixed in 1.31
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2022-38752MEDIUM6.5
org.yaml:snakeyaml
1.26
fixed in 1.32
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2022-41854MEDIUM6.5
org.yaml:snakeyaml
1.26
fixed in 1.32
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2022-38749MEDIUM6.5
org.yaml:snakeyaml
1.9
fixed in 1.31
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2022-38751MEDIUM6.5
org.yaml:snakeyaml
1.9
fixed in 1.31
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2022-38752MEDIUM6.5
org.yaml:snakeyaml
1.9
fixed in 1.32
2.0%
Low-Moderate Risk
Directly Exposed
CVE-2022-41854MEDIUM6.5
org.yaml:snakeyaml
1.9
fixed in 1.32
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2023-23931MEDIUM6.5
cryptography
3.2.1
fixed in 39.0.1
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-37370MEDIUM6.38
libgssapi-krb5-2
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libk5crypto3
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libkrb5-3
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-37370MEDIUM6.38
libkrb5support0
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.6
0.7%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.1.3
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.10.1
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.10.3
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.11.2
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.4.0
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.4.4
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.6.7
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.7.0
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.7.4
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.7.9
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.8.1
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.8.2
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.8.8
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.9.10
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.9.8
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-52999MEDIUM6.38
com.fasterxml.jackson.core:jackson-core
2.9.9
fixed in 2.15.0
0.6%
Theoretical Threat
Directly Exposed
CVE-2022-3509MEDIUM6.38
com.google.protobuf:protobuf-java
3.5.1
fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7
0.6%
Theoretical Threat
Directly Exposed
CVE-2022-3510MEDIUM6.38
com.google.protobuf:protobuf-java
3.5.1
fixed in 3.16.3, 3.19.6, 3.20.3, 3.21.7
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-52428MEDIUM6.38
com.nimbusds:nimbus-jose-jwt
4.41.2
fixed in 9.37.2
0.8%
Theoretical Threat
Directly Exposed
CVE-2021-0341MEDIUM6.38
com.squareup.okhttp3:okhttp
3.12.12
fixed in 4.9.2
0.9%
Theoretical Threat
Directly Exposed
CVE-2021-0341MEDIUM6.38
com.squareup.okhttp3:okhttp
3.13.1
fixed in 4.9.2
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-67721MEDIUM6.38
io.airlift:aircompressor
0.10
fixed in 2.0.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2020-35209MEDIUM6.38
io.atomix:atomix
3.0.0-rc4
No fix yet
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-58057MEDIUM6.38
io.netty:netty-codec
4.1.27.Final
fixed in 4.1.125.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-58057MEDIUM6.38
io.netty:netty-codec
4.1.51.Final
fixed in 4.1.125.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-58057MEDIUM6.38
io.netty:netty-codec
4.1.8.Final
fixed in 4.1.125.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-33870MEDIUM6.38
io.netty:netty-codec-http
4.1.0.CR1
fixed in 4.1.132.Final, 4.2.10.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http
4.1.0.CR1
fixed in 4.2.13.Final, 4.1.133.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42585MEDIUM6.38
io.netty:netty-codec-http
4.1.0.CR1
fixed in 4.2.13.Final, 4.1.133.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-58056MEDIUM6.38
io.netty:netty-codec-http
4.1.0.CR1
fixed in 4.1.125.Final, 4.2.5.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-33870MEDIUM6.38
io.netty:netty-codec-http
4.1.27.Final
fixed in 4.1.132.Final, 4.2.10.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http
4.1.27.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42585MEDIUM6.38
io.netty:netty-codec-http
4.1.27.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-58056MEDIUM6.38
io.netty:netty-codec-http
4.1.27.Final
fixed in 4.1.125.Final, 4.2.5.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-33870MEDIUM6.38
io.netty:netty-codec-http
4.1.8.Final
fixed in 4.1.132.Final, 4.2.10.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http
4.1.8.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-42585MEDIUM6.38
io.netty:netty-codec-http
4.1.8.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-58056MEDIUM6.38
io.netty:netty-codec-http
4.1.8.Final
fixed in 4.1.125.Final, 4.2.5.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-55163MEDIUM6.38
io.netty:netty-codec-http2
4.1.0.CR1
fixed in 4.2.4.Final, 4.1.124.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-33871MEDIUM6.38
io.netty:netty-codec-http2
4.1.0.CR1
fixed in 4.1.132.Final, 4.2.11.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http2
4.1.0.CR1
fixed in 4.2.13.Final, 4.1.133.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-48043MEDIUM6.38
io.netty:netty-codec-http2
4.1.0.CR1
fixed in 4.1.135.Final, 4.2.15.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-55163MEDIUM6.38
io.netty:netty-codec-http2
4.1.27.Final
fixed in 4.2.4.Final, 4.1.124.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-33871MEDIUM6.38
io.netty:netty-codec-http2
4.1.27.Final
fixed in 4.1.132.Final, 4.2.11.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http2
4.1.27.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-48043MEDIUM6.38
io.netty:netty-codec-http2
4.1.27.Final
fixed in 4.1.135.Final, 4.2.15.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-55163MEDIUM6.38
io.netty:netty-codec-http2
4.1.8.Final
fixed in 4.2.4.Final, 4.1.124.Final
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-33871MEDIUM6.38
io.netty:netty-codec-http2
4.1.8.Final
fixed in 4.1.132.Final, 4.2.11.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-42587MEDIUM6.38
io.netty:netty-codec-http2
4.1.8.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-48043MEDIUM6.38
io.netty:netty-codec-http2
4.1.8.Final
fixed in 4.1.135.Final, 4.2.15.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-45416MEDIUM6.38
io.netty:netty-handler
4.1.0.CR1
fixed in 4.2.15.Final, 4.1.135.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-50010MEDIUM6.38
io.netty:netty-handler
4.1.0.CR1
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45416MEDIUM6.38
io.netty:netty-handler
4.1.27.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-50010MEDIUM6.38
io.netty:netty-handler
4.1.27.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45416MEDIUM6.38
io.netty:netty-handler
4.1.51.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-50010MEDIUM6.38
io.netty:netty-handler
4.1.51.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45416MEDIUM6.38
io.netty:netty-handler
4.1.8.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-50010MEDIUM6.38
io.netty:netty-handler
4.1.8.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-42578MEDIUM6.38
io.netty:netty-handler-proxy
4.1.27.Final
fixed in 4.1.133.Final, 4.2.13.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-42578MEDIUM6.38
io.netty:netty-handler-proxy
4.1.8.Final
fixed in 4.1.133.Final, 4.2.13.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-34480MEDIUM6.38
