{"url":"http://public2.vulnerablecode.io/api/packages/24676?format=json","purl":"pkg:cargo/arrow@6.4.0","type":"cargo","namespace":"","name":"arrow","version":"6.4.0","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/210777?format=json","vulnerability_id":"VCID-2cnp-bc2q-guf1","summary":"`DecimalArray` does not perform bound checks on accessing values and offsets","references":[{"reference_url":"https://github.com/apache/arrow-rs","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/arrow-rs"},{"reference_url":"https://github.com/apache/arrow-rs/issues/775","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/arrow-rs/issues/775"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2021-0117.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2021-0117.html"},{"reference_url":"https://github.com/advisories/GHSA-h588-76vg-prgj","reference_id":"GHSA-h588-76vg-prgj","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h588-76vg-prgj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/24676?format=json","purl":"pkg:cargo/arrow@6.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:cargo/arrow@6.4.0"}],"aliases":["GHSA-h588-76vg-prgj"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2cnp-bc2q-guf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/210775?format=json","vulnerability_id":"VCID-2n42-ywm4-8kge","summary":"`BinaryArray` does not perform bound checks on reading values and offsets","references":[{"reference_url":"https://github.com/apache/arrow-rs","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/arrow-rs"},{"reference_url":"https://github.com/apache/arrow-rs/blob/6.4.0/CHANGELOG.md#640-2021-12-10","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/arrow-rs/blob/6.4.0/CHANGELOG.md#640-2021-12-10"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2021-0116.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2021-0116.html"},{"reference_url":"https://github.com/advisories/GHSA-r7cj-wmwv-hfw5","reference_id":"GHSA-r7cj-wmwv-hfw5","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r7cj-wmwv-hfw5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/24676?format=json","purl":"pkg:cargo/arrow@6.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:cargo/arrow@6.4.0"}],"aliases":["GHSA-r7cj-wmwv-hfw5"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2n42-ywm4-8kge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/210778?format=json","vulnerability_id":"VCID-wate-5ap6-kuhp","summary":"`FixedSizeBinaryArray` does not perform bound checks on accessing values and offsets","references":[{"reference_url":"https://github.com/apache/arrow-rs","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/arrow-rs"},{"reference_url":"https://github.com/apache/arrow-rs/issues/774","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/arrow-rs/issues/774"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2021-0118.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2021-0118.html"},{"reference_url":"https://github.com/advisories/GHSA-qgrp-8f3v-q85p","reference_id":"GHSA-qgrp-8f3v-q85p","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qgrp-8f3v-q85p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/24676?format=json","purl":"pkg:cargo/arrow@6.4.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:cargo/arrow@6.4.0"}],"aliases":["GHSA-qgrp-8f3v-q85p"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wate-5ap6-kuhp"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:cargo/arrow@6.4.0"}