16 matches found
ai.chronon:service_2.11 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91), ai.chronon:service_2.12 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +2498 more potentially affected by CVE-2026-46340 via io.netty:netty-transport-sctp (>=4.0.0.Beta1 <=4.1.134.Final)
io.netty:netty-transport-sctp MAVEN version =4.0.0.Beta1, =0.0.86, =0.0.86, =0.0.86, =3.30.1.1, =3.10.0.5, =0.2.3.5, =0.0.1, =2.0.24, =1.1.9, =0.0.1, =0.0.9 and more Source cves: CVE-2026-46340 Source advisory: OSV:GHSA-5XRH-QMMQ-W6CH...
ai.h2o:h2o-algos (=0.1.9), ai.h2o:h2o-app (=0.1.9) +2053 more potentially affected by CVE-2026-45536 via io.netty:netty-transport-native-kqueue (>=4.1.11.Final <=4.1.134.Final)
io.netty:netty-transport-native-kqueue MAVEN version =4.1.11.Final, =3.30.1.1, =3.10.0.5, =0.2.3.5, =0.1.0, =0.0.1, =2.4.0, =1.5.0, =3.0.0, =3.0.0, =3.0.1 and more Source cves: CVE-2026-45536 Source advisory: OSV:GHSA-W573-9FFJ-6FF9...
ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +9600 more potentially affected by CVE-2026-5588 via org.bouncycastle:bcpkix-jdk18on (>=1.71 <=1.83)
org.bouncycastle:bcpkix-jdk18on MAVEN version =1.71, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =3.10.0.5, =0.5.0, =1.2.4, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2026.06.09.151811-4851e30 and more Source cves: CVE-2026-5588 Source advisory:...
ai.catboost:catboost-spark_4.0_2.13 (=1.2.10), ai.catboost:catboost-spark_4.1_2.13 (=1.2.10) +541 more potentially affected by CVE-2025-67721 via io.airlift:aircompressor (=2.0.2)
io.airlift:aircompressor MAVEN version =2.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on io.airlift:aircompressor and may be impacted: - ai.catboost:catboost-spark4.02.13 =1.2.10 - ai.catboost:catboost-spark4.12.13 =1.2.10 - ai.h2o:h2o-orc-parser...
ai.h2o:h2o-orc-parser (>=3.10.0.5 <=3.10.3.6), ai.hypergraph:kaliningraph-jvm (=0.2.1) +4770 more potentially affected by CVE-2025-30749 via org.graalvm.sdk:graal-sdk (>=22.0.0 <=24.0.1)
org.graalvm.sdk:graal-sdk MAVEN version =22.0.0, =3.10.0.5, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =1.1.0 and more Source cves: CVE-2025-30749 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-11998139ht...
ai.h2o:h2o-orc-parser (>=3.10.0.5 <=3.10.3.6), ai.hypergraph:kaliningraph-jvm (=0.2.1) +4770 more potentially affected by CVE-2025-50059 via org.graalvm.sdk:graal-sdk (>=22.0.0 <=24.0.1)
org.graalvm.sdk:graal-sdk MAVEN version =22.0.0, =3.10.0.5, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =1.1.0 and more Source cves: CVE-2025-50059 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-11998135ht...
ai.h2o:h2o-orc-parser (>=3.10.0.5 <=3.10.3.6), ai.hypergraph:kaliningraph-jvm (=0.2.1) +4770 more potentially affected by CVE-2025-30754 via org.graalvm.sdk:graal-sdk (>=22.0.0 <=24.0.1)
org.graalvm.sdk:graal-sdk MAVEN version =22.0.0, =3.10.0.5, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =1.1.0 and more Source cves: CVE-2025-30754 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-11023285ht...
ai.h2o:h2o-orc-parser (>=3.10.0.5 <=3.10.3.6), ai.hypergraph:kaliningraph-jvm (=0.2.1) +4768 more potentially affected by CVE-2025-21587 via org.graalvm.sdk:graal-sdk (>=22.0.0 <=24.0.0)
org.graalvm.sdk:graal-sdk MAVEN version =22.0.0, =3.10.0.5, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =1.1.0 and more Source cves: CVE-2025-21587 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-9728156htt...