org.apache.logging.log4j:log4j-core
2.6.1
fixed in 2.25.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-5588MEDIUM6.38
org.bouncycastle:bcpkix-jdk15on
1.60
fixed in 1.84
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-9823MEDIUM6.38
org.eclipse.jetty:jetty-servlets
9.3.27.v20190418
fixed in 9.4.54, 10.0.18, 11.0.18
0.9%
Theoretical Threat
Directly Exposed
CVE-2024-23444MEDIUM6.38
org.elasticsearch:elasticsearch
2.4.3
fixed in 8.13.0, 7.17.23
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-43709MEDIUM6.38
org.elasticsearch:elasticsearch
2.4.3
fixed in 7.17.21, 8.13.3
0.6%
Theoretical Threat
Directly Exposed
CVE-2024-52979MEDIUM6.38
org.elasticsearch:elasticsearch
2.4.3
fixed in 7.17.25, 8.16.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-21634MEDIUM6.38
software.amazon.ion:ion-java
1.0.2
fixed in 1.10.5
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-6176MEDIUM6.38
Brotli
1.0.9
fixed in 1.2.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-69534MEDIUM6.38
Markdown
3.5.2
fixed in 3.8.1
0.5%
Theoretical Threat
Directly Exposed
CVE-2023-49083MEDIUM6.38
cryptography
3.2.1
fixed in 41.0.6
1.0%
Theoretical Threat
Directly Exposed
CVE-2023-33953MEDIUM6.38
grpcio
1.47.1
fixed in 1.53.2, 1.54.3, 1.55.2, 1.56.2
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-0994MEDIUM6.38
protobuf
4.21.8
fixed in 6.33.5, 5.29.6
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-47287MEDIUM6.38
tornado
6.2
fixed in 6.5
0.6%
Theoretical Threat
Directly Exposed
CVE-2026-31958MEDIUM6.38
tornado
6.2
fixed in 6.5.5
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-66418MEDIUM6.38
urllib3
1.25.11
fixed in 2.6.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-66471MEDIUM6.38
urllib3
1.25.11
fixed in 2.6.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-21441MEDIUM6.38
urllib3
1.25.11
fixed in 2.6.3
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-66418MEDIUM6.38
urllib3
2.2.0
fixed in 2.6.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-66471MEDIUM6.38
urllib3
2.2.0
fixed in 2.6.0
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-21441MEDIUM6.38
urllib3
2.2.0
fixed in 2.6.3
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-20918MEDIUM6.29
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u402-ga-2ubuntu1~20.04
0.9%
Theoretical Threat
Directly Exposed
CVE-2024-20952MEDIUM6.29
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u402-ga-2ubuntu1~20.04
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-21587MEDIUM6.29
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u452-ga~us1-0ubuntu1~20.04
0.7%
Theoretical Threat
Directly Exposed
CVE-2021-22573MEDIUM6.21
com.google.oauth-client:google-oauth-client
1.23.0
fixed in 1.33.3
0.3%
Theoretical Threat
Directly Exposed
CVE-2021-22573MEDIUM6.21
com.google.oauth-client:google-oauth-client
1.30.5
fixed in 1.33.3
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-43869MEDIUM6.21
org.apache.thrift:libthrift
0.13.0
fixed in 0.23.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-34062MEDIUM6.21
tqdm
4.51.0
fixed in 4.66.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-34062MEDIUM6.21
tqdm
4.66.2
fixed in 4.66.3
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-13009MEDIUM6.12
org.eclipse.jetty:jetty-server
9.4.31.v20200723
fixed in 9.4.57.v20241219
0.4%
Theoretical Threat
Directly Exposed
CVE-2023-46750MEDIUM6.1
org.apache.shiro:shiro-web
1.7.0
fixed in 1.13.0, 2.0.0-alpha-4
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2017-7678MEDIUM6.1
org.apache.spark:spark-core_2.10
1.6.2
fixed in 2.2.0
3.4%
Low-Moderate Risk
Directly Exposed
CVE-2017-7678MEDIUM6.1
org.apache.spark:spark-core_2.10
1.6.3
fixed in 2.2.0
3.4%
Low-Moderate Risk
Directly Exposed
CVE-2019-10241MEDIUM6.1
org.eclipse.jetty:jetty-server
8.1.19.v20160209
fixed in 9.2.27.v20190403, 9.3.26.v20190403, 9.4.16.v20190411
9.6%
Low-Moderate Risk
Directly Exposed
CVE-2019-10241MEDIUM6.1
org.eclipse.jetty:jetty-server
8.2.0.v20160908
fixed in 9.2.27.v20190403, 9.3.26.v20190403, 9.4.16.v20190411
9.6%
Low-Moderate Risk
Directly Exposed
CVE-2022-36033MEDIUM6.1
org.jsoup:jsoup
1.10.3
fixed in 1.15.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2022-36033MEDIUM6.1
org.jsoup:jsoup
1.11.3
fixed in 1.15.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2022-36033MEDIUM6.1
org.jsoup:jsoup
1.13.1
fixed in 1.15.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2015-6748MEDIUM6.1
org.jsoup:jsoup
1.8.1
fixed in 1.8.3
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2022-36033MEDIUM6.1
org.jsoup:jsoup
1.8.1
fixed in 1.15.3
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2023-32681MEDIUM6.1
requests
2.24.0
fixed in 2.31.0
2.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-28370MEDIUM6.1
tornado
6.2
fixed in 6.3.2
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
11.0
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
11.0.2
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
13.0.1
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
14.0.1
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
15.0
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
18.0
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
19.0
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
20.0
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
22.0
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
24.1.1-jre
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-2976MEDIUM6.03
com.google.guava:guava
25.0-jre
fixed in 32.0.0-android
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-4802MEDIUM5.95
libc-bin
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.18
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-4802MEDIUM5.95
libc6
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.18
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-50602MEDIUM5.9
libexpat1
2.2.9-1ubuntu0.6
fixed in 2.2.9-1ubuntu0.8
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libgssapi-krb5-2
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.9
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libk5crypto3
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.9
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libkrb5-3
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.9
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-26461MEDIUM5.9
libkrb5support0
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.9
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-5535MEDIUM5.9
libssl1.1
1.1.1f-1ubuntu2.21
fixed in 1.1.1f-1ubuntu2.23
5.6%
Low-Moderate Risk
Directly Exposed
CVE-2024-20926MEDIUM5.9
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u402-ga-2ubuntu1~20.04
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2018-10237MEDIUM5.9
com.google.guava:guava
11.0
fixed in 24.1.1-android
5.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-10237MEDIUM5.9
com.google.guava:guava
11.0.2
fixed in 24.1.1-android
5.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-10237MEDIUM5.9
com.google.guava:guava
13.0.1
fixed in 24.1.1-android
5.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-10237MEDIUM5.9
com.google.guava:guava
14.0.1
fixed in 24.1.1-android
5.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-10237MEDIUM5.9
com.google.guava:guava
15.0
fixed in 24.1.1-android
5.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-10237MEDIUM5.9
com.google.guava:guava
18.0
fixed in 24.1.1-android
