feat(hive): add apache hive package #29412
Closed
Octo STS / ci-cve-scan
failed
Oct 4, 2024 in 0s
CVE scan report
CVE scan report
Details
├── 📄 /usr/share/java/hive/jdbc/hive-jdbc-4.0.0-standalone.jar
│ 📦 commons-configuration2 2.8.0 (java-archive)
│ Medium CVE-2024-29133 GHSA-9w38-p64v-xpmv fixed in 2.10.1
│ Medium CVE-2024-29133 GHSA-9w38-p64v-xpmv fixed in 2.10.1
│ Medium CVE-2024-29131 GHSA-xjp4-hw94-mvp5 fixed in 2.10.1
│ Medium CVE-2024-29131 GHSA-xjp4-hw94-mvp5 fixed in 2.10.1
│ 📦 dnsjava 2.1.7 (java-archive)
│ High CVE-2024-25638 GHSA-cfxw-4h78-h7fw fixed in 3.6.0
│ High CVE-2024-25638 GHSA-cfxw-4h78-h7fw fixed in 3.6.0
│ 📦 guava 22.0 (java-archive)
│ Low CVE-2020-8908 GHSA-5mg8-w23w-74h3 fixed in 32.0.0-android
│ Low CVE-2020-8908 GHSA-5mg8-w23w-74h3 fixed in 32.0.0-android
│ Medium CVE-2023-2976 GHSA-7g45-4rm6-3mm3 fixed in 32.0.0-android
│ Medium CVE-2023-2976 GHSA-7g45-4rm6-3mm3 fixed in 32.0.0-android
│ Medium CVE-2018-10237 GHSA-mvr2-9pj6-7w5j fixed in 24.1.1-android
│ Medium CVE-2018-10237 GHSA-mvr2-9pj6-7w5j fixed in 24.1.1-android
│ 📦 jetty-http 9.4.45.v20220203 (java-archive)
│ Low CVE-2022-2047 GHSA-cj7v-27pg-wf7q fixed in 9.4.47
│ Low CVE-2022-2047 GHSA-cj7v-27pg-wf7q fixed in 9.4.47
│ Medium CVE-2023-40167 GHSA-hmr7-m48g-48f6 fixed in 9.4.52
│ Medium CVE-2023-40167 GHSA-hmr7-m48g-48f6 fixed in 9.4.52
│ 📦 jetty-server 9.4.45.v20220203 (java-archive)
│ Low CVE-2023-26049 GHSA-p26g-97m4-6q7c fixed in 9.4.51.v20230217
│ Low CVE-2023-26049 GHSA-p26g-97m4-6q7c fixed in 9.4.51.v20230217
│ Medium CVE-2023-26048 GHSA-qw69-rqj8-6qw8 fixed in 9.4.51.v20230217
│ Medium CVE-2023-26048 GHSA-qw69-rqj8-6qw8 fixed in 9.4.51.v20230217
│ 📦 jetty-xml 9.4.45.v20220203 (java-archive)
│ Low GHSA-58qw-p7qm-5rvh fixed in 9.4.52.v20230823
│ Low GHSA-58qw-p7qm-5rvh fixed in 9.4.52.v20230823
│ 📦 json-io 2.5.1 (java-archive)
│ High CVE-2023-34610 GHSA-779h-3r69-4f5p
│ High CVE-2023-34610 GHSA-779h-3r69-4f5p
│ 📦 nimbus-jose-jwt 9.31 (java-archive)
│ Medium CVE-2023-52428 GHSA-gvpg-vgmx-xg6w fixed in 9.37.2
│ Medium CVE-2023-52428 GHSA-gvpg-vgmx-xg6w fixed in 9.37.2
│ 📦 protobuf-java 3.7.1 (java-archive)
│ High CVE-2022-3510 GHSA-4gg5-vx3j-xwc7 fixed in 3.16.3
│ High CVE-2022-3510 GHSA-4gg5-vx3j-xwc7 fixed in 3.16.3
│ High CVE-2024-7254 GHSA-735f-pc8j-v9w8 fixed in 3.25.5
│ High CVE-2024-7254 GHSA-735f-pc8j-v9w8 fixed in 3.25.5
│ High CVE-2021-22570 GHSA-77rm-9x9h-xj3g fixed in 3.15.0
│ High CVE-2021-22570 GHSA-77rm-9x9h-xj3g fixed in 3.15.0
│ High CVE-2022-3509 GHSA-g5ww-5jh7-63cx fixed in 3.16.3
│ High CVE-2022-3509 GHSA-g5ww-5jh7-63cx fixed in 3.16.3
│ Medium CVE-2022-3171 GHSA-h4h5-3hr4-j3g2 fixed in 3.16.3
│ Medium CVE-2022-3171 GHSA-h4h5-3hr4-j3g2 fixed in 3.16.3
│ High CVE-2021-22569 GHSA-wrvw-hg22-4m67 fixed in 3.16.1
│ High CVE-2021-22569 GHSA-wrvw-hg22-4m67 fixed in 3.16.1
│ 📦 zookeeper 3.8.3 (java-archive)
│ Medium CVE-2024-23944 GHSA-r978-9m6m-6gm6 fixed in 3.8.4
│ Medium CVE-2024-23944 GHSA-r978-9m6m-6gm6 fixed in 3.8.4
│
├── 📄 /usr/share/java/hive/lib/aircompressor-0.21.jar
│ 📦 aircompressor 0.21 (java-archive)
│ High CVE-2024-36114 GHSA-973x-65j7-xcf4 fixed in 0.27
│ High CVE-2024-36114 GHSA-973x-65j7-xcf4 fixed in 0.27
│
├── 📄 /usr/share/java/hive/lib/avatica-1.12.0.jar
│ 📦 avatica-core 1.12.0 (java-archive)
│ High CVE-2022-36364 GHSA-w7f5-jrpr-5c2m fixed in 1.22.0
│ High CVE-2022-36364 GHSA-w7f5-jrpr-5c2m fixed in 1.22.0
│ 📦 httpclient 4.5.2 (java-archive)
│ Medium CVE-2020-13956 GHSA-7r82-7xv7-xcpj fixed in 4.5.13
│ Medium CVE-2020-13956 GHSA-7r82-7xv7-xcpj fixed in 4.5.13
│ 📦 jackson-databind 2.9.4 (java-archive)
│ High CVE-2020-11619 GHSA-27xj-rqx5-2255 fixed in 2.9.10.4
│ High CVE-2020-11619 GHSA-27xj-rqx5-2255 fixed in 2.9.10.4
│ High CVE-2020-25649 GHSA-288c-cq4h-88gq fixed in 2.9.10.7
│ High CVE-2020-25649 GHSA-288c-cq4h-88gq fixed in 2.9.10.7
│ Critical CVE-2018-14719 GHSA-4gq5-ch57-c2mg fixed in 2.9.7
│ Critical CVE-2018-14719 GHSA-4gq5-ch57-c2mg fixed in 2.9.7
