Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/36316?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36316?format=api", "vulnerability_id": "VCID-ec58-s3nd-7yaz", "summary": "Deserialization of untrusted data in jackson-databind\nA flaw was found in jackson-databind before 2.9.10.7 and 2.6.7.5. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "aliases": [ { "alias": "CVE-2021-20190" }, { "alias": "GHSA-5949-rw7g-wx7w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/925807?format=api", "purl": "pkg:deb/debian/jackson-databind@2.12.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.12.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/925795?format=api", "purl": "pkg:deb/debian/jackson-databind@2.12.1-1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cup-9gdn-yyhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.12.1-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049531?format=api", "purl": "pkg:deb/debian/jackson-databind@2.12.1-1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cup-9gdn-yyhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.12.1-1%252Bdeb11u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/925793?format=api", "purl": "pkg:deb/debian/jackson-databind@2.14.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.14.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/925796?format=api", "purl": "pkg:deb/debian/jackson-databind@2.14.0%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.14.0%252Bds-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/42026?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16af-yv1z-xufy" }, { "vulnerability": "VCID-5r6v-ej7d-ubgv" }, { "vulnerability": "VCID-6zee-aqcc-vfbp" }, { "vulnerability": "VCID-8h7y-y4pv-cyd3" }, { "vulnerability": "VCID-8jw8-6tev-aqgm" }, { "vulnerability": "VCID-8tmq-zbmb-m7h4" }, { "vulnerability": "VCID-96pq-m4f3-zbad" }, { "vulnerability": "VCID-9h46-72hw-bkcr" }, { "vulnerability": "VCID-avut-gmwd-jqfp" }, { "vulnerability": "VCID-bypv-wfhs-sbe4" }, { "vulnerability": "VCID-ceub-d4s9-dkcd" }, { "vulnerability": "VCID-cytp-mr4h-g3ds" }, { "vulnerability": "VCID-hwnx-vf4v-f3db" }, { "vulnerability": "VCID-jcgb-bewy-4kff" }, { "vulnerability": "VCID-jx9y-fyfm-bqdr" }, { "vulnerability": "VCID-svkb-adja-qfef" }, { "vulnerability": "VCID-swqd-uk56-wkat" }, { "vulnerability": "VCID-tm7y-tnx3-43dq" }, { "vulnerability": "VCID-ukwd-7rkh-sfhj" }, { "vulnerability": "VCID-unwq-s63h-uuaw" }, { "vulnerability": "VCID-v2pq-1qhm-4qb9" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-wds4-urpb-euby" }, { "vulnerability": "VCID-x6g1-qw1v-jbas" }, { "vulnerability": "VCID-ypbt-p34k-hfbc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9h46-72hw-bkcr" }, { "vulnerability": "VCID-cytp-mr4h-g3ds" }, { "vulnerability": "VCID-jcgb-bewy-4kff" }, { "vulnerability": "VCID-swqd-uk56-wkat" }, { "vulnerability": "VCID-u87p-2xgz-e3fj" }, { "vulnerability": "VCID-ukwd-7rkh-sfhj" }, { "vulnerability": "VCID-v2pq-1qhm-4qb9" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-wds4-urpb-euby" }, { "vulnerability": "VCID-ypbt-p34k-hfbc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/224800?format=api", "purl": "pkg:maven/org.apache.nifi/nifi@1.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3eka-p4cs-f3dz" }, { "vulnerability": "VCID-4uja-72yx-6qdc" }, { "vulnerability": "VCID-bpqd-tx8f-kycf" }, { "vulnerability": "VCID-g74u-zmqj-gyb7" }, { "vulnerability": "VCID-hy35-v2p5-2ycq" }, { "vulnerability": "VCID-rn4r-36ab-sfey" }, { "vulnerability": "VCID-rv8f-q4a4-xqbk" }, { "vulnerability": "VCID-uuju-ey95-tyfq" }, { "vulnerability": "VCID-xhjy-xmhq-abh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.13.0" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035607?format=api", "purl": "pkg:deb/debian/jackson-databind@2.4.