5.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-10237MEDIUM5.9
com.google.guava:guava
19.0
fixed in 24.1.1-android
5.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-10237MEDIUM5.9
com.google.guava:guava
20.0
fixed in 24.1.1-android
5.1%
Low-Moderate Risk
Directly Exposed
CVE-2018-10237MEDIUM5.9
com.google.guava:guava
22.0
fixed in 24.1.1-android
5.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-21409MEDIUM5.9
io.netty:netty
3.10.6.Final
fixed in 4.0.0
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-21409MEDIUM5.9
io.netty:netty
3.4.0.Final
fixed in 4.0.0
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-21409MEDIUM5.9
io.netty:netty
3.6.2.Final
fixed in 4.0.0
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-21409MEDIUM5.9
io.netty:netty
3.7.0.Final
fixed in 4.0.0
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-21409MEDIUM5.9
io.netty:netty
3.9.9.Final
fixed in 4.0.0
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-21409MEDIUM5.9
io.netty:netty-codec-http2
4.1.0.CR1
fixed in 4.1.61.Final
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-21409MEDIUM5.9
io.netty:netty-codec-http2
4.1.27.Final
fixed in 4.1.61.Final
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-21409MEDIUM5.9
io.netty:netty-codec-http2
4.1.8.Final
fixed in 4.1.61.Final
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-27568MEDIUM5.9
net.minidev:json-smart
2.3
fixed in 1.3.2, 2.4.1, 2.3.1
2.9%
Low-Moderate Risk
Directly Exposed
CVE-2020-13955MEDIUM5.9
org.apache.calcite:calcite-core
1.2.0-incubating
fixed in 1.26.0
2.4%
Low-Moderate Risk
Directly Exposed
CVE-2018-8023MEDIUM5.9
org.apache.mesos:mesos
0.21.1
fixed in 1.4.2, 1.5.2, 1.6.1
3.1%
Low-Moderate Risk
Directly Exposed
CVE-2020-15522MEDIUM5.9
org.bouncycastle:bcprov-jdk15on
1.60
fixed in 1.66
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2019-7614MEDIUM5.9
org.elasticsearch:elasticsearch
2.4.3
fixed in 6.8.2, 7.2.1
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2021-21409MEDIUM5.9
org.jboss.netty:netty
3.2.2.Final
fixed in 4.0.0
4.9%
Low-Moderate Risk
Directly Exposed
CVE-2021-4178MEDIUM5.7
io.fabric8:kubernetes-client
5.3.1
fixed in 5.0.3, 5.1.2, 5.3.2, 5.7.4, 5.8.1, 5.10.2, 5.11.2
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-4741MEDIUM5.6
libssl1.1
1.1.1f-1ubuntu2.21
fixed in 1.1.1f-1ubuntu2.23
2.9%
Low-Moderate Risk
Directly Exposed
CVE-2025-24528MEDIUM5.52
libgssapi-krb5-2
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.9
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-24528MEDIUM5.52
libk5crypto3
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.9
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-24528MEDIUM5.52
libkrb5-3
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.9
0.6%
Theoretical Threat
Directly Exposed
CVE-2025-24528MEDIUM5.52
libkrb5support0
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.9
0.6%
Theoretical Threat
Directly Exposed
CVE-2023-4421MEDIUM5.52
libnss3
2:3.49.1-1ubuntu1.9
fixed in 2:3.98-0ubuntu0.20.04.1
0.6%
Theoretical Threat
Directly Exposed
CVE-2023-5388MEDIUM5.52
libnss3
2:3.49.1-1ubuntu1.9
fixed in 2:3.98-0ubuntu0.20.04.1
0.8%
Theoretical Threat
Directly Exposed
CVE-2023-45860MEDIUM5.52
com.hazelcast:hazelcast
3.10
fixed in 5.3.5, 5.2.5
0.5%
Theoretical Threat
Directly Exposed
CVE-2020-35210MEDIUM5.52
io.atomix:atomix
3.0.0-rc4
No fix yet
0.9%
Theoretical Threat
Directly Exposed
CVE-2020-35215MEDIUM5.52
io.atomix:atomix
3.0.0-rc4
No fix yet
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-67735MEDIUM5.52
io.netty:netty-codec-http
4.1.0.CR1
fixed in 4.2.8.Final, 4.1.129.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-41417MEDIUM5.52
io.netty:netty-codec-http
4.1.0.CR1
fixed in 4.1.133.Final, 4.2.13.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42580MEDIUM5.52
io.netty:netty-codec-http
4.1.0.CR1
fixed in 4.2.13.Final, 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-67735MEDIUM5.52
io.netty:netty-codec-http
4.1.27.Final
fixed in 4.2.8.Final, 4.1.129.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-41417MEDIUM5.52
io.netty:netty-codec-http
4.1.27.Final
fixed in 4.1.133.Final, 4.2.13.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42580MEDIUM5.52
io.netty:netty-codec-http
4.1.27.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-67735MEDIUM5.52
io.netty:netty-codec-http
4.1.8.Final
fixed in 4.2.8.Final, 4.1.129.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-41417MEDIUM5.52
io.netty:netty-codec-http
4.1.8.Final
fixed in 4.1.133.Final, 4.2.13.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-42580MEDIUM5.52
io.netty:netty-codec-http
4.1.8.Final
fixed in 4.2.13.Final, 4.1.133.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-11143MEDIUM5.52
org.eclipse.jetty:jetty-http
9.4.31.v20200723
fixed in 12.0.31, 12.1.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2023-49921MEDIUM5.52
org.elasticsearch:elasticsearch
2.4.3
fixed in 7.17.16, 8.11.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-26007MEDIUM5.52
cryptography
3.2.1
fixed in 46.0.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-37891MEDIUM5.52
urllib3
1.25.11
fixed in 1.26.19, 2.2.2
1.0%
Theoretical Threat
Directly Exposed
CVE-2024-37891MEDIUM5.52
urllib3
2.2.0
fixed in 1.26.19, 2.2.2
1.0%
Theoretical Threat
Directly Exposed
CVE-2021-29425MEDIUM5.52
commons-io:commons-io
1.3.2
fixed in 2.7
10.6%
High Exploitation Risk
Directly Exposed
CVE-2021-29425MEDIUM5.52
commons-io:commons-io
2.6
fixed in 2.7
10.6%
High Exploitation Risk
Directly Exposed
CVE-2021-22569MEDIUM5.5
com.google.protobuf:protobuf-java
2.4.1
fixed in 3.16.1, 3.18.2, 3.19.2
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-22569MEDIUM5.5
com.google.protobuf:protobuf-java
2.5.0
fixed in 3.16.1, 3.18.2, 3.19.2
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-22569MEDIUM5.5
com.google.protobuf:protobuf-java
3.0.0-beta-1
fixed in 3.16.1, 3.18.2, 3.19.2
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-22569MEDIUM5.5
com.google.protobuf:protobuf-java
3.5.1
fixed in 3.16.1, 3.18.2, 3.19.2
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2021-21290MEDIUM5.5
io.netty:netty
3.10.6.Final
fixed in 4.0.0
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2021-21290MEDIUM5.5
io.netty:netty
3.4.0.Final
fixed in 4.0.0
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2021-21290MEDIUM5.5
io.netty:netty
3.6.2.Final
fixed in 4.0.0
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2021-21290MEDIUM5.5
io.netty:netty
3.7.0.Final
fixed in 4.0.0
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2021-21290MEDIUM5.5
io.netty:netty
3.9.9.Final
fixed in 4.0.0
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2021-21290MEDIUM5.5
io.netty:netty-codec-http
4.1.0.CR1
fixed in 4.1.59.Final
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-24823MEDIUM5.5
io.netty:netty-codec-http
4.1.0.CR1
fixed in 4.1.77.Final
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2021-21290MEDIUM5.5
io.netty:netty-codec-http
4.1.27.Final
fixed in 4.1.59.Final
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-24823MEDIUM5.5
io.netty:netty-codec-http
4.1.27.Final
fixed in 4.1.77.Final
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2021-21290MEDIUM5.5
io.netty:netty-codec-http
4.1.8.Final
fixed in 4.1.59.Final
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2022-24823MEDIUM5.5
io.netty:netty-codec-http
4.1.8.Final
fixed in 4.1.77.Final
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2018-11771MEDIUM5.5
