195 matches found
GHSA-5XRH-QMMQ-W6CH vulnerabilities
Vulnerabilities for packages: trino, celeborn, thingsboard, management-api-for-apache-cassandra-5.0...
CVE-2026-44893 vulnerabilities
Vulnerabilities for packages: trino, neo4j, thingsboard, keycloak, zipkin, apicurio-registry, apache-activemq-artemis, celeborn, management-api-for-apache-cassandra-5.0...
GHSA-C2RX-5R8W-8XR2 vulnerabilities
Vulnerabilities for packages: trino, opensearch, spark...
CVE-2026-46340 vulnerabilities
Vulnerabilities for packages: trino, celeborn, thingsboard, management-api-for-apache-cassandra-5.0...
GHSA-CC37-9Q2J-3HFV vulnerabilities
Vulnerabilities for packages: trino, neo4j, thingsboard, keycloak, zipkin, apicurio-registry, apache-activemq-artemis, celeborn, management-api-for-apache-cassandra-5.0...
CVE-2026-44894 vulnerabilities
Vulnerabilities for packages: spark, opensearch, apache-nifi, trino...
GHSA-CMM3-54F8-PX4J vulnerabilities
Vulnerabilities for packages: spark, opensearch, apache-nifi, trino...
CVE-2026-44892 vulnerabilities
Vulnerabilities for packages: trino, opensearch, spark...
CLEANSTART-2026-EG39405 Netty is an asynchronous, event-driven network application framework
Multiple security vulnerabilities affect the trino package. Netty is an asynchronous, event-driven network application framework. See references for individual vulnerability details...
Malicious Package
Overview @cloudplatform-single-spa/dataplatform-trino is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that...
CLEANSTART-2026-RM01950 Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-67721, CVE-2025-68119, CVE-2025-68121, CVE-2026-1225, CVE-2026-1605, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, ghsa-72hv-8253-57qq applied in versions: 479-r0, 480-r1
Multiple security vulnerabilities affect the trino package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-2C5C-CHWR-9HQW vulnerabilities
Vulnerabilities for packages: trino, opensearch, spark, druid...
CVE-2026-42582 vulnerabilities
Vulnerabilities for packages: trino, opensearch, spark, druid...
CLEANSTART-2026-HQ78610 Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java
Multiple security vulnerabilities affect the trino package. Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. See references for individual vulnerability details...
CLEANSTART-2026-DO09088 Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-67721, CVE-2025-68119, CVE-2025-68121, CVE-2026-1225, CVE-2026-1605, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-72hv-8253-57qq applied in versions: 479-r0
Multiple security vulnerabilities affect the trino package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-34214
Trino is a distributed SQL query engine for big data analytics. From version 439 to before version 480, Iceberg connector REST catalog static credentials access key or vended credentials temporary access key are accessible to users that have write privilege on SQL level. This issue has been patch...
CVE-2026-34214
Trino is a distributed SQL query engine for big data analytics. From version 439 to before version 480, Iceberg connector REST catalog static credentials access key or vended credentials temporary access key are accessible to users that have write privilege on SQL level. This issue has been patch...
EUVD-2026-17459
Trino is a distributed SQL query engine for big data analytics. From version 439 to before version 480, Iceberg connector REST catalog static credentials access key or vended credentials temporary access key are accessible to users that have write privilege on SQL level. This issue has been patch...
CVE-2026-34214 Trino: Iceberg REST catalog static and vended credentials are accessible via query JSON
Trino is a distributed SQL query engine for big data analytics. From version 439 to before version 480, Iceberg connector REST catalog static credentials access key or vended credentials temporary access key are accessible to users that have write privilege on SQL level. This issue has been patch...
CVE-2026-34214 Trino: Iceberg REST catalog static and vended credentials are accessible via query JSON
Trino is a distributed SQL query engine for big data analytics. From version 439 to before version 480, Iceberg connector REST catalog static credentials access key or vended credentials temporary access key are accessible to users that have write privilege on SQL level. This issue has been patch...