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16af-yv1z-xufy" }, { "vulnerability": "VCID-2qzn-mkhg-1qh3" }, { "vulnerability": "VCID-2x39-rsxh-rkgw" }, { "vulnerability": "VCID-3qjf-azsa-fbek" }, { "vulnerability": "VCID-3wa1-khqf-x7fv" }, { "vulnerability": "VCID-4an1-3hs5-3yd6" }, { "vulnerability": "VCID-4vx2-s262-ckbp" }, { "vulnerability": "VCID-56sb-829v-6qbz" }, { "vulnerability": "VCID-5qfd-jjh1-d3fx" }, { "vulnerability": "VCID-5r6v-ej7d-ubgv" }, { "vulnerability": "VCID-5te6-415m-c7df" }, { "vulnerability": "VCID-6xn4-4gfc-tbgj" }, { "vulnerability": "VCID-6zee-aqcc-vfbp" }, { "vulnerability": "VCID-75mz-c1ds-vqed" }, { "vulnerability": "VCID-7qga-wsz6-kqcn" }, { "vulnerability": "VCID-8h7y-y4pv-cyd3" }, { "vulnerability": "VCID-8ns6-kacn-dkeg" }, { "vulnerability": "VCID-8tmq-zbmb-m7h4" }, { "vulnerability": "VCID-96pq-m4f3-zbad" }, { "vulnerability": "VCID-9h46-72hw-bkcr" }, { "vulnerability": "VCID-9qdt-7p83-4yd8" }, { "vulnerability": "VCID-9wej-f7zx-pfeq" }, { "vulnerability": "VCID-a5sk-5grx-eyaf" }, { "vulnerability": "VCID-avut-gmwd-jqfp" }, { "vulnerability": "VCID-bc2x-rwrd-tya6" }, { "vulnerability": "VCID-bydt-bkf4-rbh2" }, { "vulnerability": "VCID-bypv-wfhs-sbe4" }, { "vulnerability": "VCID-ceub-d4s9-dkcd" }, { "vulnerability": "VCID-cytp-mr4h-g3ds" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-fafy-ugq3-cfbn" }, { "vulnerability": "VCID-g6up-yqg8-nbep" }, { "vulnerability": "VCID-g8gt-d7gz-13e6" }, { "vulnerability": "VCID-gtzx-y5f1-vye3" }, { "vulnerability": "VCID-hwnx-vf4v-f3db" }, { "vulnerability": "VCID-jcgb-bewy-4kff" }, { "vulnerability": "VCID-jvp6-892x-nkc7" }, { "vulnerability": "VCID-jx9y-fyfm-bqdr" }, { "vulnerability": "VCID-m7jp-7n22-4qg8" }, { "vulnerability": "VCID-pnt3-1ssq-tqau" }, { "vulnerability": "VCID-ruae-hqdg-m7ek" }, { "vulnerability": "VCID-svkb-adja-qfef" }, { "vulnerability": "VCID-sw29-epz3-g7ep" }, { "vulnerability": "VCID-swqd-uk56-wkat" }, { "vulnerability": "VCID-tkej-jh51-s7g5" }, { "vulnerability": "VCID-tm7y-tnx3-43dq" }, { "vulnerability": "VCID-twvp-wxff-zka2" }, { "vulnerability": "VCID-u87p-2xgz-e3fj" }, { "vulnerability": "VCID-uhnv-3cny-qkgx" }, { "vulnerability": "VCID-ukwd-7rkh-sfhj" }, { "vulnerability": "VCID-unwq-s63h-uuaw" }, { "vulnerability": "VCID-uygc-h93v-vuh8" }, { "vulnerability": "VCID-v2pq-1qhm-4qb9" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-v84e-sf92-dqa1" }, { "vulnerability": "VCID-w51e-ntqd-8bbg" }, { "vulnerability": "VCID-wdgx-34uc-2qa4" }, { "vulnerability": "VCID-wds4-urpb-euby" }, { "vulnerability": "VCID-wg36-q48g-mkds" }, { "vulnerability": "VCID-x4fr-ena4-47fe" }, { "vulnerability": "VCID-x6g1-qw1v-jbas" }, { "vulnerability": "VCID-x8c2-2u1w-yyfn" }, { "vulnerability": "VCID-xnyb-nuwm-pkdr" }, { "vulnerability": "VCID-ygs8-4gxq-kygq" }, { "vulnerability": "VCID-yp37-9z2d-akaj" }, { "vulnerability": "VCID-ypbt-p34k-hfbc" }, { "vulnerability": "VCID-zdwv-ycey-myfc" }, { "vulnerability": "VCID-ze79-6kcg-nfcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.4.2-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035608?format=api", "purl": "pkg:deb/debian/jackson-databind@2.4.2-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16af-yv1z-xufy" }, { "vulnerability": "VCID-2qzn-mkhg-1qh3" }, { "vulnerability": "VCID-2x39-rsxh-rkgw" }, { "vulnerability": "VCID-3qjf-azsa-fbek" }, { "vulnerability": "VCID-3wa1-khqf-x7fv" }, { "vulnerability": "VCID-4an1-3hs5-3yd6" }, { "vulnerability": "VCID-4vx2-s262-ckbp" }, { "vulnerability": "VCID-56sb-829v-6qbz" }, { "vulnerability": "VCID-5qfd-jjh1-d3fx" }, { "vulnerability": "VCID-5r6v-ej7d-ubgv" }, { "vulnerability": "VCID-5te6-415m-c7df" }, { "vulnerability": "VCID-6xn4-4gfc-tbgj" }, { "vulnerability": "VCID-6zee-aqcc-vfbp" }, { "vulnerability": "VCID-75mz-c1ds-vqed" }, { "vulnerability": "VCID-7qga-wsz6-kqcn" }, { "vulnerability": "VCID-8h7y-y4pv-cyd3" }, { "vulnerability": "VCID-8ns6-kacn-dkeg" }, { "vulnerability": "VCID-8tmq-zbmb-m7h4" }, { "vulnerability": "VCID-96pq-m4f3-zbad" }, { "vulnerability": "VCID-9h46-72hw-bkcr" }, { "vulnerability": "VCID-9qdt-7p83-4yd8" }, { "vulnerability": "VCID-9wej-f7zx-pfeq" }, { "vulnerability": "VCID-a5sk-5grx-eyaf" }, { "vulnerability": "VCID-avut-gmwd-jqfp" }, { "vulnerability": "VCID-bc2x-rwrd-tya6" }, { "vulnerability": "VCID-bydt-bkf4-rbh2" }, { "vulnerability": "VCID-bypv-wfhs-sbe4" }, { "vulnerability": "VCID-ceub-d4s9-dkcd" }, { "vulnerability": "VCID-cytp-mr4h-g3ds" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-fafy-ugq3-cfbn" }, { "vulnerability": "VCID-g6up-yqg8-nbep" }, { "vulnerability": "VCID-g8gt-d7gz-13e6" }, { "vulnerability": "VCID-gtzx-y5f1-vye3" }, { "vulnerability": "VCID-hwnx-vf4v-f3db" }, { "vulnerability": "VCID-jcgb-bewy-4kff" }, { "vulnerability": "VCID-jvp6-892x-nkc7" }, { "vulnerability": "VCID-jx9y-fyfm-bqdr" }, { "vulnerability": "VCID-m7jp-7n22-4qg8" }, { "vulnerability": "VCID-pnt3-1ssq-tqau" }, { "vulnerability": "VCID-ruae-hqdg-m7ek" }, { "vulnerability": "VCID-svkb-adja-qfef" }, { "vulnerability": "VCID-sw29-epz3-g7ep" }, { "vulnerability": "VCID-swqd-uk56-wkat" }, { "vulnerability": "VCID-tkej-jh51-s7g5" }, { "vulnerability": "VCID-tm7y-tnx3-43dq" }, { "vulnerability": "VCID-twvp-wxff-zka2" }, { "vulnerability": "VCID-u87p-2xgz-e3fj" }, { "vulnerability": "VCID-uhnv-3cny-qkgx" }, { "vulnerability": "VCID-ukwd-7rkh-sfhj" }, { "vulnerability": "VCID-unwq-s63h-uuaw" }, { "vulnerability": "VCID-uygc-h93v-vuh8" }, { "vulnerability": "VCID-v2pq-1qhm-4qb9" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-v84e-sf92-dqa1" }, { "vulnerability": "VCID-w51e-ntqd-8bbg" }, { "vulnerability": "VCID-wdgx-34uc-2qa4" }, { "vulnerability": "VCID-wds4-urpb-euby" }, { "vulnerability": "VCID-wg36-q48g-mkds" }, { "vulnerability": "VCID-x4fr-ena4-47fe" }, { "vulnerability": "VCID-x6g1-qw1v-jbas" }, { "vulnerability": "VCID-x8c2-2u1w-yyfn" }, { "vulnerability": "VCID-xnyb-nuwm-pkdr" }, { "vulnerability": "VCID-ygs8-4gxq-kygq" }, { "vulnerability": "VCID-yp37-9z2d-akaj" }, { "vulnerability": "VCID-ypbt-p34k-hfbc" }, { "vulnerability": "VCID-zdwv-ycey-myfc" }, { "vulnerability": "VCID-ze79-6kcg-nfcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.4.2-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036870?format=api", "purl": "pkg:deb/debian/jackson-databind@2.8.6-1%2Bdeb9u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16af-yv1z-xufy" }, { "vulnerability": "VCID-2qzn-mkhg-1qh3" }, { "vulnerability": "VCID-2x39-rsxh-rkgw" }, { "vulnerability": "VCID-3qjf-azsa-fbek" }, { "vulnerability": "VCID-3wa1-khqf-x7fv" }, { "vulnerability": "VCID-4an1-3hs5-3yd6" }, { "vulnerability": "VCID-4vx2-s262-ckbp" }, { "vulnerability": "VCID-56sb-829v-6qbz" }, { "vulnerability": "VCID-5qfd-jjh1-d3fx" }, { "vulnerability": "VCID-5r6v-ej7d-ubgv" }, { "vulnerability": "VCID-5te6-415m-c7df" }, { "vulnerability": "VCID-6xn4-4gfc-tbgj" }, { "vulnerability": "VCID-6zee-aqcc-vfbp" }, { "vulnerability": "VCID-75mz-c1ds-vqed" }, { "vulnerability": "VCID-7qga-wsz6-kqcn" }, { "vulnerability": "VCID-8h7y-y4pv-cyd3" }, { "vulnerability": "VCID-8ns6-kacn-dkeg" }, { "vulnerability": "VCID-8tmq-zbmb-m7h4" }, { "vulnerability": "VCID-96pq-m4f3-zbad" }, { "vulnerability": "VCID-9h46-72hw-bkcr" }, { "vulnerability": "VCID-9qdt-7p83-4yd8" }, { "vulnerability": "VCID-9wej-f7zx-pfeq" }, { "vulnerability": "VCID-a5sk-5grx-eyaf" }, { "vulnerability": "VCID-avut-gmwd-jqfp" }, { "vulnerability": "VCID-bc2x-rwrd-tya6" }, { "vulnerability": "VCID-bydt-bkf4-rbh2" }, { "vulnerability": "VCID-bypv-wfhs-sbe4" }, { "vulnerability": "VCID-ceub-d4s9-dkcd" }, { "vulnerability": "VCID-cytp-mr4h-g3ds" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-fafy-ugq3-cfbn" }, { "vulnerability": "VCID-g6up-yqg