org.apache.commons:commons-compress
1.14
fixed in 1.18
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2018-1324MEDIUM5.5
org.apache.commons:commons-compress
1.14
fixed in 1.16
3.7%
Low-Moderate Risk
Directly Exposed
CVE-2018-11771MEDIUM5.5
org.apache.commons:commons-compress
1.8.1
fixed in 1.18
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2018-11771MEDIUM5.5
org.apache.commons:commons-compress
1.9
fixed in 1.18
5.3%
Low-Moderate Risk
Directly Exposed
CVE-2021-27807MEDIUM5.5
org.apache.pdfbox:pdfbox
2.0.16
fixed in 2.0.23
3.0%
Low-Moderate Risk
Directly Exposed
CVE-2021-27906MEDIUM5.5
org.apache.pdfbox:pdfbox
2.0.16
fixed in 2.0.23
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2021-31811MEDIUM5.5
org.apache.pdfbox:pdfbox
2.0.16
fixed in 2.0.24
3.4%
Low-Moderate Risk
Directly Exposed
CVE-2021-31812MEDIUM5.5
org.apache.pdfbox:pdfbox
2.0.16
fixed in 2.0.24
3.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-21290MEDIUM5.5
org.jboss.netty:netty
3.2.2.Final
fixed in 4.0.0
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2024-0727MEDIUM5.5
cryptography
3.2.1
fixed in 42.0.2
3.2%
Low-Moderate Risk
Directly Exposed
CVE-2018-11770MEDIUM5.46
org.apache.spark:spark-core_2.10
1.6.2
No fix yet
65.9%
Actively Exploited
Directly Exposed
CVE-2018-11770MEDIUM5.46
org.apache.spark:spark-core_2.10
1.6.3
No fix yet
65.9%
Actively Exploited
Directly Exposed
CVE-2022-31777MEDIUM5.4
org.apache.spark:spark-core_2.10
1.6.2
fixed in 3.2.2
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2022-31777MEDIUM5.4
org.apache.spark:spark-core_2.10
1.6.3
fixed in 3.2.2
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2022-31777MEDIUM5.4
org.apache.spark:spark-core_2.11
2.4.5
fixed in 3.2.2
1.5%
Low-Moderate Risk
Directly Exposed
CVE-2024-56326MEDIUM5.35
Jinja2
3.1.3
fixed in 3.1.5
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-33600MEDIUM5.3
libc-bin
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.16
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-33600MEDIUM5.3
libc6
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.16
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-12243MEDIUM5.3
libgnutls30
3.6.13-2ubuntu1.10
fixed in 3.6.13-2ubuntu1.12
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-12133MEDIUM5.3
libtasn1-6
4.16.0-2
fixed in 4.16.0-2ubuntu0.1
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2018-18893MEDIUM5.3
com.hubspot.jinjava:jinjava
2.4.0
fixed in 2.4.6
1.8%
Low-Moderate Risk
Directly Exposed
CVE-2024-29025MEDIUM5.3
io.netty:netty-codec-http
4.1.0.CR1
fixed in 4.1.108.Final
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2024-29025MEDIUM5.3
io.netty:netty-codec-http
4.1.27.Final
fixed in 4.1.108.Final
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2024-29025MEDIUM5.3
io.netty:netty-codec-http
4.1.8.Final
fixed in 4.1.108.Final
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2025-27553MEDIUM5.3
org.apache.commons:commons-vfs2
2.6.0
fixed in 2.10.0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-13956MEDIUM5.3
org.apache.httpcomponents:httpclient
4.4.1
fixed in 4.5.13, 5.0.3
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-13956MEDIUM5.3
org.apache.httpcomponents:httpclient
4.5
fixed in 4.5.13, 5.0.3
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2020-13956MEDIUM5.3
org.apache.httpcomponents:httpclient
4.5.1
fixed in 4.5.13, 5.0.3
8.7%
Low-Moderate Risk
Directly Exposed
CVE-2023-40167MEDIUM5.3
org.eclipse.jetty:jetty-http
9.3.27.v20190418
fixed in 9.4.52, 10.0.16, 11.0.16, 12.0.1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-40167MEDIUM5.3
org.eclipse.jetty:jetty-http
9.4.31.v20200723
fixed in 9.4.52, 10.0.16, 11.0.16, 12.0.1
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2019-10247MEDIUM5.3
org.eclipse.jetty:jetty-server
8.1.19.v20160209
fixed in 9.2.28.v20190418, 9.3.27.v20190418, 9.4.17.v20190418
5.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-26048MEDIUM5.3
org.eclipse.jetty:jetty-server
8.1.19.v20160209
fixed in 9.4.51.v20230217, 10.0.14, 11.0.14
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2023-26049MEDIUM5.3
org.eclipse.jetty:jetty-server
8.1.19.v20160209
fixed in 9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2019-10247MEDIUM5.3
org.eclipse.jetty:jetty-server
8.2.0.v20160908
fixed in 9.2.28.v20190418, 9.3.27.v20190418, 9.4.17.v20190418
5.8%
Low-Moderate Risk
Directly Exposed
CVE-2023-26048MEDIUM5.3
org.eclipse.jetty:jetty-server
8.2.0.v20160908
fixed in 9.4.51.v20230217, 10.0.14, 11.0.14
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2023-26049MEDIUM5.3
org.eclipse.jetty:jetty-server
8.2.0.v20160908
fixed in 9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2023-26048MEDIUM5.3
org.eclipse.jetty:jetty-server
9.3.27.v20190418
fixed in 9.4.51.v20230217, 10.0.14, 11.0.14
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2023-26049MEDIUM5.3
org.eclipse.jetty:jetty-server
9.3.27.v20190418
fixed in 9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2023-26048MEDIUM5.3
org.eclipse.jetty:jetty-server
9.4.31.v20200723
fixed in 9.4.51.v20230217, 10.0.14, 11.0.14
3.3%
Low-Moderate Risk
Directly Exposed
CVE-2023-26049MEDIUM5.3
org.eclipse.jetty:jetty-server
9.4.31.v20200723
fixed in 9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2025-4949MEDIUM5.3
org.eclipse.jgit:org.eclipse.jgit
4.5.4.201711221230-r
fixed in 7.2.1.202505142326-r, 7.1.1.202505221757-r, 7.0.1.202505221510-r, 6.10.1.202505221210-r, 6.0.0.202111291000-r, 5.13.4.202507202350-r
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-22135MEDIUM5.3
org.elasticsearch:elasticsearch
2.4.3
fixed in 7.11.2, 6.8.15
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2021-22137MEDIUM5.3
org.elasticsearch:elasticsearch
2.4.3
fixed in 7.11.2, 6.8.15
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-33430MEDIUM5.3
numpy
1.19.5
fixed in 1.21
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2021-34141MEDIUM5.3
numpy
1.19.5
fixed in 1.22
1.6%
Low-Moderate Risk
Directly Exposed
CVE-2024-5569MEDIUM5.27
zipp
3.15.0
fixed in 3.19.1
0.2%
Theoretical Threat
Directly Exposed
CVE-2018-3824MEDIUM5.18
org.elasticsearch:elasticsearch
2.4.3
fixed in 5.6.9, 6.2.4
0.9%
Theoretical Threat
Directly Exposed
CVE-2026-23528MEDIUM5.18
distributed
2021.10.0
fixed in 2026.1.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2025-50181MEDIUM5.18
urllib3
1.25.11
fixed in 2.5.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-50181MEDIUM5.18
urllib3
2.2.0
fixed in 2.5.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-50182MEDIUM5.18
urllib3
2.2.0
fixed in 2.5.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libgssapi-krb5-2
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libgssapi-krb5-2
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.9
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libk5crypto3
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libk5crypto3
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.9
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libkrb5-3
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libkrb5-3
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.9
0.8%
Theoretical Threat
Directly Exposed
CVE-2025-3576MEDIUM5.02
libkrb5support0
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.11
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-26458MEDIUM5.02
libkrb5support0
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.9
0.8%
Theoretical Threat
Directly Exposed
CVE-2024-20919MEDIUM5.02