ai.h2o:h2o-orc-parser (>=3.10.0.5 <=3.10.3.6), ai.hypergraph:kaliningraph-jvm (=0.2.1) +4768 more potentially affected by CVE-2025-30691 via org.graalvm.sdk:graal-sdk (>=22.0.0 <=24.0.0)
org.graalvm.sdk:graal-sdk MAVEN version =22.0.0, =3.10.0.5, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =1.1.0 and more Source cves: CVE-2025-30691 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-9728205htt...
ai.h2o:h2o-orc-parser (>=3.10.0.5 <=3.10.3.6), ai.hypergraph:kaliningraph-jvm (=0.2.1) +4768 more potentially affected by CVE-2025-30698 via org.graalvm.sdk:graal-sdk (>=22.0.0 <=24.0.0)
org.graalvm.sdk:graal-sdk MAVEN version =22.0.0, =3.10.0.5, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =1.1.0 and more Source cves: CVE-2025-30698 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-9728203htt...
ai.h2o:h2o-orc-parser (>=3.10.0.5 <=3.10.3.6), co.cask.hydrator:hive-plugins (>=1.2.0 <=2.1.2) +548 more potentially affected by CVE-2025-3588 via org.jsonschema2pojo:jsonschema2pojo-core (>=0.4.0 <=1.2.2)
org.jsonschema2pojo:jsonschema2pojo-core MAVEN version =0.4.0, =3.10.0.5, =1.2.0, =1.0.1, =1.5.17 and more Source cves: CVE-2025-3588 Source advisory: OSV:GHSA-66RC-VG9F-48M7...
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.44.0.3), ai.h2o:h2o-algos (>=3.2.0.1 <=3.44.0.3) +34 more potentially affected by CVE-2024-8062 via ai.h2o:h2o-core (>=3.2.0.1 <=3.44.0.3)
ai.h2o:h2o-core MAVEN version =3.2.0.1, =3.34.0.1, =3.2.0.1, =3.2.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.1.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.34.0.3, =3.30.0.1, =3.44.0.3 and more Source cves: CVE-2024-8062 Source advisory: OSV:GHSA-5C8J-G96X-CJ78...
ai.chronon:flink_2.12 (>=0.0.62 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91), ai.chronon:online_2.12 (>=0.0.25 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +555 more potentially affected by CVE-2024-29869 via org.apache.hive:hive-exec (>=0.8.0 <=4.0.0)
org.apache.hive:hive-exec MAVEN version =0.8.0, =0.0.62, =0.0.25, =0.0.25, =0.0.86, =0.0.86, =0.0.8, =0.0.6, =3.18.0.9, =6.5.0, =1.5.8, =0.2.7, =1.3.3, =1.4.0, =1.0.0, =2.0.0, =3.1.0 and more Source cves: CVE-2024-29869 Source advisory: OSV:GHSA-C476-J253-5RGQ...
orc: Stack-based buffer overflow vulnerability in ORC
Stack-based buffer overflow vulnerability exists in orcparse.c of ORC. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of developer machines or CI buil...
ai.h2o:h2o-orc-parser (>=3.18.0.9 <=3.46.0.11), com.linkedin.tony:tony-cli (>=0.1.5 <=0.3.3) +3 more potentially affected by CVE-2015-1772 via org.apache.hive:hive-exec (=1.1.0)
org.apache.hive:hive-exec MAVEN version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hive:hive-exec and may be impacted: - ai.h2o:h2o-orc-parser =3.18.0.9, =0.1.5, =0.1.5, =0.11.0, =0.11.1 Source cves: CVE-2015-1772 Source advisory...
ai.h2o:h2o-orc-parser (>=3.18.0.9 <=3.46.0.11), com.linkedin.tony:tony-cli (>=0.1.5 <=0.3.3) +26 more potentially affected by CVE-2015-7521 via org.apache.hive:hive-exec (>=1.1.0 <=1.2.1)
org.apache.hive:hive-exec MAVEN version =1.1.0, =3.18.0.9, =0.1.5, =0.1.5, =6.5.0, =6.5.0, =6.5.0, =6.5.0, =0.14.0, =0.14.0, =0.15.0, =0.15.0, =0.15.1 and more Source cves: CVE-2015-7521 Source advisory: OSV:GHSA-83R3-C79W-F6WC...