grok_connect:2.7.0 — vulnerability report

0 critical · 43 high · 72 medium · 21 low · 136 total (deduped by CVE)

Image datagrok/grok_connect:2.7.0 · digest sha256:8524e2a10b1e7ba7acd58c7a194b70b04d82f7163324af00cd93edfae16f7366

VulnerabilitySeverityPackage InstalledFixed inCVSSDescription
CVE-2021-22569HIGHcom.google.protobuf:protobuf-java3.7.13.16.15.5CVE-2021-22569
CVE-2021-33036HIGHorg.apache.hadoop:hadoop-yarn-server-common3.3.13.3.28.8CVE-2021-33036
CVE-2021-35515HIGHorg.apache.commons:commons-compress1.201.217.5CVE-2021-35515
CVE-2021-35516HIGHorg.apache.commons:commons-compress1.201.217.5CVE-2021-35516
CVE-2021-35517HIGHorg.apache.commons:commons-compress1.201.217.5CVE-2021-35517
CVE-2021-36090HIGHorg.apache.commons:commons-compress1.201.217.5CVE-2021-36090
CVE-2021-39239HIGHorg.apache.jena:jena-core3.17.04.2.07.5CVE-2021-39239
CVE-2022-3509HIGHcom.google.protobuf:protobuf-java3.7.13.16.37.5CVE-2022-3509
CVE-2022-3510HIGHcom.google.protobuf:protobuf-java3.7.13.16.37.5CVE-2022-3510
CVE-2023-1370HIGHnet.minidev:json-smart2.4.72.4.97.5CVE-2023-1370
CVE-2023-34610HIGHcom.cedarsoftware:json-io2.5.14.14.17.5CVE-2023-34610
CVE-2024-21634HIGHsoftware.amazon.ion:ion-java1.0.27.5CVE-2024-21634
CVE-2024-47554HIGHcommons-io:commons-io2.11.02.14.04.3CVE-2024-47554
CVE-2024-7254HIGHcom.google.protobuf:protobuf-java3.21.93.25.57.5CVE-2024-7254
CVE-2024-7254HIGHcom.google.protobuf:protobuf-java3.7.13.25.57.5CVE-2024-7254
CVE-2025-24970HIGHio.netty:netty-handler4.1.94.Final4.1.118.Final7.5CVE-2025-24970
CVE-2025-48734HIGHcommons-beanutils:commons-beanutils1.9.41.11.08.8CVE-2025-48734
CVE-2025-52999HIGHcom.fasterxml.jackson.core:jackson-core2.13.42.15.0CVE-2025-52999
CVE-2025-52999HIGHcom.fasterxml.jackson.core:jackson-core2.14.02.15.0CVE-2025-52999
CVE-2025-52999HIGHcom.fasterxml.jackson.core:jackson-core2.14.12.15.0CVE-2025-52999
CVE-2025-55163HIGHio.netty:netty-codec-http24.1.101.Final4.1.124.Final7.5CVE-2025-55163
CVE-2025-59419HIGHio.netty:netty-codec-smtp4.1.101.Final4.1.128.FinalCVE-2025-59419
CVE-2025-67030HIGHorg.codehaus.plexus:plexus-utils3.5.13.6.18.8CVE-2025-67030
CVE-2026-2332HIGHorg.eclipse.jetty:jetty-http9.4.57.v202412199.1CVE-2026-2332
CVE-2026-33870HIGHio.netty:netty-codec-http4.1.101.Final4.1.132.Final7.5CVE-2026-33870
CVE-2026-33871HIGHio.netty:netty-codec-http24.1.101.Final4.1.132.Final7.5CVE-2026-33871
CVE-2026-42579HIGHio.netty:netty-codec-dns4.1.101.Final4.1.133.Final9.1CVE-2026-42579
CVE-2026-42583HIGHio.netty:netty-codec4.1.94.Final4.1.133.Final7.5CVE-2026-42583
CVE-2026-42584HIGHio.netty:netty-codec-http4.1.101.Final4.1.133.Final9.1CVE-2026-42584
CVE-2026-42587HIGHio.netty:netty-codec-http4.1.101.Final4.1.133.Final7.5CVE-2026-42587
CVE-2026-42587HIGHio.netty:netty-codec-http24.1.101.Final4.1.133.Final7.5CVE-2026-42587
CVE-2026-44249HIGHio.netty:netty-handler4.1.94.Final4.1.135.Final8.1CVE-2026-44249
CVE-2026-44250HIGHio.netty:netty-codec-redis4.1.101.Final4.1.135.Final7.5CVE-2026-44250
CVE-2026-44890HIGHio.netty:netty-codec-redis4.1.101.Final4.1.135.Final7.5CVE-2026-44890