│ Critical CVE-2020-8840 GHSA-4w82-r329-3q67 fixed in 2.9.10.3
│ Critical CVE-2020-8840 GHSA-4w82-r329-3q67 fixed in 2.9.10.3
│ High CVE-2020-36518 GHSA-57j2-w4cx-62h2 fixed in 2.12.6.1
│ High CVE-2020-36518 GHSA-57j2-w4cx-62h2 fixed in 2.12.6.1
│ High CVE-2020-11112 GHSA-58pp-9c76-5625 fixed in 2.9.10.4
│ High CVE-2020-11112 GHSA-58pp-9c76-5625 fixed in 2.9.10.4
│ High CVE-2021-20190 GHSA-5949-rw7g-wx7w fixed in 2.9.10.7
│ High CVE-2021-20190 GHSA-5949-rw7g-wx7w fixed in 2.9.10.7
│ Critical CVE-2020-9546 GHSA-5p34-5m6p-p58g fixed in 2.9.10.4
│ Critical CVE-2020-9546 GHSA-5p34-5m6p-p58g fixed in 2.9.10.4
│ High CVE-2020-35728 GHSA-5r5r-6hpj-8gg9 fixed in 2.9.10.8
│ High CVE-2020-35728 GHSA-5r5r-6hpj-8gg9 fixed in 2.9.10.8
│ High CVE-2019-12086 GHSA-5ww9-j83m-q7qx fixed in 2.9.9
│ High CVE-2019-12086 GHSA-5ww9-j83m-q7qx fixed in 2.9.9
│ Critical CVE-2018-14718 GHSA-645p-88qh-w398 fixed in 2.9.7
│ Critical CVE-2018-14718 GHSA-645p-88qh-w398 fixed in 2.9.7
│ Critical CVE-2019-14379 GHSA-6fpp-rgj9-8rwc fixed in 2.9.9.2
│ Critical CVE-2019-14379 GHSA-6fpp-rgj9-8rwc fixed in 2.9.9.2
│ High CVE-2018-12023 GHSA-6wqp-v4v6-c87c fixed in 2.9.6
│ High CVE-2018-12023 GHSA-6wqp-v4v6-c87c fixed in 2.9.6
│ High CVE-2020-10969 GHSA-758m-v56v-grj4 fixed in 2.9.10.4
│ High CVE-2020-10969 GHSA-758m-v56v-grj4 fixed in 2.9.10.4
│ Critical CVE-2019-16335 GHSA-85cw-hj65-qqv9 fixed in 2.9.10
│ Critical CVE-2019-16335 GHSA-85cw-hj65-qqv9 fixed in 2.9.10
│ High CVE-2020-36182 GHSA-89qr-369f-5m5x fixed in 2.9.10.8
│ High CVE-2020-36182 GHSA-89qr-369f-5m5x fixed in 2.9.10.8
│ High CVE-2020-36180 GHSA-8c4j-34r4-xr8g fixed in 2.9.10.8
│ High CVE-2020-36180 GHSA-8c4j-34r4-xr8g fixed in 2.9.10.8
│ High CVE-2020-36185 GHSA-8w26-6f25-cm9x fixed in 2.9.10.8
│ High CVE-2020-36185 GHSA-8w26-6f25-cm9x fixed in 2.9.10.8
│ High CVE-2020-10672 GHSA-95cm-88f5-f2c7 fixed in 2.9.10.4
│ High CVE-2020-10672 GHSA-95cm-88f5-f2c7 fixed in 2.9.10.4
│ High CVE-2020-36179 GHSA-9gph-22xh-8x98 fixed in 2.9.10.8
│ High CVE-2020-36179 GHSA-9gph-22xh-8x98 fixed in 2.9.10.8
│ High CVE-2020-36183 GHSA-9m6f-7xcq-8vf8 fixed in 2.9.10.8
│ High CVE-2020-36183 GHSA-9m6f-7xcq-8vf8 fixed in 2.9.10.8
│ Critical CVE-2018-14721 GHSA-9mxf-g3x6-wv74 fixed in 2.9.7
│ Critical CVE-2018-14721 GHSA-9mxf-g3x6-wv74 fixed in 2.9.7
│ High CVE-2020-11113 GHSA-9vvp-fxw6-jcxr fixed in 2.9.10.4
│ High CVE-2020-11113 GHSA-9vvp-fxw6-jcxr fixed in 2.9.10.4
│ High CVE-2020-14062 GHSA-c265-37vj-cwcc fixed in 2.9.10.5
│ High CVE-2020-14062 GHSA-c265-37vj-cwcc fixed in 2.9.10.5
│ High CVE-2020-14061 GHSA-c2q3-4qrh-fm48 fixed in 2.9.10.5
│ High CVE-2020-14061 GHSA-c2q3-4qrh-fm48 fixed in 2.9.10.5
│ Critical CVE-2018-19362 GHSA-c8hm-7hpq-7jhg fixed in 2.9.8
│ Critical CVE-2018-19362 GHSA-c8hm-7hpq-7jhg fixed in 2.9.8
│ High CVE-2019-14892 GHSA-cf6r-3wgc-h863 fixed in 2.9.10
│ High CVE-2019-14892 GHSA-cf6r-3wgc-h863 fixed in 2.9.10
│ Critical CVE-2018-7489 GHSA-cggj-fvv3-cqwv fixed in 2.9.5
│ Critical CVE-2018-7489 GHSA-cggj-fvv3-cqwv fixed in 2.9.5
│ High CVE-2018-12022 GHSA-cjjf-94ff-43w7 fixed in 2.9.6
│ High CVE-2018-12022 GHSA-cjjf-94ff-43w7 fixed in 2.9.6
│ Medium CVE-2019-12814 GHSA-cmfg-87vq-g5g4 fixed in 2.9.9.1
│ Medium CVE-2019-12814 GHSA-cmfg-87vq-g5g4 fixed in 2.9.9.1
│ High CVE-2020-36181 GHSA-cvm9-fjm9-3572 fixed in 2.9.10.8
│ High CVE-2020-36181 GHSA-cvm9-fjm9-3572 fixed in 2.9.10.8
│ Critical CVE-2019-17267 GHSA-f3j5-rmmp-3fc5 fixed in 2.9.10
│ Critical CVE-2019-17267 GHSA-f3j5-rmmp-3fc5 fixed in 2.9.10
│ Critical CVE-2018-19360 GHSA-f9hv-mg5h-xcw9 fixed in 2.9.8
│ Critical CVE-2018-19360 GHSA-f9hv-mg5h-xcw9 fixed in 2.9.8
│ High CVE-2020-36188 GHSA-f9xh-2qgp-cq57 fixed in 2.9.10.8
│ High CVE-2020-36188 GHSA-f9xh-2qgp-cq57 fixed in 2.9.10.8
│ Critical CVE-2019-16943 GHSA-fmmc-742q-jg75 fixed in 2.9.10.1
│ Critical CVE-2019-16943 GHSA-fmmc-742q-jg75 fixed in 2.9.10.1
│ High CVE-2020-10673 GHSA-fqwf-pjwf-7vqv fixed in 2.9.10.4
