VulnerableCode Package Details - pkg:maven/org.apache.drill/drill-common@1.13.0

Search for packages

Vulnerability	Summary	Fixed by
VCID-mrdq-9pb2-3qb5 Aliases: CVE-2020-13956 GHSA-7r82-7xv7-xcpj	Cross-site scripting in Apache HttpClient Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.	1.19.0 Affected by 0 other vulnerabilities.
VCID-vaar-ytpp-eqc7 Aliases: CVE-2021-36090 GHSA-mc84-pj99-q6hh	Uncontrolled Resource Consumption When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' zip package.	1.19.0 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-mrdq-9pb2-3qb5
Aliases:
CVE-2020-13956
GHSA-7r82-7xv7-xcpj

Cross-site scripting in Apache HttpClient Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.

1.19.0
Affected by 0 other vulnerabilities.

VCID-vaar-ytpp-eqc7
Aliases:
CVE-2021-36090
GHSA-mc84-pj99-q6hh

Uncontrolled Resource Consumption When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' zip package.

1.19.0
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:27:28.276805+00:00	GitLab Importer	Affected by	VCID-vaar-ytpp-eqc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.drill/drill-common/CVE-2021-36090.yml	38.4.0
2026-04-16T21:14:42.305392+00:00	GitLab Importer	Affected by	VCID-mrdq-9pb2-3qb5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.drill/drill-common/CVE-2020-13956.yml	38.4.0
2026-04-11T22:40:24.785718+00:00	GitLab Importer	Affected by	VCID-vaar-ytpp-eqc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.drill/drill-common/CVE-2021-36090.yml	38.3.0
2026-04-11T22:26:49.360116+00:00	GitLab Importer	Affected by	VCID-mrdq-9pb2-3qb5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.drill/drill-common/CVE-2020-13956.yml	38.3.0
2026-04-02T22:50:54.742044+00:00	GitLab Importer	Affected by	VCID-vaar-ytpp-eqc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.drill/drill-common/CVE-2021-36090.yml	38.1.0
2026-04-02T22:38:32.906401+00:00	GitLab Importer	Affected by	VCID-mrdq-9pb2-3qb5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.drill/drill-common/CVE-2020-13956.yml	38.1.0
2026-04-01T17:08:55.084173+00:00	GitLab Importer	Affected by	VCID-vaar-ytpp-eqc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.drill/drill-common/CVE-2021-36090.yml	38.0.0
2026-04-01T16:55:57.960211+00:00	GitLab Importer	Affected by	VCID-mrdq-9pb2-3qb5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.drill/drill-common/CVE-2020-13956.yml	38.0.0