8-nbep" }, { "vulnerability": "VCID-g8gt-d7gz-13e6" }, { "vulnerability": "VCID-gtzx-y5f1-vye3" }, { "vulnerability": "VCID-hwnx-vf4v-f3db" }, { "vulnerability": "VCID-jcgb-bewy-4kff" }, { "vulnerability": "VCID-jvp6-892x-nkc7" }, { "vulnerability": "VCID-jx9y-fyfm-bqdr" }, { "vulnerability": "VCID-m7jp-7n22-4qg8" }, { "vulnerability": "VCID-pnt3-1ssq-tqau" }, { "vulnerability": "VCID-ruae-hqdg-m7ek" }, { "vulnerability": "VCID-svkb-adja-qfef" }, { "vulnerability": "VCID-sw29-epz3-g7ep" }, { "vulnerability": "VCID-swqd-uk56-wkat" }, { "vulnerability": "VCID-tkej-jh51-s7g5" }, { "vulnerability": "VCID-tm7y-tnx3-43dq" }, { "vulnerability": "VCID-twvp-wxff-zka2" }, { "vulnerability": "VCID-u87p-2xgz-e3fj" }, { "vulnerability": "VCID-uhnv-3cny-qkgx" }, { "vulnerability": "VCID-ukwd-7rkh-sfhj" }, { "vulnerability": "VCID-unwq-s63h-uuaw" }, { "vulnerability": "VCID-uygc-h93v-vuh8" }, { "vulnerability": "VCID-v2pq-1qhm-4qb9" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-v84e-sf92-dqa1" }, { "vulnerability": "VCID-w51e-ntqd-8bbg" }, { "vulnerability": "VCID-wdgx-34uc-2qa4" }, { "vulnerability": "VCID-wds4-urpb-euby" }, { "vulnerability": "VCID-wg36-q48g-mkds" }, { "vulnerability": "VCID-x4fr-ena4-47fe" }, { "vulnerability": "VCID-x6g1-qw1v-jbas" }, { "vulnerability": "VCID-x8c2-2u1w-yyfn" }, { "vulnerability": "VCID-xnyb-nuwm-pkdr" }, { "vulnerability": "VCID-ygs8-4gxq-kygq" }, { "vulnerability": "VCID-yp37-9z2d-akaj" }, { "vulnerability": "VCID-ypbt-p34k-hfbc" }, { "vulnerability": "VCID-zdwv-ycey-myfc" }, { "vulnerability": "VCID-ze79-6kcg-nfcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.8.6-1%252Bdeb9u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037832?format=api", "purl": "pkg:deb/debian/jackson-databind@2.9.8-3%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16af-yv1z-xufy" }, { "vulnerability": "VCID-2qzn-mkhg-1qh3" }, { "vulnerability": "VCID-3qjf-azsa-fbek" }, { "vulnerability": "VCID-3wa1-khqf-x7fv" }, { "vulnerability": "VCID-4an1-3hs5-3yd6" }, { "vulnerability": "VCID-4vx2-s262-ckbp" }, { "vulnerability": "VCID-5qfd-jjh1-d3fx" }, { "vulnerability": "VCID-5te6-415m-c7df" }, { "vulnerability": "VCID-6xn4-4gfc-tbgj" }, { "vulnerability": "VCID-7qga-wsz6-kqcn" }, { "vulnerability": "VCID-8h7y-y4pv-cyd3" }, { "vulnerability": "VCID-8ns6-kacn-dkeg" }, { "vulnerability": "VCID-8tmq-zbmb-m7h4" }, { "vulnerability": "VCID-96pq-m4f3-zbad" }, { "vulnerability": "VCID-9h46-72hw-bkcr" }, { "vulnerability": "VCID-9qdt-7p83-4yd8" }, { "vulnerability": "VCID-a5sk-5grx-eyaf" }, { "vulnerability": "VCID-avut-gmwd-jqfp" }, { "vulnerability": "VCID-bydt-bkf4-rbh2" }, { "vulnerability": "VCID-bypv-wfhs-sbe4" }, { "vulnerability": "VCID-cytp-mr4h-g3ds" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-gtzx-y5f1-vye3" }, { "vulnerability": "VCID-hwnx-vf4v-f3db" }, { "vulnerability": "VCID-jcgb-bewy-4kff" }, { "vulnerability": "VCID-jvp6-892x-nkc7" }, { "vulnerability": "VCID-jx9y-fyfm-bqdr" }, { "vulnerability": "VCID-pnt3-1ssq-tqau" }, { "vulnerability": "VCID-ruae-hqdg-m7ek" }, { "vulnerability": "VCID-svkb-adja-qfef" }, { "vulnerability": "VCID-swqd-uk56-wkat" }, { "vulnerability": "VCID-tkej-jh51-s7g5" }, { "vulnerability": "VCID-tm7y-tnx3-43dq" }, { "vulnerability": "VCID-twvp-wxff-zka2" }, { "vulnerability": "VCID-u87p-2xgz-e3fj" }, { "vulnerability": "VCID-uhnv-3cny-qkgx" }, { "vulnerability": "VCID-ukwd-7rkh-sfhj" }, { "vulnerability": "VCID-uygc-h93v-vuh8" }, { "vulnerability": "VCID-v2pq-1qhm-4qb9" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-w51e-ntqd-8bbg" }, { "vulnerability": "VCID-wdgx-34uc-2qa4" }, { "vulnerability": "VCID-wds4-urpb-euby" }, { "vulnerability": "VCID-wg36-q48g-mkds" }, { "vulnerability": "VCID-x4fr-ena4-47fe" }, { "vulnerability": "VCID-x8c2-2u1w-yyfn" }, { "vulnerability": "VCID-xnyb-nuwm-pkdr" }, { "vulnerability": "VCID-yp37-9z2d-akaj" }, { "vulnerability": "VCID-ypbt-p34k-hfbc" }, { "vulnerability": "VCID-ze79-6kcg-nfcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.9.8-3%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/26374?