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u402-ga-2ubuntu1~20.04
0.8%
Theoretical Threat
Directly Exposed
CVE-2024-20921MEDIUM5.02
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u402-ga-2ubuntu1~20.04
0.9%
Theoretical Threat
Directly Exposed
CVE-2020-35216MEDIUM5.02
io.atomix:atomix
3.0.0-rc4
No fix yet
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-30171MEDIUM5.02
org.bouncycastle:bcprov-jdk15on
1.60
fixed in 1.78
0.9%
Theoretical Threat
Directly Exposed
CVE-2024-28219MEDIUM5.02
Pillow
9.2.0
fixed in 10.3.0
1.0%
Theoretical Threat
Directly Exposed
CVE-2014-0193MEDIUM5
io.netty:netty
3.6.2.Final
fixed in 3.6.9.Final, 3.7.1.Final, 3.8.2.Final, 3.9.1.Final, 4.0.19.Final
4.3%
Low-Moderate Risk
Directly Exposed
CVE-2014-0193MEDIUM5
io.netty:netty
3.7.0.Final
fixed in 3.6.9.Final, 3.7.1.Final, 3.8.2.Final, 3.9.1.Final, 4.0.19.Final
4.3%
Low-Moderate Risk
Directly Exposed
CVE-2025-53864MEDIUM4.93
com.nimbusds:nimbus-jose-jwt
4.41.2
fixed in 10.0.2, 9.37.4
0.8%
Theoretical Threat
Directly Exposed
CVE-2020-7021MEDIUM4.9
org.elasticsearch:elasticsearch
2.4.3
fixed in 6.8.14, 7.10.0
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-2511MEDIUM4.81
libssl1.1
1.1.1f-1ubuntu2.21
fixed in 1.1.1f-1ubuntu2.23
54.0%
Actively Exploited
Directly Exposed
CVE-2020-27218MEDIUM4.8
org.eclipse.jetty:jetty-server
9.4.31.v20200723
fixed in 9.4.35.v20201120
8.1%
Low-Moderate Risk
Directly Exposed
CVE-2025-30698MEDIUM4.76
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u452-ga~us1-0ubuntu1~20.04
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-35195MEDIUM4.76
requests
2.24.0
fixed in 2.32.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-35195MEDIUM4.76
requests
2.31.0
fixed in 2.32.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-0395MEDIUM4.67
libc-bin
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.17
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-0395MEDIUM4.67
libc6
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.17
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-29088MEDIUM4.67
libsqlite3-0
3.31.1-4ubuntu0.6
fixed in 3.31.1-4ubuntu0.7
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-47535MEDIUM4.67
io.netty:netty-common
4.1.27.Final
fixed in 4.1.115.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-25193MEDIUM4.67
io.netty:netty-common
4.1.27.Final
fixed in 4.1.118.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-47535MEDIUM4.67
io.netty:netty-common
4.1.51.Final
fixed in 4.1.115.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-25193MEDIUM4.67
io.netty:netty-common
4.1.51.Final
fixed in 4.1.118.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-47535MEDIUM4.67
io.netty:netty-common
4.1.8.Final
fixed in 4.1.115.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-25193MEDIUM4.67
io.netty:netty-common
4.1.8.Final
fixed in 4.1.118.Final
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-25710MEDIUM4.67
org.apache.commons:commons-compress
1.14
fixed in 1.26.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-25710MEDIUM4.67
org.apache.commons:commons-compress
1.18
fixed in 1.26.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-25710MEDIUM4.67
org.apache.commons:commons-compress
1.4.1
fixed in 1.26.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-25710MEDIUM4.67
org.apache.commons:commons-compress
1.5
fixed in 1.26.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-25710MEDIUM4.67
org.apache.commons:commons-compress
1.8.1
fixed in 1.26.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-25710MEDIUM4.67
org.apache.commons:commons-compress
1.9
fixed in 1.26.0
0.4%
Theoretical Threat
Directly Exposed
CVE-2016-5001MEDIUM4.67
org.apache.hadoop:hadoop-common
2.3.0
fixed in 2.6.4, 2.7.2
0.6%
Theoretical Threat
Directly Exposed
CVE-2016-5001MEDIUM4.67
org.apache.hadoop:hadoop-common
2.5.1
fixed in 2.6.4, 2.7.2
0.6%
Theoretical Threat
Directly Exposed
CVE-2023-33202MEDIUM4.67
org.bouncycastle:bcprov-jdk15on
1.60
fixed in 1.70
0.9%
Theoretical Threat
Directly Exposed
CVE-2021-28168MEDIUM4.67
org.glassfish.jersey.core:jersey-common
2.30
fixed in 2.34, 3.0.2
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-38750MEDIUM4.67
org.yaml:snakeyaml
1.15
fixed in 1.31
1.0%
Theoretical Threat
Directly Exposed
CVE-2022-38750MEDIUM4.67
org.yaml:snakeyaml
1.26
fixed in 1.31
1.0%
Theoretical Threat
Directly Exposed
CVE-2022-38750MEDIUM4.67
org.yaml:snakeyaml
1.9
fixed in 1.31
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-42308MEDIUM4.67
Pillow
9.2.0
fixed in 12.2.0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-42310MEDIUM4.67
Pillow
9.2.0
fixed in 12.2.0
0.1%
Theoretical Threat
Directly Exposed
CVE-2026-25645MEDIUM4.67
requests
2.24.0
fixed in 2.33.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-25645MEDIUM4.67
requests
2.31.0
fixed in 2.33.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-34064MEDIUM4.59
Jinja2
3.1.3
fixed in 3.1.4
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-21883MEDIUM4.59
bokeh
2.4.3
fixed in 3.8.2
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-28834MEDIUM4.5
libgnutls30
3.6.13-2ubuntu1.10
fixed in 3.6.13-2ubuntu1.11
0.7%
Theoretical Threat
Directly Exposed
CVE-2026-50020MEDIUM4.5
io.netty:netty-codec-http
4.1.0.CR1
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-50020MEDIUM4.5
io.netty:netty-codec-http
4.1.27.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-50020MEDIUM4.5
io.netty:netty-codec-http
4.1.8.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-47244MEDIUM4.5
io.netty:netty-codec-http2
4.1.0.CR1
fixed in 4.2.15.Final, 4.1.135.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-50560MEDIUM4.5
io.netty:netty-codec-http2
4.1.0.CR1
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-47244MEDIUM4.5
io.netty:netty-codec-http2
4.1.27.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-50560MEDIUM4.5
io.netty:netty-codec-http2
4.1.27.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-47244MEDIUM4.5
io.netty:netty-codec-http2
4.1.8.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-50560MEDIUM4.5
io.netty:netty-codec-http2
4.1.8.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-8916MEDIUM4.5
org.bouncycastle:bcpkix-jdk15on
1.60
fixed in 1.79
0.4%
Theoretical Threat
Directly Exposed
CVE-2020-26939MEDIUM4.5
org.bouncycastle:bcprov-jdk15on
1.60
fixed in 1.61
0.9%
Theoretical Threat
Directly Exposed
CVE-2023-33201MEDIUM4.5
org.bouncycastle:bcprov-jdk15on
1.60
No fix yet
0.6%
Theoretical Threat
Directly Exposed
CVE-2024-6763MEDIUM4.5
org.eclipse.jetty:jetty-http
8.1.19.v20160209
fixed in 12.0.12
1.0%
Theoretical Threat
Directly Exposed
CVE-2024-6763MEDIUM4.5
org.eclipse.jetty:jetty-http
8.2.0.v20160908
fixed in 12.0.12
1.0%
Theoretical Threat
Directly Exposed
CVE-2024-6763MEDIUM4.5
org.eclipse.jetty:jetty-http
9.3.27.v20190418
fixed in 12.0.12
1.0%
Theoretical Threat
Directly Exposed
CVE-2024-6763MEDIUM4.5
org.eclipse.jetty:jetty-http
9.4.31.v20200723
fixed in 12.0.12
1.0%
Theoretical Threat
Directly Exposed
CVE-2024-36124MEDIUM4.5
org.iq80.snappy:snappy
0.2
fixed in 0.5
0.5%
Theoretical Threat
Directly Exposed
CVE-2026-34073MEDIUM4.5
cryptography
3.2.1
fixed in 46.0.6
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-45409MEDIUM4.5
idna
2.10
fixed in 3.15
0.4%
Theoretical Threat
Directly Exposed
CVE-2026-45409MEDIUM4.5
idna
3.6
fixed in 3.15
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-4565MEDIUM4.5
protobuf
4.21.8
fixed in 4.25.8, 5.29.5, 6.31.1