│ High CVE-2020-10673 GHSA-fqwf-pjwf-7vqv fixed in 2.9.10.4
│ Critical CVE-2019-17531 GHSA-gjmw-vf9h-g25v fixed in 2.9.10.1
│ Critical CVE-2019-17531 GHSA-gjmw-vf9h-g25v fixed in 2.9.10.1
│ High CVE-2019-14439 GHSA-gwp4-hfv6-p7hw fixed in 2.9.9.2
│ High CVE-2019-14439 GHSA-gwp4-hfv6-p7hw fixed in 2.9.9.2
│ Critical CVE-2019-20330 GHSA-gww7-p5w4-wrfv fixed in 2.9.10.2
│ Critical CVE-2019-20330 GHSA-gww7-p5w4-wrfv fixed in 2.9.10.2
│ High CVE-2020-24616 GHSA-h3cw-g4mq-c5x2 fixed in 2.9.10.6
│ High CVE-2020-24616 GHSA-h3cw-g4mq-c5x2 fixed in 2.9.10.6
│ High CVE-2020-11620 GHSA-h4rc-386g-6m85 fixed in 2.9.10.4
│ High CVE-2020-11620 GHSA-h4rc-386g-6m85 fixed in 2.9.10.4
│ Critical CVE-2019-14540 GHSA-h822-r4r5-v8jg fixed in 2.9.10
│ Critical CVE-2019-14540 GHSA-h822-r4r5-v8jg fixed in 2.9.10
│ High CVE-2020-14060 GHSA-j823-4qch-3rgm fixed in 2.9.10.5
│ High CVE-2020-14060 GHSA-j823-4qch-3rgm fixed in 2.9.10.5
│ High CVE-2022-42003 GHSA-jjjh-jjxp-wpff fixed in 2.12.7.1
│ High CVE-2022-42003 GHSA-jjjh-jjxp-wpff fixed in 2.12.7.1
│ High CVE-2020-36184 GHSA-m6x4-97wx-4q27 fixed in 2.9.10.8
│ High CVE-2020-36184 GHSA-m6x4-97wx-4q27 fixed in 2.9.10.8
│ High CVE-2020-14195 GHSA-mc6h-4qgp-37qh fixed in 2.9.10.5
│ High CVE-2020-14195 GHSA-mc6h-4qgp-37qh fixed in 2.9.10.5
│ Medium CVE-2019-12384 GHSA-mph4-vhrx-mv67 fixed in 2.9.9.1
│ Medium CVE-2019-12384 GHSA-mph4-vhrx-mv67 fixed in 2.9.9.1
│ Critical CVE-2019-16942 GHSA-mx7p-6679-8g3q fixed in 2.9.10.1
│ Critical CVE-2019-16942 GHSA-mx7p-6679-8g3q fixed in 2.9.10.1
│ Critical CVE-2018-19361 GHSA-mx9v-gmh4-mgqw fixed in 2.9.8
│ Critical CVE-2018-19361 GHSA-mx9v-gmh4-mgqw fixed in 2.9.8
│ Critical CVE-2020-9548 GHSA-p43x-xfjf-5jhr fixed in 2.9.10.4
│ Critical CVE-2020-9548 GHSA-p43x-xfjf-5jhr fixed in 2.9.10.4
│ Critical CVE-2020-9547 GHSA-q93h-jc49-78gg fixed in 2.9.10.4
│ Critical CVE-2020-9547 GHSA-q93h-jc49-78gg fixed in 2.9.10.4
│ High CVE-2020-24750 GHSA-qjw2-hr98-qgfh fixed in 2.9.10.6
│ High CVE-2020-24750 GHSA-qjw2-hr98-qgfh fixed in 2.9.10.6
│ High CVE-2019-14893 GHSA-qmqc-x3r4-6v39 fixed in 2.9.10
│ High CVE-2019-14893 GHSA-qmqc-x3r4-6v39 fixed in 2.9.10
│ Critical CVE-2018-11307 GHSA-qr7j-h6gg-jmgc fixed in 2.9.6
│ Critical CVE-2018-11307 GHSA-qr7j-h6gg-jmgc fixed in 2.9.6
│ High CVE-2020-35491 GHSA-r3gr-cxrf-hg25 fixed in 2.9.10.8
│ High CVE-2020-35491 GHSA-r3gr-cxrf-hg25 fixed in 2.9.10.8
│ High CVE-2020-36187 GHSA-r695-7vr9-jgc2 fixed in 2.9.10.8
│ High CVE-2020-36187 GHSA-r695-7vr9-jgc2 fixed in 2.9.10.8
│ High CVE-2020-10968 GHSA-rf6r-2c4q-2vwg fixed in 2.9.10.4
│ High CVE-2020-10968 GHSA-rf6r-2c4q-2vwg fixed in 2.9.10.4
│ High CVE-2022-42004 GHSA-rgv9-q543-rqg4 fixed in 2.12.7.1
│ High CVE-2022-42004 GHSA-rgv9-q543-rqg4 fixed in 2.12.7.1
│ High CVE-2020-10650 GHSA-rpr3-cw39-3pxh fixed in 2.9.10.4
│ High CVE-2020-10650 GHSA-rpr3-cw39-3pxh fixed in 2.9.10.4
│ High CVE-2020-11111 GHSA-v3xw-c963-f5hc fixed in 2.9.10.4
│ High CVE-2020-11111 GHSA-v3xw-c963-f5hc fixed in 2.9.10.4
│ High CVE-2020-36186 GHSA-v585-23hc-c647 fixed in 2.9.10.8
│ High CVE-2020-36186 GHSA-v585-23hc-c647 fixed in 2.9.10.8
│ High CVE-2020-36189 GHSA-vfqx-33qm-g869 fixed in 2.9.10.8
│ High CVE-2020-36189 GHSA-vfqx-33qm-g869 fixed in 2.9.10.8
│ High CVE-2020-35490 GHSA-wh8g-3j2c-rqj5 fixed in 2.9.10.8
│ High CVE-2020-35490 GHSA-wh8g-3j2c-rqj5 fixed in 2.9.10.8
│ Critical CVE-2018-14720 GHSA-x2w5-5m2g-7h5m fixed in 2.9.7
│ Critical CVE-2018-14720 GHSA-x2w5-5m2g-7h5m fixed in 2.9.7
│ 📦 protobuf-java 3.3.0 (java-archive)
│ High CVE-2022-3510 GHSA-4gg5-vx3j-xwc7 fixed in 3.16.3
│ High CVE-2022-3510 GHSA-4gg5-vx3j-xwc7 fixed in 3.16.3
│ High CVE-2024-7254 GHSA-735f-pc8j-v9w8 fixed in 3.25.5
│ High CVE-2024-7254 GHSA-735f-pc8j-v9w8 fixed in 3.25.5
│ High CVE-2021-22570 GHSA-77rm-9x9h-xj3g fixed in 3.15.0
│ High CVE-2021-22570 GHSA-77rm-9x9h-xj3g fixed in 3.15.0
│ High CVE-2022-3509 GHSA-g5ww-5jh7-63cx fixed in 3.16.3
│ High CVE-2022-3509 GHSA-g5ww-5jh7-63cx fixed in 3.16.3
