Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.apache.kafka/kafka@2.8.0

Type maven

Namespace org.apache.kafka

Name kafka

Version 2.8.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.8.2

Latest_non_vulnerable_version 3.9.1

Affected_by_vulnerabilities

url

VCID-3jvm-ph93-bfch

vulnerability_id

VCID-3jvm-ph93-bfch

summary

Information Exposure Through Discrepancy
Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38153.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38153.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-38153

reference_id

reference_type

scores

value	0.01058
scoring_system	epss
scoring_elements	0.77562
published_at	2026-04-01T12:55:00Z

value	0.01058
scoring_system	epss
scoring_elements	0.77623
published_at	2026-04-12T12:55:00Z

value	0.01058
scoring_system	epss
scoring_elements	0.77639
published_at	2026-04-11T12:55:00Z

value	0.01058
scoring_system	epss
scoring_elements	0.77612
published_at	2026-04-09T12:55:00Z

value	0.01058
scoring_system	epss
scoring_elements	0.77605
published_at	2026-04-08T12:55:00Z

value	0.01058
scoring_system	epss
scoring_elements	0.77577
published_at	2026-04-07T12:55:00Z

value	0.01058
scoring_system	epss
scoring_elements	0.77596
published_at	2026-04-04T12:55:00Z

value	0.01058
scoring_system	epss
scoring_elements	0.77569
published_at	2026-04-02T12:55:00Z

value	0.01058
scoring_system	epss
scoring_elements	0.77621
published_at	2026-04-13T12:55:00Z

value	0.01188
scoring_system	epss
scoring_elements	0.78836
published_at	2026-04-18T12:55:00Z

value	0.01188
scoring_system	epss
scoring_elements	0.78839
published_at	2026-04-16T12:55:00Z

value	0.01188
scoring_system	epss
scoring_elements	0.78834
published_at	2026-04-21T12:55:00Z

value	0.01188
scoring_system	epss
scoring_elements	0.78862
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-38153

reference_url

https://github.com/apache/kafka

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/kafka

reference_url

https://kafka.apache.org/cve-list

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://kafka.apache.org/cve-list

reference_url

https://lists.apache.org/thread.html/r26390c8b09ecfa356582d665b0c01f4cdcf16ac047c85f9f9f06a88c@%3Cdev.kafka.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r26390c8b09ecfa356582d665b0c01f4cdcf16ac047c85f9f9f06a88c@%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r26390c8b09ecfa356582d665b0c01f4cdcf16ac047c85f9f9f06a88c@%3Cusers.kafka.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r26390c8b09ecfa356582d665b0c01f4cdcf16ac047c85f9f9f06a88c@%3Cusers.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r35322aec467ddae34002690edaa4d9f16e7df9b5bf7164869b75b62c@%3Cdev.kafka.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r35322aec467ddae34002690edaa4d9f16e7df9b5bf7164869b75b62c@%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r45cc0602d5f2cbb72e48896dfadf5e5b87ed85630449598b40e8f0be@%3Cdev.kafka.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r45cc0602d5f2cbb72e48896dfadf5e5b87ed85630449598b40e8f0be@%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r45cc0602d5f2cbb72e48896dfadf5e5b87ed85630449598b40e8f0be@%3Cusers.kafka.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r45cc0602d5f2cbb72e48896dfadf5e5b87ed85630449598b40e8f0be@%3Cusers.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd9ef217b09fdefaf32a4e1835b59b96629542db57e1f63edb8b006e6@%3Cdev.kafka.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd9ef217b09fdefaf32a4e1835b59b96629542db57e1f63edb8b006e6@%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd9ef217b09fdefaf32a4e1835b59b96629542db57e1f63edb8b006e6@%3Cusers.kafka.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd9ef217b09fdefaf32a4e1835b59b96629542db57e1f63edb8b006e6@%3Cusers.kafka.apache.org%3E

reference_url

https://support.confluent.io/hc/en-us/articles/4407632156692-CVE-2021-38153-Confluent-Platform-Vulnerability-Timing-attacks