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-27448MEDIUM4.5
pyOpenSSL
19.1.0
fixed in 26.0.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-47081MEDIUM4.5
requests
2.24.0
fixed in 2.32.4
0.8%
Theoretical Threat
Directly Exposed
CVE-2024-47081MEDIUM4.5
requests
2.31.0
fixed in 2.32.4
0.8%
Theoretical Threat
Directly Exposed
CVE-2026-35536MEDIUM4.5
tornado
6.2
fixed in 6.5.5
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-44431MEDIUM4.5
urllib3
1.25.11
fixed in 2.7.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-44431MEDIUM4.5
urllib3
2.2.0
fixed in 2.7.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2024-28085MEDIUM4.4
libblkid1
2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-28085MEDIUM4.4
libfdisk1
2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-28085MEDIUM4.4
libmount1
2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-28085MEDIUM4.4
libsmartcols1
2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-28085MEDIUM4.4
libuuid1
2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-29131MEDIUM4.4
org.apache.commons:commons-configuration2
2.7
fixed in 2.10.1
2.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-29133MEDIUM4.4
org.apache.commons:commons-configuration2
2.7
fixed in 2.10.1
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2024-47554MEDIUM4.3
commons-io:commons-io
2.6
fixed in 2.14.0
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2024-21140MEDIUM4.08
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u422-b05-1~20.04
0.9%
Theoretical Threat
Directly Exposed
CVE-2024-21145MEDIUM4.08
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u422-b05-1~20.04
0.9%
Theoretical Threat
Directly Exposed
CVE-2024-21235MEDIUM4.08
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u432-ga~us1-0ubuntu2~20.04
0.9%
Theoretical Threat
Directly Exposed
CVE-2025-30691MEDIUM4.08
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u452-ga~us1-0ubuntu1~20.04
0.5%
Theoretical Threat
Directly Exposed
CVE-2025-68161MEDIUM4.08
org.apache.logging.log4j:log4j-core
2.6.1
fixed in 2.25.3
0.7%
Theoretical Threat
Directly Exposed
CVE-2024-13176MEDIUM4
libssl1.1
1.1.1f-1ubuntu2.21
fixed in 1.1.1f-1ubuntu2.24
0.6%
Theoretical Threat
Directly Exposed
CVE-2024-20945MEDIUM4
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u402-ga-2ubuntu1~20.04
0.4%
Theoretical Threat
Directly Exposed
CVE-2020-1960MEDIUM4
org.apache.flink:flink-core
1.2.1
fixed in 1.9.3, 1.10.1
0.9%
Theoretical Threat
Directly Exposed
CVE-2018-1334MEDIUM4
org.apache.spark:spark-core_2.10
1.6.2
fixed in 2.1.3, 2.2.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2018-1334MEDIUM4
org.apache.spark:spark-core_2.10
1.6.3
fixed in 2.1.3, 2.2.2
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-33601MEDIUM4
libc-bin
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.16
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-33601MEDIUM4
libc6
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.16
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2013-2035LOW3.74
org.fusesource.hawtjni:hawtjni-runtime
1.0
fixed in 1.8
0.6%
Theoretical Threat
Directly Exposed
CVE-2024-9143LOW3.7
libssl1.1
1.1.1f-1ubuntu2.21
fixed in 1.1.1f-1ubuntu2.24
6.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-21011LOW3.7
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u412-ga-1~20.04.1
1.4%
Low-Moderate Risk
Directly Exposed
CVE-2024-21068LOW3.7
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u412-ga-1~20.04.1
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-21085LOW3.7
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u412-ga-1~20.04.1
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-21138LOW3.7
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u422-b05-1~20.04
1.3%
Low-Moderate Risk
Directly Exposed
CVE-2024-21144LOW3.7
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u422-b05-1~20.04
1.1%
Low-Moderate Risk
Directly Exposed
CVE-2024-21208LOW3.7
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u432-ga~us1-0ubuntu2~20.04
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-21217LOW3.7
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u432-ga~us1-0ubuntu2~20.04
1.2%
Low-Moderate Risk
Directly Exposed
CVE-2025-48924LOW3.7
org.apache.commons:commons-lang3
3.10
fixed in 3.18.0
2.2%
Low-Moderate Risk
Directly Exposed
CVE-2020-9488LOW3.7
org.apache.logging.log4j:log4j-core
2.6.1
fixed in 2.13.2, 2.12.3, 2.3.2
8.1%
Low-Moderate Risk
Directly Exposed
CVE-2023-6135LOW3.65
libnss3
2:3.49.1-1ubuntu1.9
fixed in 2:3.98-0ubuntu0.20.04.1
0.7%
Theoretical Threat
Directly Exposed
CVE-2023-45803LOW3.57
urllib3
1.25.11
fixed in 2.0.7, 1.26.18
0.5%
Theoretical Threat
Directly Exposed
CVE-2024-20926LOW3.54
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u402-ga-2ubuntu1~20.04
1.0%
Low-Moderate Risk
Post-Exploit
CVE-2024-5535LOW3.54
openssl
1.1.1f-1ubuntu2.21
fixed in 1.1.1f-1ubuntu2.23
5.6%
Low-Moderate Risk
Post-Exploit
CVE-2021-3572LOW3.42
pip
20.2.4
fixed in 21.1
1.7%
Low-Moderate Risk
Post-Exploit
CVE-2024-33602LOW3.4
libc-bin
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.16
0.4%
Theoretical Threat
Directly Exposed
CVE-2024-33602LOW3.4
libc6
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.16
0.4%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.1.3
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.10.1
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.10.3
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.11.2
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.4.0
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.4.4
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.6.7
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.7.0
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.7.4
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.7.9
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.8.1
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.8.2
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.8.8
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.9.10
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.9.8
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2025-49128LOW3.4
com.fasterxml.jackson.core:jackson-core
2.9.9
fixed in 2.13.0
0.3%
Theoretical Threat
Directly Exposed
CVE-2026-45536LOW3.4
io.netty:netty-transport-native-epoll
4.1.27.Final
fixed in 4.2.15.Final, 4.1.135.Final
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-4741LOW3.36
openssl
1.1.1f-1ubuntu2.21
fixed in 1.1.1f-1ubuntu2.23
2.9%
Low-Moderate Risk
Post-Exploit
CVE-2025-46392LOW3.3
commons-configuration:commons-configuration
1.10
No fix yet
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2025-46392LOW3.3
commons-configuration:commons-configuration
1.6
No fix yet
1.7%
Low-Moderate Risk
Directly Exposed
CVE-2024-6345LOW3.17
setuptools
50.3.1.post20201107
fixed in 70.0.0
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2025-47273LOW3.17
setuptools
50.3.1.post20201107
fixed in 78.1.1
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2024-6345LOW3.17
setuptools
59.8.0
fixed in 70.0.0
1.8%
Low-Moderate Risk
Post-Exploit
CVE-2025-47273LOW3.17
setuptools
59.8.0
fixed in 78.1.1
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2024-21094LOW3.15
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u412-ga-1~20.04.1
0.8%
Theoretical Threat
Directly Exposed
CVE-2024-21131LOW3.15
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u422-b05-1~20.04
1.0%
Theoretical Threat
Directly Exposed
CVE-2024-21210LOW3.15