│ Medium CVE-2022-3171 GHSA-h4h5-3hr4-j3g2 fixed in 3.16.3
│ Medium CVE-2022-3171 GHSA-h4h5-3hr4-j3g2 fixed in 3.16.3
│ High CVE-2021-22569 GHSA-wrvw-hg22-4m67 fixed in 3.16.1
│ High CVE-2021-22569 GHSA-wrvw-hg22-4m67 fixed in 3.16.1
│
├── 📄 /usr/share/java/hive/lib/bcprov-jdk18on-1.77.jar
│ 📦 bcprov-jdk18on 1.77 (java-archive)
│ Low CVE-2024-34447 GHSA-4h8f-2wvx-gg5w fixed in 1.78
│ Low CVE-2024-34447 GHSA-4h8f-2wvx-gg5w fixed in 1.78
│ Medium CVE-2024-29857 GHSA-8xfc-gm6g-vgpv fixed in 1.78
│ Medium CVE-2024-29857 GHSA-8xfc-gm6g-vgpv fixed in 1.78
│ Medium CVE-2024-30172 GHSA-m44j-cfrm-g8qc fixed in 1.78
│ Medium CVE-2024-30172 GHSA-m44j-cfrm-g8qc fixed in 1.78
│ Medium CVE-2024-30171 GHSA-v435-xc8x-wvr9 fixed in 1.78
│ Medium CVE-2024-30171 GHSA-v435-xc8x-wvr9 fixed in 1.78
│
├── 📄 /usr/share/java/hive/lib/commons-compress-1.23.0.jar
│ 📦 commons-compress 1.23.0 (java-archive)
│ Medium CVE-2024-26308 GHSA-4265-ccf5-phj5 fixed in 1.26.0
│ Medium CVE-2024-26308 GHSA-4265-ccf5-phj5 fixed in 1.26.0
│ High CVE-2024-25710 GHSA-4g9r-vxhx-9pgx fixed in 1.26.0
│ High CVE-2024-25710 GHSA-4g9r-vxhx-9pgx fixed in 1.26.0
│ Medium CVE-2023-42503 GHSA-cgwf-w82q-5jrr fixed in 1.24.0
│ Medium CVE-2023-42503 GHSA-cgwf-w82q-5jrr fixed in 1.24.0
│
├── 📄 /usr/share/java/hive/lib/commons-configuration2-2.8.0.jar
│ 📦 commons-configuration2 2.8.0 (java-archive)
│ Medium CVE-2024-29133 GHSA-9w38-p64v-xpmv fixed in 2.10.1
│ Medium CVE-2024-29133 GHSA-9w38-p64v-xpmv fixed in 2.10.1
│ Medium CVE-2024-29131 GHSA-xjp4-hw94-mvp5 fixed in 2.10.1
│ Medium CVE-2024-29131 GHSA-xjp4-hw94-mvp5 fixed in 2.10.1
│
├── 📄 /usr/share/java/hive/lib/commons-io-2.12.0.jar
│ 📦 commons-io 2.12.0 (java-archive)
│ High CVE-2024-47554 GHSA-78wr-2p64-hpwj fixed in 2.14.0
│ High CVE-2024-47554 GHSA-78wr-2p64-hpwj fixed in 2.14.0
│
├── 📄 /usr/share/java/hive/lib/derby-10.14.2.0.jar
│ 📦 derby 10.14.2.0 (java-archive)
│ Critical CVE-2022-46337 GHSA-rcjc-c4pj-xxrp fixed in 10.14.3
│ Critical CVE-2022-46337 GHSA-rcjc-c4pj-xxrp fixed in 10.14.3
│
├── 📄 /usr/share/java/hive/lib/grpc-protobuf-1.51.0.jar
│ 📦 grpc-protobuf 1.51.0 (java-archive)
│ High CVE-2023-1428 GHSA-6628-q6j9-w8vg fixed in 1.53.0
│ High CVE-2023-1428 GHSA-6628-q6j9-w8vg fixed in 1.53.0
│ Medium CVE-2023-32732 GHSA-9hxf-ppjv-w6rq fixed in 1.53.0
│ Medium CVE-2023-32732 GHSA-9hxf-ppjv-w6rq fixed in 1.53.0
│ High CVE-2023-32731 GHSA-cfgp-2977-2fmm fixed in 1.53.0
│ High CVE-2023-32731 GHSA-cfgp-2977-2fmm fixed in 1.53.0
│
├── 📄 /usr/share/java/hive/lib/guava-22.0.jar
│ 📦 guava 22.0 (java-archive)
│ Low CVE-2020-8908 GHSA-5mg8-w23w-74h3 fixed in 32.0.0-android
│ Low CVE-2020-8908 GHSA-5mg8-w23w-74h3 fixed in 32.0.0-android
│ Medium CVE-2023-2976 GHSA-7g45-4rm6-3mm3 fixed in 32.0.0-android
│ Medium CVE-2023-2976 GHSA-7g45-4rm6-3mm3 fixed in 32.0.0-android
│ Medium CVE-2018-10237 GHSA-mvr2-9pj6-7w5j fixed in 24.1.1-android
│ Medium CVE-2018-10237 GHSA-mvr2-9pj6-7w5j fixed in 24.1.1-android
│
├── 📄 /usr/share/java/hive/lib/hive-druid-handler-4.0.0.jar
│ 📦 commons-compress 1.23.0 (java-archive)
│ Medium CVE-2024-26308 GHSA-4265-ccf5-phj5 fixed in 1.26.0
│ Medium CVE-2024-26308 GHSA-4265-ccf5-phj5 fixed in 1.26.0
│ High CVE-2024-25710 GHSA-4g9r-vxhx-9pgx fixed in 1.26.0
│ High CVE-2024-25710 GHSA-4g9r-vxhx-9pgx fixed in 1.26.0
│ Medium CVE-2023-42503 GHSA-cgwf-w82q-5jrr fixed in 1.24.0
│ Medium CVE-2023-42503 GHSA-cgwf-w82q-5jrr fixed in 1.24.0
│ 📦 commons-configuration2 2.8.0 (java-archive)
│ Medium CVE-2024-29133 GHSA-9w38-p64v-xpmv fixed in 2.10.1
│ Medium CVE-2024-29133 GHSA-9w38-p64v-xpmv fixed in 2.10.1
│ Medium CVE-2024-29131 GHSA-xjp4-hw94-mvp5 fixed in 2.10.1
│ Medium CVE-2024-29131 GHSA-xjp4-hw94-mvp5 fixed in 2.10.1
│ 📦 druid-core 0.17.1 (java-archive)
│ Medium CVE-2021-26920 GHSA-793h-6f7r-6qvm fixed in 0.21.0
│ Medium CVE-2021-26920 GHSA-793h-6f7r-6qvm fixed in 0.21.0
│ Medium CVE-2021-36749 GHSA-9p5g-vg43-mj5r fixed in 0.22.0
│ Medium CVE-2021-36749 GHSA-9p5g-vg43-mj5r fixed in 0.22.0