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16af-yv1z-xufy" }, { "vulnerability": "VCID-2ev8-r6cx-a3an" }, { "vulnerability": "VCID-2x39-rsxh-rkgw" }, { "vulnerability": "VCID-4vx2-s262-ckbp" }, { "vulnerability": "VCID-56sb-829v-6qbz" }, { "vulnerability": "VCID-5qfd-jjh1-d3fx" }, { "vulnerability": "VCID-5r6v-ej7d-ubgv" }, { "vulnerability": "VCID-5te6-415m-c7df" }, { "vulnerability": "VCID-6xn4-4gfc-tbgj" }, { "vulnerability": "VCID-6zee-aqcc-vfbp" }, { "vulnerability": "VCID-75mz-c1ds-vqed" }, { "vulnerability": "VCID-7qga-wsz6-kqcn" }, { "vulnerability": "VCID-8h7y-y4pv-cyd3" }, { "vulnerability": "VCID-8jw8-6tev-aqgm" }, { "vulnerability": "VCID-8ns6-kacn-dkeg" }, { "vulnerability": "VCID-8tmq-zbmb-m7h4" }, { "vulnerability": "VCID-96pq-m4f3-zbad" }, { "vulnerability": "VCID-9h46-72hw-bkcr" }, { "vulnerability": "VCID-9qdt-7p83-4yd8" }, { "vulnerability": "VCID-9wej-f7zx-pfeq" }, { "vulnerability": "VCID-avut-gmwd-jqfp" }, { "vulnerability": "VCID-bydt-bkf4-rbh2" }, { "vulnerability": "VCID-bypv-wfhs-sbe4" }, { "vulnerability": "VCID-ceub-d4s9-dkcd" }, { "vulnerability": "VCID-cytp-mr4h-g3ds" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-fafy-ugq3-cfbn" }, { "vulnerability": "VCID-g6up-yqg8-nbep" }, { "vulnerability": "VCID-g8gt-d7gz-13e6" }, { "vulnerability": "VCID-gtzx-y5f1-vye3" }, { "vulnerability": "VCID-hwnx-vf4v-f3db" }, { "vulnerability": "VCID-jcgb-bewy-4kff" }, { "vulnerability": "VCID-jx9y-fyfm-bqdr" }, { "vulnerability": "VCID-m7jp-7n22-4qg8" }, { "vulnerability": "VCID-svkb-adja-qfef" }, { "vulnerability": "VCID-sw29-epz3-g7ep" }, { "vulnerability": "VCID-swqd-uk56-wkat" }, { "vulnerability": "VCID-tm7y-tnx3-43dq" }, { "vulnerability": "VCID-u87p-2xgz-e3fj" }, { "vulnerability": "VCID-uhnv-3cny-qkgx" }, { "vulnerability": "VCID-ukwd-7rkh-sfhj" }, { "vulnerability": "VCID-unwq-s63h-uuaw" }, { "vulnerability": "VCID-v2pq-1qhm-4qb9" }, { "vulnerability": "VCID-v6ek-y7cn-kycd" }, { "vulnerability": "VCID-v84e-sf92-dqa1" }, { "vulnerability": "VCID-wds4-urpb-euby" }, { "vulnerability": "VCID-x6g1-qw1v-jbas" }, { "vulnerability": "VCID-x8c2-2u1w-yyfn" }, { "vulnerability": "VCID-xnyb-nuwm-pkdr" }, { "vulnerability": "VCID-ygs8-4gxq-kygq" }, { "vulnerability": "VCID-yp37-9z2d-akaj" }, { "vulnerability": "VCID-ypbt-p34k-hfbc" }, { "vulnerability": "VCID-zdwv-ycey-myfc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/34100?format=api", "purl": "pkg:maven/org.apache.nifi/nifi@1.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2dsr-hras-zudk" }, { "vulnerability": "VCID-2ema-4jrp-3kfr" }, { "vulnerability": "VCID-3eka-p4cs-f3dz" }, { "vulnerability": "VCID-4v3d-ugqf-uyag" }, { "vulnerability": "VCID-6mt2-4tn4-5bcb" }, { "vulnerability": "VCID-bppj-knks-jybe" }, { "vulnerability": "VCID-bpqd-tx8f-kycf" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-g74u-zmqj-gyb7" }, { "vulnerability": "VCID-gqjq-sbf1-x7ew" }, { "vulnerability": "VCID-hy35-v2p5-2ycq" }, { "vulnerability": "VCID-rn4r-36ab-sfey" }, { "vulnerability": "VCID-rv8f-q4a4-xqbk" }, { "vulnerability": "VCID-yrgr-3cv3-b3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/34093?format=api", "purl": "pkg:maven/org.apache.nifi/nifi@1.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2dsr-hras-zudk" }, { "vulnerability": "VCID-2ema-4jrp-3kfr" }, { "vulnerability": "VCID-3eka-p4cs-f3dz" }, { "vulnerability": "VCID-4v3d-ugqf-uyag" }, { "vulnerability": "VCID-6mt2-4tn4-5bcb" }, { "vulnerability": "VCID-bppj-knks-jybe" }, { "vulnerability": "VCID-bpqd-tx8f-kycf" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-g74u-zmqj-gyb7" }, { "vulnerability": "VCID-gqjq-sbf1-x7ew" }, { "vulnerability": "VCID-hy35-v2p5-2ycq" }, { "vulnerability": "VCID-rn4r-36ab-sfey" }, { "vulnerability": "VCID-rv8f-q4a4-xqbk" }, { "vulnerability": "VCID-yrgr-3cv3-b3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.7.