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://support.confluent.io/hc/en-us/articles/4407632156692-CVE-2021-38153-Confluent-Platform-Vulnerability-Timing-attacks

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2009041
reference_id	2009041
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2009041

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-38153

reference_id

CVE-2021-38153

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-38153

reference_url

https://github.com/advisories/GHSA-3j6g-hxx5-3q26

reference_id

GHSA-3j6g-hxx5-3q26

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-3j6g-hxx5-3q26

reference_url	https://access.redhat.com/errata/RHSA-2022:0138
reference_id	RHSA-2022:0138
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0138

reference_url	https://access.redhat.com/errata/RHSA-2022:0219
reference_id	RHSA-2022:0219
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0219

reference_url	https://access.redhat.com/errata/RHSA-2022:0501
reference_id	RHSA-2022:0501
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0501

reference_url	https://access.redhat.com/errata/RHSA-2022:0589
reference_id	RHSA-2022:0589
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0589

reference_url	https://access.redhat.com/errata/RHSA-2022:0737
reference_id	RHSA-2022:0737
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0737

reference_url	https://access.redhat.com/errata/RHSA-2022:2232
reference_id	RHSA-2022:2232
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2232

reference_url	https://access.redhat.com/errata/RHSA-2022:5532
reference_id	RHSA-2022:5532
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5532

reference_url	https://access.redhat.com/errata/RHSA-2022:5606
reference_id	RHSA-2022:5606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5606

reference_url	https://access.redhat.com/errata/RHSA-2022:6407
reference_id	RHSA-2022:6407
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6407

fixed_packages

aliases

CVE-2021-38153, GHSA-3j6g-hxx5-3q26

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-3jvm-ph93-bfch

url VCID-fcsz-ec5x-3kgc

vulnerability_id VCID-fcsz-ec5x-3kgc

summary

Apache Kafka vulnerability can lead to brokers hitting OutOfMemoryException, causing Denial of Service
A security vulnerability has been identified in Apache Kafka. It affects all releases since 2.8.0. The vulnerability allows malicious unauthenticated clients to allocate large amounts of memory on brokers. This can lead to brokers hitting OutOfMemoryException and causing denial of service. Example scenarios: - Kafka cluster without authentication: Any clients able to establish a network connection to a broker can trigger the issue. - Kafka cluster with SASL authentication: Any clients able to establish a network connection to a broker, without the need for valid SASL credentials, can trigger the issue. - Kafka cluster with TLS authentication: Only clients able to successfully authenticate via TLS can trigger the issue. We advise the users to upgrade the Kafka installations to one of the 3.2.3, 3.1.2, 3.0.2, 2.8.2 versions.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34917.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34917.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34917

reference_id

reference_type

scores

value	0.00073
scoring_system	epss
scoring_elements	0.2191
published_at	2026-04-24T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22051
published_at	2026-04-21T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22204
published_at	2026-04-11T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22097
published_at	2026-04-18T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22104
published_at	2026-04-16T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22217
published_at	2026-04-02T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22164
published_at	2026-04-12T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22265
published_at	2026-04-04T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22048
published_at	2026-04-07T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22129
published_at	2026-04-08T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22183
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34917

reference_url

https://github.com/apache/kafka/commit/14951a83e3fdead212156e5532359500d72f68bc

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/kafka/commit/14951a83e3fdead212156e5532359500d72f68bc

reference_url

https://github.com/apache/kafka/commit/2bfa24b2bd416e7b8c4a0c566b984c43904fdecb

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/kafka/commit/2bfa24b2bd416e7b8c4a0c566b984c43904fdecb

reference_url

https://github.com/apache/kafka/commit/aaceb6b79bfcb1d32874ccdbc8f3138d1c1c00fb

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/kafka/commit/aaceb6b79bfcb1d32874ccdbc8f3138d1c1c00fb

reference_url

https://github.com/apache/kafka/commit/c1295662768e64b4467e27c3d5158f95f2307657

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/kafka/commit/c1295662768e64b4467e27c3d5158f95f2307657

reference_url

https://issues.apache.org/jira/browse/KAFKA-14063

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/KAFKA-14063

reference_url

https://kafka.apache.org/cve-list

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-29T13:38:30Z/

url

https://kafka.apache.org/cve-list

reference_url

https://kafka.apache.org/cve-list#CVE-2022-34917

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://kafka.apache.org/cve-list#CVE-2022-34917