│ 📦 guava 16.0.1 (java-archive)
│ Low CVE-2020-8908 GHSA-5mg8-w23w-74h3 fixed in 32.0.0-android
│ Low CVE-2020-8908 GHSA-5mg8-w23w-74h3 fixed in 32.0.0-android
│ Medium CVE-2023-2976 GHSA-7g45-4rm6-3mm3 fixed in 32.0.0-android
│ Medium CVE-2023-2976 GHSA-7g45-4rm6-3mm3 fixed in 32.0.0-android
│ Medium CVE-2018-10237 GHSA-mvr2-9pj6-7w5j fixed in 24.1.1-android
│ Medium CVE-2018-10237 GHSA-mvr2-9pj6-7w5j fixed in 24.1.1-android
│ 📦 netty 3.10.5.Final (java-archive)
│ Medium CVE-2021-21290 GHSA-5mcr-gq6c-3hq2
│ Medium CVE-2021-21290 GHSA-5mcr-gq6c-3hq2
│ High CVE-2021-37137 GHSA-9vjp-v76f-g363
│ High CVE-2021-37137 GHSA-9vjp-v76f-g363
│ Critical CVE-2019-20444 GHSA-cqqj-4p63-rrmm
│ Critical CVE-2019-20444 GHSA-cqqj-4p63-rrmm
│ Medium CVE-2021-21409 GHSA-f256-j965-7f32
│ Medium CVE-2021-21409 GHSA-f256-j965-7f32
│ High CVE-2021-37136 GHSA-grg4-wf29-r9vv
│ High CVE-2021-37136 GHSA-grg4-wf29-r9vv
│ Medium CVE-2019-20445 GHSA-p2v9-g2qv-p635
│ Medium CVE-2019-20445 GHSA-p2v9-g2qv-p635
│ Medium CVE-2021-21295 GHSA-wm47-8v5p-wjpj
│ Medium CVE-2021-21295 GHSA-wm47-8v5p-wjpj
│ Medium CVE-2021-43797 GHSA-wx5j-54mm-rqqq
│ Medium CVE-2021-43797 GHSA-wx5j-54mm-rqqq
│
├── 📄 /usr/share/java/hive/lib/hive-exec-4.0.0.jar
│ 📦 aircompressor 0.21 (java-archive)
│ High CVE-2024-36114 GHSA-973x-65j7-xcf4 fixed in 0.27
│ High CVE-2024-36114 GHSA-973x-65j7-xcf4 fixed in 0.27
│ 📦 avatica-core 1.12.0 (java-archive)
│ High CVE-2022-36364 GHSA-w7f5-jrpr-5c2m fixed in 1.22.0
│ High CVE-2022-36364 GHSA-w7f5-jrpr-5c2m fixed in 1.22.0
│ 📦 guava 22.0 (java-archive)
│ Low CVE-2020-8908 GHSA-5mg8-w23w-74h3 fixed in 32.0.0-android
│ Low CVE-2020-8908 GHSA-5mg8-w23w-74h3 fixed in 32.0.0-android
│ Medium CVE-2023-2976 GHSA-7g45-4rm6-3mm3 fixed in 32.0.0-android
│ Medium CVE-2023-2976 GHSA-7g45-4rm6-3mm3 fixed in 32.0.0-android
│ Medium CVE-2018-10237 GHSA-mvr2-9pj6-7w5j fixed in 24.1.1-android
│ Medium CVE-2018-10237 GHSA-mvr2-9pj6-7w5j fixed in 24.1.1-android
│ 📦 httpclient 4.5.2 (java-archive)
│ Medium CVE-2020-13956 GHSA-7r82-7xv7-xcpj fixed in 4.5.13
│ Medium CVE-2020-13956 GHSA-7r82-7xv7-xcpj fixed in 4.5.13
│ 📦 protobuf-java 3.3.0 (java-archive)
│ High CVE-2022-3510 GHSA-4gg5-vx3j-xwc7 fixed in 3.16.3
│ High CVE-2022-3510 GHSA-4gg5-vx3j-xwc7 fixed in 3.16.3
│ High CVE-2024-7254 GHSA-735f-pc8j-v9w8 fixed in 3.25.5
│ High CVE-2024-7254 GHSA-735f-pc8j-v9w8 fixed in 3.25.5
│ High CVE-2021-22570 GHSA-77rm-9x9h-xj3g fixed in 3.15.0
│ High CVE-2021-22570 GHSA-77rm-9x9h-xj3g fixed in 3.15.0
│ High CVE-2022-3509 GHSA-g5ww-5jh7-63cx fixed in 3.16.3
│ High CVE-2022-3509 GHSA-g5ww-5jh7-63cx fixed in 3.16.3
│ Medium CVE-2022-3171 GHSA-h4h5-3hr4-j3g2 fixed in 3.16.3
│ Medium CVE-2022-3171 GHSA-h4h5-3hr4-j3g2 fixed in 3.16.3
│ High CVE-2021-22569 GHSA-wrvw-hg22-4m67 fixed in 3.16.1
│ High CVE-2021-22569 GHSA-wrvw-hg22-4m67 fixed in 3.16.1
│
├── 📄 /usr/share/java/hive/lib/hive-kudu-handler-4.0.0.jar
│ 📦 guava 28.2-jre (java-archive)
│ Low CVE-2020-8908 GHSA-5mg8-w23w-74h3 fixed in 32.0.0-android
│ Low CVE-2020-8908 GHSA-5mg8-w23w-74h3 fixed in 32.0.0-android
│ Medium CVE-2023-2976 GHSA-7g45-4rm6-3mm3 fixed in 32.0.0-android
│ Medium CVE-2023-2976 GHSA-7g45-4rm6-3mm3 fixed in 32.0.0-android
│ 📦 protobuf-java 3.11.3 (java-archive)
│ High CVE-2022-3510 GHSA-4gg5-vx3j-xwc7 fixed in 3.16.3
│ High CVE-2022-3510 GHSA-4gg5-vx3j-xwc7 fixed in 3.16.3
│ High CVE-2024-7254 GHSA-735f-pc8j-v9w8 fixed in 3.25.5
│ High CVE-2024-7254 GHSA-735f-pc8j-v9w8 fixed in 3.25.5
│ High CVE-2021-22570 GHSA-77rm-9x9h-xj3g fixed in 3.15.0
│ High CVE-2021-22570 GHSA-77rm-9x9h-xj3g fixed in 3.15.0
│ High CVE-2022-3509 GHSA-g5ww-5jh7-63cx fixed in 3.16.3
│ High CVE-2022-3509 GHSA-g5ww-5jh7-63cx fixed in 3.16.3
│ Medium CVE-2022-3171 GHSA-h4h5-3hr4-j3g2 fixed in 3.16.3
│ Medium CVE-2022-3171 GHSA-h4h5-3hr4-j3g2 fixed in 3.16.3
│ High CVE-2021-22569 GHSA-wrvw-hg22-4m67 fixed in 3.16.1
│ High CVE-2021-22569 GHSA-wrvw-hg22-4m67 fixed in 3.16.1
