VulnerableCode Package Details - pkg:maven/org.apache.drill/drill-common@1.19.0

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-mrdq-9pb2-3qb5	Cross-site scripting in Apache HttpClient Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.	CVE-2020-13956 GHSA-7r82-7xv7-xcpj
VCID-vaar-ytpp-eqc7	Uncontrolled Resource Consumption When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' zip package.	CVE-2021-36090 GHSA-mc84-pj99-q6hh

Vulnerability

Summary

Aliases

VCID-mrdq-9pb2-3qb5

Cross-site scripting in Apache HttpClient Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.

CVE-2020-13956
GHSA-7r82-7xv7-xcpj

VCID-vaar-ytpp-eqc7

Uncontrolled Resource Consumption When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' zip package.

CVE-2021-36090
GHSA-mc84-pj99-q6hh

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:27:28.295521+00:00	GitLab Importer	Fixing	VCID-vaar-ytpp-eqc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.drill/drill-common/CVE-2021-36090.yml	38.4.0
2026-04-16T21:14:42.336894+00:00	GitLab Importer	Fixing	VCID-mrdq-9pb2-3qb5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.drill/drill-common/CVE-2020-13956.yml	38.4.0
2026-04-11T22:40:24.809855+00:00	GitLab Importer	Fixing	VCID-vaar-ytpp-eqc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.drill/drill-common/CVE-2021-36090.yml	38.3.0
2026-04-11T22:26:49.381907+00:00	GitLab Importer	Fixing	VCID-mrdq-9pb2-3qb5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.drill/drill-common/CVE-2020-13956.yml	38.3.0
2026-04-02T22:50:54.761721+00:00	GitLab Importer	Fixing	VCID-vaar-ytpp-eqc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.drill/drill-common/CVE-2021-36090.yml	38.1.0
2026-04-02T22:38:32.925257+00:00	GitLab Importer	Fixing	VCID-mrdq-9pb2-3qb5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.drill/drill-common/CVE-2020-13956.yml	38.1.0
2026-04-01T16:55:57.989135+00:00	GitLab Importer	Fixing	VCID-mrdq-9pb2-3qb5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.drill/drill-common/CVE-2020-13956.yml	38.0.0
2026-04-01T12:48:35.575998+00:00	GitLab Importer	Fixing	VCID-vaar-ytpp-eqc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.drill/drill-common/CVE-2021-36090.yml	38.0.0