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/34094?format=api", "purl": "pkg:maven/org.apache.nifi/nifi@1.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ema-4jrp-3kfr" }, { "vulnerability": "VCID-3eka-p4cs-f3dz" }, { "vulnerability": "VCID-4uja-72yx-6qdc" }, { "vulnerability": "VCID-4v3d-ugqf-uyag" }, { "vulnerability": "VCID-bppj-knks-jybe" }, { "vulnerability": "VCID-bpqd-tx8f-kycf" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-g74u-zmqj-gyb7" }, { "vulnerability": "VCID-gqjq-sbf1-x7ew" }, { "vulnerability": "VCID-hy35-v2p5-2ycq" }, { "vulnerability": "VCID-rn4r-36ab-sfey" }, { "vulnerability": "VCID-rv8f-q4a4-xqbk" }, { "vulnerability": "VCID-yrgr-3cv3-b3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/196691?format=api", "purl": "pkg:maven/org.apache.nifi/nifi@1.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ema-4jrp-3kfr" }, { "vulnerability": "VCID-3eka-p4cs-f3dz" }, { "vulnerability": "VCID-4uja-72yx-6qdc" }, { "vulnerability": "VCID-4v3d-ugqf-uyag" }, { "vulnerability": "VCID-bppj-knks-jybe" }, { "vulnerability": "VCID-bpqd-tx8f-kycf" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-g74u-zmqj-gyb7" }, { "vulnerability": "VCID-gqjq-sbf1-x7ew" }, { "vulnerability": "VCID-hy35-v2p5-2ycq" }, { "vulnerability": "VCID-rn4r-36ab-sfey" }, { "vulnerability": "VCID-rv8f-q4a4-xqbk" }, { "vulnerability": "VCID-yrgr-3cv3-b3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/196692?format=api", "purl": "pkg:maven/org.apache.nifi/nifi@1.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ema-4jrp-3kfr" }, { "vulnerability": "VCID-3eka-p4cs-f3dz" }, { "vulnerability": "VCID-4uja-72yx-6qdc" }, { "vulnerability": "VCID-4v3d-ugqf-uyag" }, { "vulnerability": "VCID-bppj-knks-jybe" }, { "vulnerability": "VCID-bpqd-tx8f-kycf" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-g74u-zmqj-gyb7" }, { "vulnerability": "VCID-gqjq-sbf1-x7ew" }, { "vulnerability": "VCID-hy35-v2p5-2ycq" }, { "vulnerability": "VCID-rn4r-36ab-sfey" }, { "vulnerability": "VCID-rv8f-q4a4-xqbk" }, { "vulnerability": "VCID-yrgr-3cv3-b3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/196693?format=api", "purl": "pkg:maven/org.apache.nifi/nifi@1.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ema-4jrp-3kfr" }, { "vulnerability": "VCID-3eka-p4cs-f3dz" }, { "vulnerability": "VCID-4uja-72yx-6qdc" }, { "vulnerability": "VCID-4v3d-ugqf-uyag" }, { "vulnerability": "VCID-bppj-knks-jybe" }, { "vulnerability": "VCID-bpqd-tx8f-kycf" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-g74u-zmqj-gyb7" }, { "vulnerability": "VCID-gqjq-sbf1-x7ew" }, { "vulnerability": "VCID-hy35-v2p5-2ycq" }, { "vulnerability": "VCID-rn4r-36ab-sfey" }, { "vulnerability": "VCID-rv8f-q4a4-xqbk" }, { "vulnerability": "VCID-yrgr-3cv3-b3ff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.9.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/78830?format=api", "purl": "pkg:maven/org.apache.nifi/nifi@1.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ema-4jrp-3kfr" }, { "vulnerability": "VCID-3eka-p4cs-f3dz" }, { "vulnerability": "VCID-4uja-72yx-6qdc" }, { "vulnerability": "VCID-bppj-knks-jybe" }, { "vulnerability": "VCID-bpqd-tx8f-kycf" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-g74u-zmqj-gyb7" }, { "vulnerability": "VCID-gqjq-sbf1-x7ew" }, { "vulnerability": "VCID-hy35-v2p5-2ycq" }, { "vulnerability": "VCID-rn4r-36ab-sfey" }, { "vulnerability": "VCID-rv8f-q4a4-xqbk" }, { "vulnerability": "VCID-xhjy-xmhq-abh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/80194?format=api", "purl": "pkg:maven/org.apache.nifi/nifi@1.