│
├── 📄 /usr/share/java/hive/lib/htrace-core-3.1.0-incubating.jar
│ 📦 jackson-databind 2.4.0 (java-archive)
│ Critical CVE-2018-14719 GHSA-4gq5-ch57-c2mg fixed in 2.7.9.5
│ Critical CVE-2018-14719 GHSA-4gq5-ch57-c2mg fixed in 2.7.9.5
│ Critical CVE-2020-8840 GHSA-4w82-r329-3q67 fixed in 2.6.7.4
│ Critical CVE-2020-8840 GHSA-4w82-r329-3q67 fixed in 2.6.7.4
│ High CVE-2020-36518 GHSA-57j2-w4cx-62h2 fixed in 2.12.6.1
│ High CVE-2020-36518 GHSA-57j2-w4cx-62h2 fixed in 2.12.6.1
│ High CVE-2021-20190 GHSA-5949-rw7g-wx7w fixed in 2.6.7.5
│ High CVE-2021-20190 GHSA-5949-rw7g-wx7w fixed in 2.6.7.5
│ High CVE-2020-35728 GHSA-5r5r-6hpj-8gg9 fixed in 2.9.10.8
│ High CVE-2020-35728 GHSA-5r5r-6hpj-8gg9 fixed in 2.9.10.8
│ High CVE-2019-12086 GHSA-5ww9-j83m-q7qx fixed in 2.6.7.3
│ High CVE-2019-12086 GHSA-5ww9-j83m-q7qx fixed in 2.6.7.3
│ Critical CVE-2018-14718 GHSA-645p-88qh-w398 fixed in 2.6.7.3
│ Critical CVE-2018-14718 GHSA-645p-88qh-w398 fixed in 2.6.7.3
│ Critical CVE-2019-14379 GHSA-6fpp-rgj9-8rwc fixed in 2.7.9.6
│ Critical CVE-2019-14379 GHSA-6fpp-rgj9-8rwc fixed in 2.7.9.6
│ Critical CVE-2019-16335 GHSA-85cw-hj65-qqv9 fixed in 2.6.7.3
│ Critical CVE-2019-16335 GHSA-85cw-hj65-qqv9 fixed in 2.6.7.3
│ High CVE-2020-36182 GHSA-89qr-369f-5m5x fixed in 2.6.7.5
│ High CVE-2020-36182 GHSA-89qr-369f-5m5x fixed in 2.6.7.5
│ High CVE-2020-36180 GHSA-8c4j-34r4-xr8g fixed in 2.6.7.5
│ High CVE-2020-36180 GHSA-8c4j-34r4-xr8g fixed in 2.6.7.5
│ High CVE-2020-36185 GHSA-8w26-6f25-cm9x fixed in 2.9.10.8
│ High CVE-2020-36185 GHSA-8w26-6f25-cm9x fixed in 2.9.10.8
│ High CVE-2020-36179 GHSA-9gph-22xh-8x98 fixed in 2.6.7.5
│ High CVE-2020-36179 GHSA-9gph-22xh-8x98 fixed in 2.6.7.5
│ High CVE-2020-36183 GHSA-9m6f-7xcq-8vf8 fixed in 2.6.7.5
│ High CVE-2020-36183 GHSA-9m6f-7xcq-8vf8 fixed in 2.6.7.5
│ Critical CVE-2018-19362 GHSA-c8hm-7hpq-7jhg fixed in 2.6.7.3
│ Critical CVE-2018-19362 GHSA-c8hm-7hpq-7jhg fixed in 2.6.7.3
│ High CVE-2019-14892 GHSA-cf6r-3wgc-h863 fixed in 2.6.7.3
│ High CVE-2019-14892 GHSA-cf6r-3wgc-h863 fixed in 2.6.7.3
│ Critical CVE-2018-7489 GHSA-cggj-fvv3-cqwv fixed in 2.6.7.5
│ Critical CVE-2018-7489 GHSA-cggj-fvv3-cqwv fixed in 2.6.7.5
│ High CVE-2018-12022 GHSA-cjjf-94ff-43w7 fixed in 2.7.9.4
│ High CVE-2018-12022 GHSA-cjjf-94ff-43w7 fixed in 2.7.9.4
│ Medium CVE-2019-12814 GHSA-cmfg-87vq-g5g4 fixed in 2.6.7.3
│ Medium CVE-2019-12814 GHSA-cmfg-87vq-g5g4 fixed in 2.6.7.3
│ High CVE-2020-36181 GHSA-cvm9-fjm9-3572 fixed in 2.6.7.5
│ High CVE-2020-36181 GHSA-cvm9-fjm9-3572 fixed in 2.6.7.5
│ Critical CVE-2019-17267 GHSA-f3j5-rmmp-3fc5 fixed in 2.8.11.5
│ Critical CVE-2019-17267 GHSA-f3j5-rmmp-3fc5 fixed in 2.8.11.5
│ High CVE-2020-36188 GHSA-f9xh-2qgp-cq57 fixed in 2.6.7.5
│ High CVE-2020-36188 GHSA-f9xh-2qgp-cq57 fixed in 2.6.7.5
│ Critical CVE-2019-16943 GHSA-fmmc-742q-jg75 fixed in 2.6.7.3
│ Critical CVE-2019-16943 GHSA-fmmc-742q-jg75 fixed in 2.6.7.3
│ High CVE-2020-10673 GHSA-fqwf-pjwf-7vqv fixed in 2.6.7.4
│ High CVE-2020-10673 GHSA-fqwf-pjwf-7vqv fixed in 2.6.7.4
│ Critical CVE-2019-17531 GHSA-gjmw-vf9h-g25v fixed in 2.6.7.3
│ Critical CVE-2019-17531 GHSA-gjmw-vf9h-g25v fixed in 2.6.7.3
│ High CVE-2019-14439 GHSA-gwp4-hfv6-p7hw fixed in 2.6.7.3
│ High CVE-2019-14439 GHSA-gwp4-hfv6-p7hw fixed in 2.6.7.3
│ Critical CVE-2019-20330 GHSA-gww7-p5w4-wrfv fixed in 2.6.7.4
│ Critical CVE-2019-20330 GHSA-gww7-p5w4-wrfv fixed in 2.6.7.4
│ High CVE-2020-24616 GHSA-h3cw-g4mq-c5x2 fixed in 2.9.10.6
│ High CVE-2020-24616 GHSA-h3cw-g4mq-c5x2 fixed in 2.9.10.6
│ Critical CVE-2017-15095 GHSA-h592-38cm-4ggp fixed in 2.6.7.3
│ Critical CVE-2017-15095 GHSA-h592-38cm-4ggp fixed in 2.6.7.3
│ Critical CVE-2019-14540 GHSA-h822-r4r5-v8jg fixed in 2.6.7.3
│ Critical CVE-2019-14540 GHSA-h822-r4r5-v8jg fixed in 2.6.7.3
│ High CVE-2022-42003 GHSA-jjjh-jjxp-wpff fixed in 2.12.7.1
│ High CVE-2022-42003 GHSA-jjjh-jjxp-wpff fixed in 2.12.7.1
│ High CVE-2020-36184 GHSA-m6x4-97wx-4q27 fixed in 2.9.10.8