openjdk-8-jre-headless
8u392-ga-1~20.04
fixed in 8u432-ga~us1-0ubuntu2~20.04
0.8%
Theoretical Threat
Directly Exposed
CVE-2023-36479LOW3.1
org.eclipse.jetty:jetty-servlets
9.3.27.v20190418
fixed in 9.4.52, 10.0.16, 11.0.16
1.0%
Low-Moderate Risk
Directly Exposed
CVE-2024-20919LOW3.01
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u402-ga-2ubuntu1~20.04
0.8%
Theoretical Threat
Post-Exploit
CVE-2024-20921LOW3.01
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u402-ga-2ubuntu1~20.04
0.9%
Theoretical Threat
Post-Exploit
CVE-2021-34428LOW2.98
org.eclipse.jetty:jetty-server
8.1.19.v20160209
fixed in 9.4.41, 10.0.3, 11.0.3
1.0%
Theoretical Threat
Directly Exposed
CVE-2021-34428LOW2.98
org.eclipse.jetty:jetty-server
8.2.0.v20160908
fixed in 9.4.41, 10.0.3, 11.0.3
1.0%
Theoretical Threat
Directly Exposed
CVE-2021-34428LOW2.98
org.eclipse.jetty:jetty-server
9.3.27.v20190418
fixed in 9.4.41, 10.0.3, 11.0.3
1.0%
Theoretical Threat
Directly Exposed
CVE-2021-34428LOW2.98
org.eclipse.jetty:jetty-server
9.4.31.v20200723
fixed in 9.4.41, 10.0.3, 11.0.3
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-6357LOW2.96
pip
20.2.4
fixed in 26.1
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-6357LOW2.96
pip
24.0
fixed in 26.1
0.1%
Theoretical Threat
Post-Exploit
CVE-2024-2511LOW2.89
openssl
1.1.1f-1ubuntu2.21
fixed in 1.1.1f-1ubuntu2.23
54.0%
Actively Exploited
Post-Exploit
CVE-2025-30698LOW2.86
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u452-ga~us1-0ubuntu1~20.04
0.5%
Theoretical Threat
Post-Exploit
CVE-2023-4641LOW2.8
login
1:4.8.1-1ubuntu5.20.04.4
fixed in 1:4.8.1-1ubuntu5.20.04.5
0.3%
Theoretical Threat
Post-Exploit
CVE-2023-4641LOW2.8
passwd
1:4.8.1-1ubuntu5.20.04.4
fixed in 1:4.8.1-1ubuntu5.20.04.5
0.3%
Theoretical Threat
Post-Exploit
CVE-2026-24049LOW2.8
wheel
0.42.0
fixed in 0.46.2
0.3%
Theoretical Threat
Post-Exploit
CVE-2020-8908LOW2.8
com.google.guava:guava
11.0
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
11.0.2
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
13.0.1
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
14.0.1
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
15.0
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
18.0
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
19.0
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
20.0
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
22.0
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
24.1.1-jre
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2020-8908LOW2.8
com.google.guava:guava
25.0-jre
fixed in 32.0.0-android
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-4539LOW2.8
Pygments
2.17.2
fixed in 2.20.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2024-38428LOW2.78
wget
1.20.3-1ubuntu2
fixed in 1.20.3-1ubuntu2.1
0.7%
Theoretical Threat
Post-Exploit
CVE-2022-40898LOW2.7
wheel
0.35.1
fixed in 0.38.1
2.7%
Low-Moderate Risk
Post-Exploit
CVE-2025-8869LOW2.7
pip
20.2.4
fixed in 25.3
0.4%
Theoretical Threat
Post-Exploit
CVE-2025-8869LOW2.7
pip
24.0
fixed in 25.3
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-21147LOW2.66
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u422-b05-1~20.04
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2024-28085LOW2.64
bsdutils
1:2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-28085LOW2.64
fdisk
2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-28085LOW2.64
mount
2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-28085LOW2.64
util-linux
2.34-0.1ubuntu9.4
fixed in 2.34-0.1ubuntu9.6
2.2%
Low-Moderate Risk
Post-Exploit
CVE-2020-7020LOW2.63
org.elasticsearch:elasticsearch
2.4.3
fixed in 6.8.13, 7.9.2
1.0%
Theoretical Threat
Directly Exposed
CVE-2026-3219LOW2.55
pip
20.2.4
fixed in 26.1
0.1%
Theoretical Threat
Post-Exploit
CVE-2026-3219LOW2.55
pip
24.0
fixed in 26.1
0.1%
Theoretical Threat
Post-Exploit
CVE-2023-24816LOW2.52
ipython
7.33.0
fixed in 8.10.0
1.3%
Low-Moderate Risk
Post-Exploit
CVE-2024-21140LOW2.45
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u422-b05-1~20.04
0.9%
Theoretical Threat
Post-Exploit
CVE-2024-21145LOW2.45
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u422-b05-1~20.04
0.9%
Theoretical Threat
Post-Exploit
CVE-2024-21235LOW2.45
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u432-ga~us1-0ubuntu2~20.04
0.9%
Theoretical Threat
Post-Exploit
CVE-2025-30691LOW2.45
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u452-ga~us1-0ubuntu1~20.04
0.5%
Theoretical Threat
Post-Exploit
CVE-2025-30258LOW2.4
gpgv
2.2.19-3ubuntu2.2
fixed in 2.2.19-3ubuntu2.4
0.2%
Theoretical Threat
Post-Exploit
CVE-2024-20945LOW2.4
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u402-ga-2ubuntu1~20.04
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-13176LOW2.4
openssl
1.1.1f-1ubuntu2.21
fixed in 1.1.1f-1ubuntu2.24
0.6%
Theoretical Threat
Post-Exploit
CVE-2022-2047LOW2.29
org.eclipse.jetty:jetty-http
8.1.19.v20160209
fixed in 9.4.47, 10.0.10, 11.0.10
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-2047LOW2.29
org.eclipse.jetty:jetty-http
8.2.0.v20160908
fixed in 9.4.47, 10.0.10, 11.0.10
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-2047LOW2.29
org.eclipse.jetty:jetty-http
9.3.27.v20190418
fixed in 9.4.47, 10.0.10, 11.0.10
0.9%
Theoretical Threat
Directly Exposed
CVE-2022-2047LOW2.29
org.eclipse.jetty:jetty-http
9.4.31.v20200723
fixed in 9.4.47, 10.0.10, 11.0.10
0.9%
Theoretical Threat
Directly Exposed
CVE-2024-20918LOW2.26
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u402-ga-2ubuntu1~20.04
0.9%
Theoretical Threat
Post-Exploit
CVE-2024-20952LOW2.26
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u402-ga-2ubuntu1~20.04
0.9%
Theoretical Threat
Post-Exploit
CVE-2025-21587LOW2.26
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u452-ga~us1-0ubuntu1~20.04
0.7%
Theoretical Threat
Post-Exploit
CVE-2024-21011LOW2.22
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u412-ga-1~20.04.1
1.4%
Low-Moderate Risk
Post-Exploit
CVE-2024-21068LOW2.22
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u412-ga-1~20.04.1
1.3%
Low-Moderate Risk
Post-Exploit
CVE-2024-21085LOW2.22
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u412-ga-1~20.04.1
1.3%
Low-Moderate Risk
Post-Exploit
CVE-2024-21138LOW2.22
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u422-b05-1~20.04
1.3%
Low-Moderate Risk
Post-Exploit
CVE-2024-21144LOW2.22
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u422-b05-1~20.04
1.1%
Low-Moderate Risk
Post-Exploit
CVE-2024-21208LOW2.22
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u432-ga~us1-0ubuntu2~20.04
1.0%
Low-Moderate Risk
Post-Exploit
CVE-2024-21217LOW2.22
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u432-ga~us1-0ubuntu2~20.04
1.2%
Low-Moderate Risk
Post-Exploit
CVE-2024-9143LOW2.22
openssl
1.1.1f-1ubuntu2.21
fixed in 1.1.1f-1ubuntu2.24
6.0%
Low-Moderate Risk
Post-Exploit
CVE-2022-40897LOW2.12
setuptools
50.3.1.post20201107
fixed in 65.5.1
2.6%
Low-Moderate Risk
Post-Exploit
CVE-2022-40897LOW2.12
setuptools
59.8.0
fixed in 65.5.1
2.6%
Low-Moderate Risk
Post-Exploit
CVE-2026-23901LOW2.12
org.apache.shiro:shiro-core
1.7.0
fixed in 2.1.0
0.2%
Theoretical Threat
Directly Exposed
CVE-2026-1703LOW1.99
pip
20.2.4
fixed in 26.0
0.4%
Theoretical Threat
Post-Exploit
CVE-2026-1703LOW1.99
pip
24.0
fixed in 26.0
0.4%
Theoretical Threat
Post-Exploit
CVE-2024-21094LOW1.89
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u412-ga-1~20.04.1
0.8%
Theoretical Threat
Post-Exploit
