-
## CVE-2019-16335 - Critical Severity Vulnerability
Vulnerable Library - jackson-databind-2.9.9.1.jar
General data-binding functionality for Jackson: works on core streaming API
Library home page: h…
-
Look at using a vulnerability scanner like https://gemnasium.com for identifying vulnerabilities in dependencies.
Additionally, https://snyk.io
-
## CVE-2023-39410 - High Severity Vulnerability
Vulnerable Library - avro-1.7.7.jar
Avro core components
Library home page: http://avro.apache.org
Path to dependency file: /hadoop-mapreduce-project/…
-
The vulnerability in [`local-devices@2.0.0`](https://github.com/cristianstaicu/SecBench.js/tree/efc9da1acc50bceddd40f3ce48d5f0f426feb614/code-injection/local-devices_2.0.0) is mislabeled as code injec…
-
### Description of the feature
This is a request from a particular Gramine user.
There is a C++ application that runs on Gramine in a production environment. Analysis of crashes in production trad…
-
## CVE-2023-44981 - Critical Severity Vulnerability
Vulnerable Library - zookeeper-3.5.6.jar
ZooKeeper server
Library home page: https://www.apache.org/
Path to dependency file: /hadoop-yarn-project…
-
One of the goals of using something like chisel, is to reduce the attack surface of the container image, by not having binaries that are not used by the image but are there and could be exploited by a…
-
## CVE-2021-45046 - Critical Severity Vulnerability
Vulnerable Library - log4j-core-2.9.0.jar
The Apache Log4j Implementation
Library home page: https://www.apache.org/
Path to dependency file: /api…
-
## CVE-2021-44832 - Medium Severity Vulnerability
Vulnerable Library - log4j-core-2.9.0.jar
The Apache Log4j Implementation
Library home page: https://www.apache.org/
Path to dependency file: /api/p…
-
## CVE-2022-42003 - High Severity Vulnerability
Vulnerable Library - jackson-databind-2.9.10.1.jar
General data-binding functionality for Jackson: works on core streaming API
Library home page: http…