│ High CVE-2020-36184 GHSA-m6x4-97wx-4q27 fixed in 2.9.10.8
│ Medium CVE-2019-12384 GHSA-mph4-vhrx-mv67 fixed in 2.6.7.3
│ Medium CVE-2019-12384 GHSA-mph4-vhrx-mv67 fixed in 2.6.7.3
│ Critical CVE-2019-16942 GHSA-mx7p-6679-8g3q fixed in 2.6.7.3
│ Critical CVE-2019-16942 GHSA-mx7p-6679-8g3q fixed in 2.6.7.3
│ Critical CVE-2020-9548 GHSA-p43x-xfjf-5jhr fixed in 2.7.9.7
│ Critical CVE-2020-9548 GHSA-p43x-xfjf-5jhr fixed in 2.7.9.7
│ Critical CVE-2020-9547 GHSA-q93h-jc49-78gg fixed in 2.7.9.7
│ Critical CVE-2020-9547 GHSA-q93h-jc49-78gg fixed in 2.7.9.7
│ High CVE-2020-24750 GHSA-qjw2-hr98-qgfh fixed in 2.6.7.5
│ High CVE-2020-24750 GHSA-qjw2-hr98-qgfh fixed in 2.6.7.5
│ Critical CVE-2018-11307 GHSA-qr7j-h6gg-jmgc fixed in 2.7.9.4
│ Critical CVE-2018-11307 GHSA-qr7j-h6gg-jmgc fixed in 2.7.9.4
│ Critical CVE-2017-7525 GHSA-qxxx-2pp7-5hmx fixed in 2.6.7.1
│ Critical CVE-2017-7525 GHSA-qxxx-2pp7-5hmx fixed in 2.6.7.1
│ High CVE-2020-35491 GHSA-r3gr-cxrf-hg25 fixed in 2.9.10.8
│ High CVE-2020-35491 GHSA-r3gr-cxrf-hg25 fixed in 2.9.10.8
│ High CVE-2020-36187 GHSA-r695-7vr9-jgc2 fixed in 2.9.10.8
│ High CVE-2020-36187 GHSA-r695-7vr9-jgc2 fixed in 2.9.10.8
│ Critical CVE-2017-17485 GHSA-rfx6-vp9g-rh7v fixed in 2.7.9.2
│ Critical CVE-2017-17485 GHSA-rfx6-vp9g-rh7v fixed in 2.7.9.2
│ High CVE-2022-42004 GHSA-rgv9-q543-rqg4 fixed in 2.12.7.1
│ High CVE-2022-42004 GHSA-rgv9-q543-rqg4 fixed in 2.12.7.1
│ High CVE-2020-10650 GHSA-rpr3-cw39-3pxh fixed in 2.9.10.4
│ High CVE-2020-10650 GHSA-rpr3-cw39-3pxh fixed in 2.9.10.4
│ High CVE-2020-36186 GHSA-v585-23hc-c647 fixed in 2.9.10.8
│ High CVE-2020-36186 GHSA-v585-23hc-c647 fixed in 2.9.10.8
│ High CVE-2020-36189 GHSA-vfqx-33qm-g869 fixed in 2.6.7.5
│ High CVE-2020-36189 GHSA-vfqx-33qm-g869 fixed in 2.6.7.5
│ High CVE-2018-5968 GHSA-w3f4-3q6j-rh82 fixed in 2.7.9.5
│ High CVE-2018-5968 GHSA-w3f4-3q6j-rh82 fixed in 2.7.9.5
│ High CVE-2020-35490 GHSA-wh8g-3j2c-rqj5 fixed in 2.9.10.8
│ High CVE-2020-35490 GHSA-wh8g-3j2c-rqj5 fixed in 2.9.10.8
│
├── 📄 /usr/share/java/hive/lib/jetty-http-9.4.45.v20220203.jar
│ 📦 jetty-http 9.4.45.v20220203 (java-archive)
│ Low CVE-2022-2047 GHSA-cj7v-27pg-wf7q fixed in 9.4.47
│ Low CVE-2022-2047 GHSA-cj7v-27pg-wf7q fixed in 9.4.47
│ Medium CVE-2023-40167 GHSA-hmr7-m48g-48f6 fixed in 9.4.52
│ Medium CVE-2023-40167 GHSA-hmr7-m48g-48f6 fixed in 9.4.52
│
├── 📄 /usr/share/java/hive/lib/jetty-runner-9.4.45.v20220203.jar
│ 📦 jetty-http 9.4.45.v20220203 (java-archive)
│ Low CVE-2022-2047 GHSA-cj7v-27pg-wf7q fixed in 9.4.47
│ Low CVE-2022-2047 GHSA-cj7v-27pg-wf7q fixed in 9.4.47
│ Medium CVE-2023-40167 GHSA-hmr7-m48g-48f6 fixed in 9.4.52
│ Medium CVE-2023-40167 GHSA-hmr7-m48g-48f6 fixed in 9.4.52
│ 📦 jetty-server 9.4.45.v20220203 (java-archive)
│ Low CVE-2023-26049 GHSA-p26g-97m4-6q7c fixed in 9.4.51.v20230217
│ Low CVE-2023-26049 GHSA-p26g-97m4-6q7c fixed in 9.4.51.v20230217
│ Medium CVE-2023-26048 GHSA-qw69-rqj8-6qw8 fixed in 9.4.51.v20230217
│ Medium CVE-2023-26048 GHSA-qw69-rqj8-6qw8 fixed in 9.4.51.v20230217
│ 📦 jetty-xml 9.4.45.v20220203 (java-archive)
│ Low GHSA-58qw-p7qm-5rvh fixed in 9.4.52.v20230823
│ Low GHSA-58qw-p7qm-5rvh fixed in 9.4.52.v20230823
│
├── 📄 /usr/share/java/hive/lib/jetty-server-9.4.45.v20220203.jar
│ 📦 jetty-server 9.4.45.v20220203 (java-archive)
│ Low CVE-2023-26049 GHSA-p26g-97m4-6q7c fixed in 9.4.51.v20230217
│ Low CVE-2023-26049 GHSA-p26g-97m4-6q7c fixed in 9.4.51.v20230217
│ Medium CVE-2023-26048 GHSA-qw69-rqj8-6qw8 fixed in 9.4.51.v20230217
│ Medium CVE-2023-26048 GHSA-qw69-rqj8-6qw8 fixed in 9.4.51.v20230217
│
├── 📄 /usr/share/java/hive/lib/jetty-xml-9.4.45.v20220203.jar
│ 📦 jetty-xml 9.4.45.v20220203 (java-archive)
│ Low GHSA-58qw-p7qm-5rvh fixed in 9.4.52.v20230823
│ Low GHSA-58qw-p7qm-5rvh fixed in 9.4.52.v20230823
│
├── 📄 /usr/share/java/hive/lib/kafka-clients-2.5.0.jar
│ 📦 kafka-clients 2.5.0 (java-archive)
│ Medium CVE-2021-38153 GHSA-3j6g-hxx5-3q26 fixed in 2.6.3
