VulnerableCode Package Details - pkg:maven/org.apache.mesos/mesos@1.7.1-rc1

Search for packages

Vulnerability	Summary	Fixed by
VCID-32mt-mbwm-bbca Aliases: CVE-2019-0204 GHSA-32w9-2qpc-5f9v	Improper Input Validation A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos. A malicious actor can therefore gain root-level code execution on the host.	1.7.2 Affected by 0 other vulnerabilities. 1.8.1 Affected by 0 other vulnerabilities.
VCID-t39q-ds43-9kee Aliases: CVE-2018-11793 GHSA-p2xq-vcm7-xjj6	Improper Restriction of Operations within the Bounds of a Memory Buffer When parsing a JSON payload with deeply nested JSON structures, the parser in Apache Mesos might overflow the stack due to unbounded recursion.	1.7.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.8.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-32mt-mbwm-bbca
Aliases:
CVE-2019-0204
GHSA-32w9-2qpc-5f9v

Improper Input Validation A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos. A malicious actor can therefore gain root-level code execution on the host.

1.7.2
Affected by 0 other vulnerabilities.

1.8.1
Affected by 0 other vulnerabilities.

VCID-t39q-ds43-9kee
Aliases:
CVE-2018-11793
GHSA-p2xq-vcm7-xjj6

Improper Restriction of Operations within the Bounds of a Memory Buffer When parsing a JSON payload with deeply nested JSON structures, the parser in Apache Mesos might overflow the stack due to unbounded recursion.

1.7.1
Affected by 1 other vulnerability.

1.8.1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-7juj-78y7-g7b6	Containment Errors (Container Errors) runc allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to `/proc/self/exe`.	CVE-2019-5736
VCID-t39q-ds43-9kee	Improper Restriction of Operations within the Bounds of a Memory Buffer When parsing a JSON payload with deeply nested JSON structures, the parser in Apache Mesos might overflow the stack due to unbounded recursion.	CVE-2018-11793 GHSA-p2xq-vcm7-xjj6

Vulnerability

Summary

Aliases

VCID-7juj-78y7-g7b6

Containment Errors (Container Errors) runc allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to `/proc/self/exe`.

CVE-2019-5736

VCID-t39q-ds43-9kee

CVE-2018-11793
GHSA-p2xq-vcm7-xjj6

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T20:53:01.045604+00:00	GitLab Importer	Affected by	VCID-32mt-mbwm-bbca	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.mesos/mesos/CVE-2019-0204.yml	38.4.0
2026-04-16T20:52:39.048649+00:00	GitLab Importer	Affected by	VCID-t39q-ds43-9kee	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.mesos/mesos/CVE-2018-11793.yml	38.4.0
2026-04-16T20:51:41.962216+00:00	GitLab Importer	Fixing	VCID-7juj-78y7-g7b6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.mesos/mesos/CVE-2019-5736.yml	38.4.0
2026-04-16T01:28:03.177281+00:00	GHSA Importer	Fixing	VCID-t39q-ds43-9kee	https://github.com/advisories/GHSA-p2xq-vcm7-xjj6	38.4.0
2026-04-11T22:03:50.900196+00:00	GitLab Importer	Affected by	VCID-32mt-mbwm-bbca	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.mesos/mesos/CVE-2019-0204.yml	38.3.0
2026-04-11T22:03:27.589165+00:00	GitLab Importer	Affected by	VCID-t39q-ds43-9kee	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.mesos/mesos/CVE-2018-11793.yml	38.3.0
2026-04-11T22:02:27.704031+00:00	GitLab Importer	Fixing	VCID-7juj-78y7-g7b6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.mesos/mesos/CVE-2019-5736.yml	38.3.0
2026-04-11T12:57:20.885125+00:00	GHSA Importer	Fixing	VCID-t39q-ds43-9kee	https://github.com/advisories/GHSA-p2xq-vcm7-xjj6	38.3.0
2026-04-02T22:16:50.772742+00:00	GitLab Importer	Affected by	VCID-32mt-mbwm-bbca	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.mesos/mesos/CVE-2019-0204.yml	38.1.0
2026-04-02T22:16:29.044946+00:00	GitLab Importer	Affected by	VCID-t39q-ds43-9kee	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.mesos/mesos/CVE-2018-11793.yml	38.1.0
2026-04-02T22:15:31.933980+00:00	GitLab Importer	Fixing	VCID-7juj-78y7-g7b6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.mesos/mesos/CVE-2019-5736.yml	38.1.0
2026-04-02T13:49:43.736463+00:00	GHSA Importer	Fixing	VCID-t39q-ds43-9kee	https://github.com/advisories/GHSA-p2xq-vcm7-xjj6	38.1.0
2026-04-01T16:34:28.109953+00:00	GitLab Importer	Affected by	VCID-32mt-mbwm-bbca	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.mesos/mesos/CVE-2019-0204.yml	38.0.0
2026-04-01T16:34:04.841749+00:00	GitLab Importer	Affected by	VCID-t39q-ds43-9kee	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.mesos/mesos/CVE-2018-11793.yml	38.0.0
2026-04-01T16:33:00.292305+00:00	GitLab Importer	Fixing	VCID-7juj-78y7-g7b6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.mesos/mesos/CVE-2019-5736.yml	38.0.0