Please report (suspected) security vulnerabilities to [email protected]. You will receive a response from us within 48 hours. If the issue is confirmed, we will release a patch as soon as possible depending on complexity but historically within a few days.
We located these vulnerabilites from our security scans. The following list shows the vulnerabilities and the libraries they were found in:
- CVE-2024-9143:
libcrypto3
,libssl3
- CVE-2021-22569:
com.google.protobuf:protobuf-java (main-3.46.0.jar)
,com.google.protobuf:protobuf-java (main.jar)
- CVE-2021-22570:
com.google.protobuf:protobuf-java (main-3.46.0.jar)
,com.google.protobuf:protobuf-java (main.jar)
- CVE-2022-3509:
com.google.protobuf:protobuf-java (main-3.46.0.jar)
,com.google.protobuf:protobuf-java (main.jar)
- CVE-2022-3510:
com.google.protobuf:protobuf-java (main-3.46.0.jar)
,com.google.protobuf:protobuf-java (main.jar)
- CVE-2024-7254:
com.google.protobuf:protobuf-java (main-3.46.0.jar)
,com.google.protobuf:protobuf-java (main.jar)
- CVE-2022-3171:
com.google.protobuf:protobuf-java (main-3.46.0.jar)
,com.google.protobuf:protobuf-java (main.jar)
- CVE-2024-23454:
org.apache.hadoop:hadoop-common (main-3.46.0.jar)
,org.apache.hadoop:hadoop-common (main.jar)
- CVE-2024-6763:
org.eclipse.jetty:jetty-http (main-3.46.0.jar)
,org.eclipse.jetty:jetty-http (main.jar)
- CVE-2024-8184:
org.eclipse.jetty:jetty-http (main-3.46.0.jar)
,org.eclipse.jetty:jetty-http (main.jar)
- CVE-2024-9823:
org.eclipse.jetty:jetty-http (main-3.46.0.jar)
,org.eclipse.jetty:jetty-http (main.jar)
- CVE-2024-23454:
org.apache.hadoop:hadoop-common (steam-3.46.0.jar)
,org.apache.hadoop:hadoop-common (steam.jar)
- CVE-2024-6763:
org.eclipse.jetty:jetty-http (steam-3.46.0.jar)
,org.eclipse.jetty:jetty-http (steam.jar)
- CVE-2024-8184:
org.eclipse.jetty:jetty-http (steam-3.46.0.jar)
,org.eclipse.jetty:jetty-http (steam.jar)