│ Medium CVE-2021-38153 GHSA-3j6g-hxx5-3q26 fixed in 2.6.3
│
├── 📄 /usr/share/java/hive/lib/kudu-client-1.12.0.jar
│ 📦 guava 28.2-jre (java-archive)
│ Low CVE-2020-8908 GHSA-5mg8-w23w-74h3 fixed in 32.0.0-android
│ Low CVE-2020-8908 GHSA-5mg8-w23w-74h3 fixed in 32.0.0-android
│ Medium CVE-2023-2976 GHSA-7g45-4rm6-3mm3 fixed in 32.0.0-android
│ Medium CVE-2023-2976 GHSA-7g45-4rm6-3mm3 fixed in 32.0.0-android
│ 📦 protobuf-java 3.11.3 (java-archive)
│ High CVE-2022-3510 GHSA-4gg5-vx3j-xwc7 fixed in 3.16.3
│ High CVE-2022-3510 GHSA-4gg5-vx3j-xwc7 fixed in 3.16.3
│ High CVE-2024-7254 GHSA-735f-pc8j-v9w8 fixed in 3.25.5
│ High CVE-2024-7254 GHSA-735f-pc8j-v9w8 fixed in 3.25.5
│ High CVE-2021-22570 GHSA-77rm-9x9h-xj3g fixed in 3.15.0
│ High CVE-2021-22570 GHSA-77rm-9x9h-xj3g fixed in 3.15.0
│ High CVE-2022-3509 GHSA-g5ww-5jh7-63cx fixed in 3.16.3
│ High CVE-2022-3509 GHSA-g5ww-5jh7-63cx fixed in 3.16.3
│ Medium CVE-2022-3171 GHSA-h4h5-3hr4-j3g2 fixed in 3.16.3
│ Medium CVE-2022-3171 GHSA-h4h5-3hr4-j3g2 fixed in 3.16.3
│ High CVE-2021-22569 GHSA-wrvw-hg22-4m67 fixed in 3.16.1
│ High CVE-2021-22569 GHSA-wrvw-hg22-4m67 fixed in 3.16.1
│
├── 📄 /usr/share/java/hive/lib/netty-3.10.5.Final.jar
│ 📦 netty 3.10.5.Final (java-archive)
│ Medium CVE-2021-21290 GHSA-5mcr-gq6c-3hq2
│ Medium CVE-2021-21290 GHSA-5mcr-gq6c-3hq2
│ High CVE-2021-37137 GHSA-9vjp-v76f-g363
│ High CVE-2021-37137 GHSA-9vjp-v76f-g363
│ Critical CVE-2019-20444 GHSA-cqqj-4p63-rrmm
│ Critical CVE-2019-20444 GHSA-cqqj-4p63-rrmm
│ Medium CVE-2021-21409 GHSA-f256-j965-7f32
│ Medium CVE-2021-21409 GHSA-f256-j965-7f32
│ High CVE-2021-37136 GHSA-grg4-wf29-r9vv
│ High CVE-2021-37136 GHSA-grg4-wf29-r9vv
│ Medium CVE-2019-20445 GHSA-p2v9-g2qv-p635
│ Medium CVE-2019-20445 GHSA-p2v9-g2qv-p635
│ Medium CVE-2021-21295 GHSA-wm47-8v5p-wjpj
│ Medium CVE-2021-21295 GHSA-wm47-8v5p-wjpj
│ Medium CVE-2021-43797 GHSA-wx5j-54mm-rqqq
│ Medium CVE-2021-43797 GHSA-wx5j-54mm-rqqq
│
├── 📄 /usr/share/java/hive/lib/netty-codec-haproxy-4.1.77.Final.jar
│ 📦 netty-codec-haproxy 4.1.77.Final (java-archive)
│ Medium CVE-2022-41881 GHSA-fx2c-96vj-985v fixed in 4.1.86.Final
│ Medium CVE-2022-41881 GHSA-fx2c-96vj-985v fixed in 4.1.86.Final
│
├── 📄 /usr/share/java/hive/lib/netty-codec-http-4.1.77.Final.jar
│ 📦 netty-codec-http 4.1.77.Final (java-archive)
│ Medium CVE-2024-29025 GHSA-5jpm-x58v-624v fixed in 4.1.108.Final
│ Medium CVE-2024-29025 GHSA-5jpm-x58v-624v fixed in 4.1.108.Final
│
├── 📄 /usr/share/java/hive/lib/netty-codec-http2-4.1.77.Final.jar
│ 📦 netty-codec-http2 4.1.77.Final (java-archive)
│ High GHSA-xpw8-rcwv-8f8p fixed in 4.1.100.Final
│ High GHSA-xpw8-rcwv-8f8p fixed in 4.1.100.Final
│
├── 📄 /usr/share/java/hive/lib/nimbus-jose-jwt-9.31.jar
│ 📦 nimbus-jose-jwt 9.31 (java-archive)
│ Medium CVE-2023-52428 GHSA-gvpg-vgmx-xg6w fixed in 9.37.2
│ Medium CVE-2023-52428 GHSA-gvpg-vgmx-xg6w fixed in 9.37.2
│
├── 📄 /usr/share/java/hive/lib/protobuf-java-3.24.4.jar
│ 📦 protobuf-java 3.24.4 (java-archive)
│ High CVE-2024-7254 GHSA-735f-pc8j-v9w8 fixed in 3.25.5
│ High CVE-2024-7254 GHSA-735f-pc8j-v9w8 fixed in 3.25.5
│
├── 📄 /usr/share/java/hive/lib/spring-expression-5.3.21.jar
│ 📦 spring-expression 5.3.21 (java-archive)
│ Medium CVE-2023-20861 GHSA-564r-hj7v-mcr5 fixed in 5.3.26
│ Medium CVE-2023-20861 GHSA-564r-hj7v-mcr5 fixed in 5.3.26
│ Medium CVE-2024-38808 GHSA-9cmq-m9j5-mvww fixed in 5.3.39
│ Medium CVE-2024-38808 GHSA-9cmq-m9j5-mvww fixed in 5.3.39
│ High CVE-2023-20863 GHSA-wxqc-pxw9-g2p8 fixed in 5.3.27
│ High CVE-2023-20863 GHSA-wxqc-pxw9-g2p8 fixed in 5.3.27
│
├── 📄 /usr/share/java/hive/lib/velocity-engine-core-2.3.jar
│ 📦 commons-io 2.8.0 (java-archive)
│ High CVE-2024-47554 GHSA-78wr-2p64-hpwj fixed in 2.14.0
│ High CVE-2024-47554 GHSA-78wr-2p64-hpwj fixed in 2.14.0
│
└── 📄 /usr/share/java/hive/lib/zookeeper-3.8.3.jar
📦 zookeeper 3.8.3 (java-archive)
Medium CVE-2024-23944 GHSA-r978-9m6m-6gm6 fixed in 3.8.4
Medium CVE-2024-23944 GHSA-r978-9m6m-6gm6 fixed in 3.8.4
Loading