CVE-2024-21131LOW1.89
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u422-b05-1~20.04
1.0%
Theoretical Threat
Post-Exploit
CVE-2024-21210LOW1.89
openjdk-8-jdk-headless
8u392-ga-1~20.04
fixed in 8u432-ga~us1-0ubuntu2~20.04
0.8%
Theoretical Threat
Post-Exploit
CVE-2023-5752LOW1.68
pip
20.2.4
fixed in 23.3
0.5%
Theoretical Threat
Post-Exploit
CVE-2024-37371NONE0
krb5-locales
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.6
1.9%
Low-Moderate Risk
Not Applicable
CVE-2024-3596NONE0
krb5-locales
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.8
14.9%
High Exploitation Risk
Not Applicable
CVE-2024-2961NONE0
locales
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.15
88.3%
Actively Exploited
Not Applicable
CVE-2024-33599NONE0
locales
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.16
1.3%
Low-Moderate Risk
Not Applicable
CVE-2024-37370NONE0
krb5-locales
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.6
0.7%
Theoretical Threat
Not Applicable
CVE-2025-4802NONE0
locales
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.18
0.4%
Theoretical Threat
Not Applicable
CVE-2025-24528NONE0
krb5-locales
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.9
0.6%
Theoretical Threat
Not Applicable
CVE-2025-3576NONE0
krb5-locales
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.11
0.3%
Theoretical Threat
Not Applicable
CVE-2024-26458NONE0
krb5-locales
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.9
0.8%
Theoretical Threat
Not Applicable
CVE-2024-26461NONE0
krb5-locales
1.17-6ubuntu4.4
fixed in 1.17-6ubuntu4.9
1.1%
Low-Moderate Risk
Not Applicable
CVE-2025-0395NONE0
locales
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.17
0.3%
Theoretical Threat
Not Applicable
CVE-2024-33600NONE0
locales
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.16
1.2%
Low-Moderate Risk
Not Applicable
CVE-2024-33601NONE0
locales
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.16
1.1%
Low-Moderate Risk
Not Applicable
CVE-2024-33602NONE0
locales
2.31-0ubuntu9.14
fixed in 2.31-0ubuntu9.16
0.4%
Theoretical Threat
Not Applicable
CVE-2025-48924NONE0
commons-lang:commons-lang
2.6
No fix yet
2.2%
Low-Moderate Risk
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.1.3
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.10.1
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.10.3
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.11.2
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.4.0
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.4.4
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.6.7
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.7.0
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.7.4
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.7.9
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.8.1
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.8.2
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.8.8
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.9.10
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.9.8
fixed in 2.21.1, 2.18.6
Not Applicable
GHSA-72hv-8253-57qqNONE0
com.fasterxml.jackson.core:jackson-core
2.9.9
fixed in 2.21.1, 2.18.6
Not Applicable
CVE-2023-45859NONE0
com.hazelcast:hazelcast
3.10
fixed in 5.2.5, 5.3.5
0.5%
Theoretical Threat
Not Applicable
CVE-2026-25526NONE0
com.hubspot.jinjava:jinjava
2.4.0
fixed in 2.8.3, 2.7.6
0.9%
Theoretical Threat
Not Applicable
CVE-2026-25526NONE0
com.hubspot.jinjava:jinjava
2.4.12
fixed in 2.8.3, 2.7.6
0.9%
Theoretical Threat
Not Applicable
CVE-2026-25526NONE0
com.hubspot.jinjava:jinjava
2.5.4
fixed in 2.8.3, 2.7.6
0.9%
Theoretical Threat
Not Applicable
CVE-2024-36114NONE0
io.airlift:aircompressor
0.10
fixed in 0.27
0.5%
Theoretical Threat
Not Applicable
CVE-2026-42583NONE0
io.netty:netty-codec
4.1.27.Final
fixed in 4.1.133.Final
0.4%
Theoretical Threat
Not Applicable
CVE-2026-42583NONE0
io.netty:netty-codec
4.1.51.Final
fixed in 4.1.133.Final
0.4%
Theoretical Threat
Not Applicable
CVE-2026-42583NONE0
io.netty:netty-codec
4.1.8.Final
fixed in 4.1.133.Final
0.4%
Theoretical Threat
Not Applicable
GHSA-xpw8-rcwv-8f8pNONE0
io.netty:netty-codec-http2
4.1.0.CR1
fixed in 4.1.100.Final
Not Applicable
GHSA-xpw8-rcwv-8f8pNONE0
io.netty:netty-codec-http2
4.1.27.Final
fixed in 4.1.100.Final
Not Applicable
GHSA-xpw8-rcwv-8f8pNONE0
io.netty:netty-codec-http2
4.1.8.Final
fixed in 4.1.100.Final
Not Applicable
CVE-2026-45205NONE0
org.apache.commons:commons-configuration2
2.7
fixed in 2.15.0
0.5%
Theoretical Threat
Not Applicable
CVE-2025-30474NONE0
org.apache.commons:commons-vfs2
2.6.0
fixed in 2.10.0
0.7%
Theoretical Threat
Not Applicable
CVE-2024-23454NONE0
org.apache.hadoop:hadoop-common
2.3.0
fixed in 3.4.0
0.4%
Theoretical Threat
Not Applicable
CVE-2024-23454NONE0
org.apache.hadoop:hadoop-common
2.5.1
fixed in 3.4.0
0.4%
Theoretical Threat
Not Applicable
CVE-2024-23454NONE0
org.apache.hadoop:hadoop-common
2.6.5
fixed in 3.4.0
0.4%
Theoretical Threat
Not Applicable
CVE-2024-23454NONE0
org.apache.hadoop:hadoop-common
2.7.7
fixed in 3.4.0
0.4%
Theoretical Threat
Not Applicable
CVE-2026-49268NONE0
org.apache.shiro:shiro-core
1.7.0
fixed in 2.2.1, 3.0.0-alpha-2
Not Applicable
CVE-2022-47894NONE0
org.apache.zeppelin:sap
0.10.0
fixed in 0.11.0
1.3%
Low-Moderate Risk
Not Applicable
CVE-2024-31866NONE0
org.apache.zeppelin:zeppelin-interpreter
0.10.0
fixed in 0.11.1
1.4%
Low-Moderate Risk
Not Applicable
CVE-2024-31868NONE0
org.apache.zeppelin:zeppelin-interpreter
0.10.0
fixed in 0.11.1
1.3%
Low-Moderate Risk
Not Applicable
CVE-2024-31864NONE0
org.apache.zeppelin:zeppelin-jdbc
0.10.0
fixed in 0.11.1
1.3%
Low-Moderate Risk
Not Applicable
CVE-2024-31860NONE0
org.apache.zeppelin:zeppelin-server
0.10.0
fixed in 0.11.0
1.4%
Low-Moderate Risk
Not Applicable
CVE-2024-31865NONE0
org.apache.zeppelin:zeppelin-server
0.10.0
fixed in 0.11.1
1.7%
Low-Moderate Risk
Not Applicable
CVE-2024-31867NONE0
org.apache.zeppelin:zeppelin-server
0.10.0
fixed in 0.11.1
1.8%
Low-Moderate Risk
Not Applicable
CVE-2024-41177NONE0
org.apache.zeppelin:zeppelin-web
0.10.0
fixed in 0.12.0
0.6%
Theoretical Threat
Not Applicable
GHSA-58qw-p7qm-5rvhNONE0
org.eclipse.jetty:jetty-xml
9.4.31.v20200723
fixed in 10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823
Not Applicable
GHSA-gj48-438w-jh9vNONE0
bleach
6.1.0
fixed in 6.4.0
Not Applicable
GHSA-8rfp-98v4-mmr6NONE0
bleach
6.1.0
fixed in 6.4.0
Not Applicable
GHSA-537c-gmf6-5ccfNONE0
cryptography
3.2.1
fixed in 48.0.1
Not Applicable
GHSA-5cpq-8wj7-hf2vNONE0
cryptography
3.2.1
fixed in 41.0.0
Not Applicable
GHSA-jm77-qphf-c4w8NONE0
cryptography
3.2.1
fixed in 41.0.3
Not Applicable
GHSA-v8gr-m533-ghj9NONE0
cryptography
3.2.1
fixed in 41.0.4
Not Applicable
CVE-2026-33310NONE0
intake
0.7.0
No fix yet
0.4%
Theoretical Threat
Not Applicable
CVE-2025-30167NONE0
jupyter_core
4.11.1
fixed in 5.8.1
0.1%
Theoretical Threat
Not Applicable
GHSA-6v7p-g79w-8964NONE0
msgpack
1.0.4
fixed in 1.2.1
Not Applicable
CVE-2026-49853NONE0
tornado
6.2
fixed in 6.5.6
Not Applicable
CVE-2026-49855NONE0
tornado
6.2
fixed in 6.5.6
Not Applicable
GHSA-753j-mpmx-qq6gNONE0
tornado
6.2
fixed in 6.4.1
Not Applicable
GHSA-78cv-mqj4-43f7NONE0
tornado
6.2
fixed in 6.5.5
Not Applicable
GHSA-pw6j-qg29-8w7fNONE0
tornado
6.2
fixed in 6.5.7
Not Applicable
GHSA-qppv-j76h-2rpxNONE0
tornado
6.2
fixed in 6.3.3
Not Applicable
GHSA-w235-7p84-xx57NONE0
tornado
6.2
fixed in 6.4.1
Not Applicable
CVE-2026-49854NONE0
tornado
6.2
fixed in 6.5.6
Not Applicable