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-34917

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-34917

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2130018
reference_id	2130018
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2130018

reference_url

https://github.com/advisories/GHSA-c9h3-c6qj-hh7q

reference_id

GHSA-c9h3-c6qj-hh7q

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-c9h3-c6qj-hh7q

reference_url	https://access.redhat.com/errata/RHSA-2022:6819
reference_id	RHSA-2022:6819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6819

fixed_packages

url	pkg:maven/org.apache.kafka/kafka@2.8.2
purl	pkg:maven/org.apache.kafka/kafka@2.8.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka@2.8.2

url	pkg:maven/org.apache.kafka/kafka@3.0.2
purl	pkg:maven/org.apache.kafka/kafka@3.0.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka@3.0.2

url	pkg:maven/org.apache.kafka/kafka@3.1.2
purl	pkg:maven/org.apache.kafka/kafka@3.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka@3.1.2

url	pkg:maven/org.apache.kafka/kafka@3.2.3
purl	pkg:maven/org.apache.kafka/kafka@3.2.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka@3.2.3

aliases CVE-2022-34917, GHSA-c9h3-c6qj-hh7q

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fcsz-ec5x-3kgc

url

VCID-m3g5-ua28-afd2

vulnerability_id

VCID-m3g5-ua28-afd2

summary

Origin Validation Error in Apache Maven
Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. Maven is changing the default behavior in 3.8.1+ to no longer follow http (non-SSL) repository references by default. More details available in the referenced urls. If you are currently using a repository manager to govern the repositories used by your builds, you are unaffected by the risks present in the legacy behavior, and are unaffected by this vulnerability and change to default behavior. See this link for more information about repository management: https://maven.apache.org/repository-management.html

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26291.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26291.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-26291

reference_id

reference_type

scores

value	0.46101
scoring_system	epss
scoring_elements	0.97648
published_at	2026-04-24T12:55:00Z

value	0.46101
scoring_system	epss
scoring_elements	0.97649
published_at	2026-04-21T12:55:00Z

value	0.46101
scoring_system	epss
scoring_elements	0.97646
published_at	2026-04-16T12:55:00Z

value	0.46101
scoring_system	epss
scoring_elements	0.97639
published_at	2026-04-13T12:55:00Z

value	0.46101
scoring_system	epss
scoring_elements	0.97617
published_at	2026-04-01T12:55:00Z

value	0.46101
scoring_system	epss
scoring_elements	0.97623
published_at	2026-04-02T12:55:00Z

value	0.46101
scoring_system	epss
scoring_elements	0.97626
published_at	2026-04-07T12:55:00Z

value	0.46101
scoring_system	epss
scoring_elements	0.97625
published_at	2026-04-04T12:55:00Z

value	0.46101
scoring_system	epss
scoring_elements	0.97638
published_at	2026-04-12T12:55:00Z

value	0.46101
scoring_system	epss
scoring_elements	0.97635
published_at	2026-04-11T12:55:00Z

value	0.46101
scoring_system	epss
scoring_elements	0.97633
published_at	2026-04-09T12:55:00Z

value	0.46101
scoring_system	epss
scoring_elements	0.97631
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-26291

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26291
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26291