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ema-4jrp-3kfr" }, { "vulnerability": "VCID-3eka-p4cs-f3dz" }, { "vulnerability": "VCID-4uja-72yx-6qdc" }, { "vulnerability": "VCID-bppj-knks-jybe" }, { "vulnerability": "VCID-bpqd-tx8f-kycf" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-g74u-zmqj-gyb7" }, { "vulnerability": "VCID-hy35-v2p5-2ycq" }, { "vulnerability": "VCID-rn4r-36ab-sfey" }, { "vulnerability": "VCID-rv8f-q4a4-xqbk" }, { "vulnerability": "VCID-xhjy-xmhq-abh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/215700?format=api", "purl": "pkg:maven/org.apache.nifi/nifi@1.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ema-4jrp-3kfr" }, { "vulnerability": "VCID-3eka-p4cs-f3dz" }, { "vulnerability": "VCID-4uja-72yx-6qdc" }, { "vulnerability": "VCID-bppj-knks-jybe" }, { "vulnerability": "VCID-bpqd-tx8f-kycf" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-g74u-zmqj-gyb7" }, { "vulnerability": "VCID-hy35-v2p5-2ycq" }, { "vulnerability": "VCID-rn4r-36ab-sfey" }, { "vulnerability": "VCID-rv8f-q4a4-xqbk" }, { "vulnerability": "VCID-xhjy-xmhq-abh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.11.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/215701?format=api", "purl": "pkg:maven/org.apache.nifi/nifi@1.11.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ema-4jrp-3kfr" }, { "vulnerability": "VCID-3eka-p4cs-f3dz" }, { "vulnerability": "VCID-4uja-72yx-6qdc" }, { "vulnerability": "VCID-bppj-knks-jybe" }, { "vulnerability": "VCID-bpqd-tx8f-kycf" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-g74u-zmqj-gyb7" }, { "vulnerability": "VCID-hy35-v2p5-2ycq" }, { "vulnerability": "VCID-rn4r-36ab-sfey" }, { "vulnerability": "VCID-rv8f-q4a4-xqbk" }, { "vulnerability": "VCID-xhjy-xmhq-abh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.11.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/215702?format=api", "purl": "pkg:maven/org.apache.nifi/nifi@1.11.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ema-4jrp-3kfr" }, { "vulnerability": "VCID-3eka-p4cs-f3dz" }, { "vulnerability": "VCID-4uja-72yx-6qdc" }, { "vulnerability": "VCID-bppj-knks-jybe" }, { "vulnerability": "VCID-bpqd-tx8f-kycf" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-g74u-zmqj-gyb7" }, { "vulnerability": "VCID-hy35-v2p5-2ycq" }, { "vulnerability": "VCID-rn4r-36ab-sfey" }, { "vulnerability": "VCID-rv8f-q4a4-xqbk" }, { "vulnerability": "VCID-xhjy-xmhq-abh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.11.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/143152?format=api", "purl": "pkg:maven/org.apache.nifi/nifi@1.11.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ema-4jrp-3kfr" }, { "vulnerability": "VCID-3eka-p4cs-f3dz" }, { "vulnerability": "VCID-4uja-72yx-6qdc" }, { "vulnerability": "VCID-bppj-knks-jybe" }, { "vulnerability": "VCID-bpqd-tx8f-kycf" }, { "vulnerability": "VCID-cg2v-phw4-ake2" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-g74u-zmqj-gyb7" }, { "vulnerability": "VCID-hy35-v2p5-2ycq" }, { "vulnerability": "VCID-rn4r-36ab-sfey" }, { "vulnerability": "VCID-rv8f-q4a4-xqbk" }, { "vulnerability": "VCID-xhjy-xmhq-abh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.11.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/215703?format=api", "purl": "pkg:maven/org.apache.nifi/nifi@1.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3eka-p4cs-f3dz" }, { "vulnerability": "VCID-4uja-72yx-6qdc" }, { "vulnerability": "VCID-bpqd-tx8f-kycf" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-g74u-zmqj-gyb7" }, { "vulnerability": "VCID-hy35-v2p5-2ycq" }, { "vulnerability": "VCID-rn4r-36ab-sfey" }, { "vulnerability": "VCID-rv8f-q4a4-xqbk" }, { "vulnerability": "VCID-xhjy-xmhq-abh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/224799?format=api", "purl": "pkg:maven/org.apache.nifi/nifi@1.12.