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/maven

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/maven

reference_url

https://github.com/apache/maven/commit/899465aeec03753ea91e15a79579eab76369c016

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/maven/commit/899465aeec03753ea91e15a79579eab76369c016

reference_url

https://github.com/apache/maven/commit/fa79cb22e456cc65522b5bab8c4240fe08c5775f

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/maven/commit/fa79cb22e456cc65522b5bab8c4240fe08c5775f

reference_url

https://issues.apache.org/jira/browse/MNG-7116

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/MNG-7116

reference_url

https://issues.apache.org/jira/browse/MNG-7117

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/MNG-7117

reference_url

https://lists.apache.org/thread.html/r0556ce5db7231025785477739ee416b169d8aff5ee9bac7854d64736@%3Cannounce.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r0556ce5db7231025785477739ee416b169d8aff5ee9bac7854d64736@%3Cannounce.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r06db4057b74e0598a412734f693a34a8836ac6f06d16d139e5e1027c@%3Cdev.maven.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r06db4057b74e0598a412734f693a34a8836ac6f06d16d139e5e1027c@%3Cdev.maven.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r07a89b32783f73bda6903c1f9aadeb859e5bef0a4daed6d87db8e4a9@%3Cissues.karaf.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r07a89b32783f73bda6903c1f9aadeb859e5bef0a4daed6d87db8e4a9@%3Cissues.karaf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r08a401f8c98a99f68d061fde6e6659d695f28d60fe4f0413bcb355b0@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r08a401f8c98a99f68d061fde6e6659d695f28d60fe4f0413bcb355b0@%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r0a5e4ff2a7ca7ad8595d7683afbaeb3b8788ba974681907f97e7dc8e@%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r0a5e4ff2a7ca7ad8595d7683afbaeb3b8788ba974681907f97e7dc8e@%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r0d083314aa3934dd4b6e6970d1f6ee50f6eaa9d867deb2cd96788478@%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r0d083314aa3934dd4b6e6970d1f6ee50f6eaa9d867deb2cd96788478@%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r167dbc42ef7c59802c2ca1ac14735ef9cf687c25208229993d6206fe@%3Cissues.karaf.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r167dbc42ef7c59802c2ca1ac14735ef9cf687c25208229993d6206fe@%3Cissues.karaf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r2ddabd06d94b60cfb0141e4abb23201c628ab925e30742f61a04d013@%3Cissues.karaf.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r2ddabd06d94b60cfb0141e4abb23201c628ab925e30742f61a04d013@%3Cissues.karaf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r30a139c165b3da6e0d5536434ab1550534011b1fdfcd2f5d95892c5b@%3Cissues.karaf.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r30a139c165b3da6e0d5536434ab1550534011b1fdfcd2f5d95892c5b@%3Cissues.karaf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r30e9fcba679d164158cc26236704c351954909c18cb2485d11038aa6@%3Cdev.kafka.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r30e9fcba679d164158cc26236704c351954909c18cb2485d11038aa6@%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r340e75c9bb6e8661b89e1cf2c52f4638a18312e57bd884722bc28f52@%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r340e75c9bb6e8661b89e1cf2c52f4638a18312e57bd884722bc28f52@%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r39fa6ec4b7e912d3e04ea68efd23e554ec9c8efa2c96f5b45104fc61@%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r39fa6ec4b7e912d3e04ea68efd23e554ec9c8efa2c96f5b45104fc61@%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3f0450dcab7e63b5f233ccfbc6fca5f1867a75c8aa2493ea82732381@%3Cdev.jena.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3f0450dcab7e63b5f233ccfbc6fca5f1867a75c8aa2493ea82732381@%3Cdev.jena.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r4e1619cfefcd031fac62064a3858f5c9229eef907bd5d8ef14c594fc@%3Cissues.karaf.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r4e1619cfefcd031fac62064a3858f5c9229eef907bd5d8ef14c594fc@%3Cissues.karaf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r52c6cda14dc6315dc79e72d30109f4589e9c6300ef6dc1a019da32d4@%3Cissues.karaf.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r52c6cda14dc6315dc79e72d30109f4589e9c6300ef6dc1a019da32d4@%3Cissues.karaf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r53cd5de57aaa126038c5301d8f518f3defab3c5b1c7e17c97bad08d8@%3Cissues.karaf.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r53cd5de57aaa126038c5301d8f518f3defab3c5b1c7e17c97bad08d8@%3Cissues.karaf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5ae6aaa8a2ce86145225c3516bb45d315c0454e3765d651527e5df8a@%3Ccommits.kafka.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r5ae6aaa8a2ce86145225c3516bb45d315c0454e3765d651527e5df8a@%3Ccommits.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r71bc13669be84c2ff45b74a67929bc2da905c152e12a39b406e3c2a0@%3Cissues.karaf.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r71bc13669be84c2ff45b74a67929bc2da905c152e12a39b406e3c2a0@%3Cissues.karaf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r7212b874e575e59d648980d91bc22e684906aee9b211ab92da9591f5@%3Cdev.kafka.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r7212b874e575e59d648980d91bc22e684906aee9b211ab92da9591f5@%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r74329c671df713f61ae4620ee2452a0443ccad7f33c60e8ed7d21ff9@%3Cissues.karaf.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r74329c671df713f61ae4620ee2452a0443ccad7f33c60e8ed7d21ff9@%3Cissues.karaf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r77af3ac7c3bfbd5454546e13faf7aec21d627bdcf36c9ca240436b94@%3Cissues.karaf.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r77af3ac7c3bfbd5454546e13faf7aec21d627bdcf36c9ca240436b94@%3Cissues.karaf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r78fb6d2cf0ca332cfa43abd4471e75fa6c517ed9cdfcb950bff48d40@%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r78fb6d2cf0ca332cfa43abd4471e75fa6c517ed9cdfcb950bff48d40@%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r86aebd0387ae19b740b3eb28bad83fe6aceca0d6257eaa810a6e0002@%3Ccommits.kafka.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r86aebd0387ae19b740b3eb28bad83fe6aceca0d6257eaa810a6e0002@%3Ccommits.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r86e1c81e03f441855f127980e9b3d41939d04a7caea2b7ab718e2288@%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r86e1c81e03f441855f127980e9b3d41939d04a7caea2b7ab718e2288@%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r96cc126d3ee9aa42af9d3bb4baa94828b0a5f656584a50dcc594125f@%3Cissues.karaf.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r96cc126d3ee9aa42af9d3bb4baa94828b0a5f656584a50dcc594125f@%3Cissues.karaf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9a027668558264c4897633e66bcb7784099fdec9f9b22c38c2442f00@%3Cusers.maven.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9a027668558264c4897633e66bcb7784099fdec9f9b22c38c2442f00@%3Cusers.maven.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9a027668558264c4897633e66bcb7784099fdec9f9b22c38c2442f00%40%3Cusers.maven.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9a027668558264c4897633e66bcb7784099fdec9f9b22c38c2442f00%40%3Cusers.maven.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra88a0eba7f84658cefcecc0143fd8bbad52c229ee5dfcbfdde7b6457@%3Cdev.jena.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra88a0eba7f84658cefcecc0143fd8bbad52c229ee5dfcbfdde7b6457@%3Cdev.jena.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra9d984eccfd2ae7726671e025f0296bf03786e5cdf872138110ac29b@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra9d984eccfd2ae7726671e025f0296bf03786e5cdf872138110ac29b@%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rc7ae2530063d1cd1cf8e9fa130d10940760f927168d4063d23b8cd0a@%3Ccommits.kafka.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rc7ae2530063d1cd1cf8e9fa130d10940760f927168d4063d23b8cd0a@%3Ccommits.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rc9e441c1576bdc4375d32526d5cf457226928e9c87b9f54ded26271c@%3Cissues.karaf.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rc9e441c1576bdc4375d32526d5cf457226928e9c87b9f54ded26271c@%3Cissues.karaf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rcd37d9214b08067a2e8f2b5b4fd123a1f8cb6008698d11ef44028c21@%3Cissues.karaf.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rcd37d9214b08067a2e8f2b5b4fd123a1f8cb6008698d11ef44028c21@%3Cissues.karaf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rcd6c3a36f1dbc130da1b89d0f320db7040de71661a512695a8d513ac@%3Cdev.kafka.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rcd6c3a36f1dbc130da1b89d0f320db7040de71661a512695a8d513ac@%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rdcbad6d8ce72c79827ed8c635f9a62dd919bb21c94a0b64cab2efc31@%3Cissues.karaf.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rdcbad6d8ce72c79827ed8c635f9a62dd919bb21c94a0b64cab2efc31@%3Cissues.karaf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/re75f8b3dbc5faa1640908f87e644d373e00f8b4e6ba3e2ba4bd2c80b@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/re75f8b3dbc5faa1640908f87e644d373e00f8b4e6ba3e2ba4bd2c80b@%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/red3bf6cbfd99e36b0c0a4fa1cea1eef1eb300c6bd8f372f497341265@%3Cdev.kafka.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/red3bf6cbfd99e36b0c0a4fa1cea1eef1eb300c6bd8f372f497341265@%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf9abfc0223747a56694825c050cc6b66627a293a32ea926b3de22402@%3Cissues.karaf.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf9abfc0223747a56694825c050cc6b66627a293a32ea926b3de22402@%3Cissues.karaf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfc0db1f3c375087e69a239f9284ded72d04fbb55849eadde58fa9dc2@%3Cissues.karaf.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfc0db1f3c375087e69a239f9284ded72d04fbb55849eadde58fa9dc2@%3Cissues.karaf.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594@%3Cdev.myfaces.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594@%3Cdev.myfaces.apache.org%3E