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3eka-p4cs-f3dz" }, { "vulnerability": "VCID-4uja-72yx-6qdc" }, { "vulnerability": "VCID-bpqd-tx8f-kycf" }, { "vulnerability": "VCID-ec58-s3nd-7yaz" }, { "vulnerability": "VCID-g74u-zmqj-gyb7" }, { "vulnerability": "VCID-hy35-v2p5-2ycq" }, { "vulnerability": "VCID-rn4r-36ab-sfey" }, { "vulnerability": "VCID-rv8f-q4a4-xqbk" }, { "vulnerability": "VCID-xhjy-xmhq-abh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.12.1" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20190.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20190.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20190", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.65976", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66087", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66052", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66082", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66094", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66075", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66063", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66014", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66047", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66018", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20190" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1916633", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-27T20:35:59Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1916633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20190", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20190" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/FasterXML/jackson-databind", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/08fbfacf89a4a4c026a6227a1b470ab7a13e2e88", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/08fbfacf89a4a4c026a6227a1b470ab7a13e2e88" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/7dbf51bf78d157098074a20bd9da39bd48c18e4a", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/7dbf51bf78d157098074a20bd9da39bd48c18e4a" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/2854", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-27T20:35:59Z/" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/2854" }, { "reference_url": "https://lists.apache.org/thread.html/r380e9257bacb8551ee6fcf2c59890ae9477b2c78e553fa9ea08e9d9a@%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r380e9257bacb8551ee6fcf2c59890ae9477b2c78e553fa9ea08e9d9a@%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-27T20:35:59Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20190", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20190" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210219-0008", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210219-0008" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-27T20:35:59Z/" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://github.com/advisories/GHSA-5949-rw7g-wx7w", "reference_id": "GHSA-5949-rw7g-wx7w", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5949-rw7g-wx7w" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210219-0008/", "reference_id": "ntap-20210219-0008", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-27T20:35:59Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210219-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1230", "reference_id": "RHSA-2021:1230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1515", "reference_id": "RHSA-2021:1515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1515" } ], "weaknesses": [ { "cwe_id": 502, "name": "Deserialization of Untrusted Data", "description": "The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." } ], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": "0.5", "weighted_severity": "8.0", "risk_score": 4.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ec58-s3nd-7yaz" }