reference_url

https://maven.apache.org/docs/3.8.1/release-notes.html

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://maven.apache.org/docs/3.8.1/release-notes.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-26291

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-26291

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url

https://www.whitesourcesoftware.com/resources/blog/maven-security-vulnerability-cve-2021-26291

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.whitesourcesoftware.com/resources/blog/maven-security-vulnerability-cve-2021-26291

reference_url	https://www.whitesourcesoftware.com/resources/blog/maven-security-vulnerability-cve-2021-26291/
reference_id
reference_type
scores
url	https://www.whitesourcesoftware.com/resources/blog/maven-security-vulnerability-cve-2021-26291/

reference_url

http://www.openwall.com/lists/oss-security/2021/04/23/5

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2021/04/23/5

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1955739
reference_id	1955739
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1955739

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988155
reference_id	988155
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988155

reference_url

https://security.archlinux.org/AVG-1863

reference_id

AVG-1863

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1863

reference_url

https://github.com/advisories/GHSA-2f88-5hg8-9x2x

reference_id

GHSA-2f88-5hg8-9x2x

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-2f88-5hg8-9x2x

reference_url	https://access.redhat.com/errata/RHSA-2021:3880
reference_id	RHSA-2021:3880
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3880

reference_url	https://access.redhat.com/errata/RHSA-2022:1013
reference_id	RHSA-2022:1013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1013

reference_url	https://access.redhat.com/errata/RHSA-2022:1029
reference_id	RHSA-2022:1029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1029

reference_url	https://access.redhat.com/errata/RHSA-2023:1334
reference_id	RHSA-2023:1334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1334

reference_url	https://access.redhat.com/errata/RHSA-2023:3198
reference_id	RHSA-2023:3198
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3198

reference_url	https://access.redhat.com/errata/RHSA-2024:0776
reference_id	RHSA-2024:0776
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0776

reference_url	https://access.redhat.com/errata/RHSA-2024:0778
reference_id	RHSA-2024:0778
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0778

reference_url	https://usn.ubuntu.com/5805-1/
reference_id	USN-5805-1
reference_type
scores
url	https://usn.ubuntu.com/5805-1/

reference_url	https://usn.ubuntu.com/USN-5245-1/
reference_id	USN-USN-5245-1
reference_type
scores
url	https://usn.ubuntu.com/USN-5245-1/

fixed_packages

aliases

CVE-2021-26291, GHSA-2f88-5hg8-9x2x

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-m3g5-ua28-afd2

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka@2.8.0

Package Instance