CVE-2026-44893HIGHio.netty:netty-codec-haproxy4.1.101.Final4.1.135.Final7.5CVE-2026-44893
CVE-2026-45416HIGHio.netty:netty-handler4.1.94.Final4.1.135.Final7.5CVE-2026-45416
CVE-2026-45674HIGHio.netty:netty-resolver-dns4.1.101.Final4.1.135.Final10CVE-2026-45674
CVE-2026-46340HIGHio.netty:netty-transport-sctp4.1.101.Final4.1.135.Final7.5CVE-2026-46340
CVE-2026-47691HIGHio.netty:netty-resolver-dns4.1.101.Final4.1.135.Final10CVE-2026-47691
CVE-2026-48006HIGHio.netty:netty-codec-redis4.1.101.Final4.1.135.Final7.5CVE-2026-48006
CVE-2026-48059HIGHio.netty:netty-codec-haproxy4.1.101.Final4.1.135.Final7.5CVE-2026-48059
CVE-2026-50010HIGHio.netty:netty-handler4.1.94.Final4.1.135.Final7.5CVE-2026-50010
CVE-2026-50011HIGHio.netty:netty-codec-redis4.1.101.Final4.1.135.Final7.5CVE-2026-50011
CVE-2026-54512HIGHcom.fasterxml.jackson.core:jackson-databind2.13.4.22.18.88.1CVE-2026-54512
CVE-2026-54512HIGHcom.fasterxml.jackson.core:jackson-databind2.14.02.18.88.1CVE-2026-54512
CVE-2026-54512HIGHcom.fasterxml.jackson.core:jackson-databind2.14.12.18.88.1CVE-2026-54512
CVE-2026-54512HIGHcom.fasterxml.jackson.core:jackson-databind2.14.32.18.88.1CVE-2026-54512
CVE-2026-54512HIGHcom.fasterxml.jackson.core:jackson-databind2.16.02.18.88.1CVE-2026-54512
CVE-2026-54513HIGHcom.fasterxml.jackson.core:jackson-databind2.13.4.22.18.88.1CVE-2026-54513
CVE-2026-54513HIGHcom.fasterxml.jackson.core:jackson-databind2.14.02.18.88.1CVE-2026-54513
CVE-2026-54513HIGHcom.fasterxml.jackson.core:jackson-databind2.14.12.18.88.1CVE-2026-54513
CVE-2026-54513HIGHcom.fasterxml.jackson.core:jackson-databind2.14.32.18.88.1CVE-2026-54513
CVE-2026-54513HIGHcom.fasterxml.jackson.core:jackson-databind2.16.02.18.88.1CVE-2026-54513
GHSA-2r2c-cx56-8933HIGHorg.jline:jline-remote-telnet3.9.04.2.1GHSA-2r2c-cx56-8933
GHSA-47qp-hqvx-6r3fHIGHorg.jline:jline-remote-telnet3.9.04.2.1GHSA-47qp-hqvx-6r3f
CVE-2021-31879MEDIUMwget1.21.2-2ubuntu1.16.1CVE-2021-31879
CVE-2022-3171MEDIUMcom.google.protobuf:protobuf-java3.7.13.16.37.5CVE-2022-3171
CVE-2023-2976MEDIUMcom.google.guava:guava31.1-jre32.0.0-android7.1CVE-2023-2976
CVE-2023-44483MEDIUMorg.apache.santuario:xmlsec2.3.02.3.46.5CVE-2023-44483
CVE-2024-12798MEDIUMch.qos.logback:logback-core1.2.131.3.15CVE-2024-12798
CVE-2024-23944MEDIUMorg.apache.zookeeper:zookeeper3.7.25.3CVE-2024-23944
CVE-2024-25710MEDIUMorg.apache.commons:commons-compress1.201.26.05.5CVE-2024-25710
CVE-2024-29025MEDIUMio.netty:netty-codec-http4.1.101.Final4.1.108.Final5.3CVE-2024-29025
CVE-2024-29131MEDIUMorg.apache.commons:commons-configuration22.8.02.10.17.3CVE-2024-29131
CVE-2024-29131MEDIUMorg.apache.commons:commons-configuration22.9.02.10.17.3CVE-2024-29131
CVE-2024-29133MEDIUMorg.apache.commons:commons-configuration22.8.02.10.15.4CVE-2024-29133
CVE-2024-29133MEDIUMorg.apache.commons:commons-configuration22.9.02.10.15.4CVE-2024-29133
CVE-2024-47535MEDIUMio.netty:netty-common4.1.86.Final4.1.115.Final5.5CVE-2024-47535
CVE-2024-47535MEDIUMio.netty:netty-common4.1.94.Final4.1.115.Final5.5CVE-2024-47535
CVE-2024-6763MEDIUMorg.eclipse.jetty:jetty-http9.4.57.v2024121912.0.125.3CVE-2024-6763
CVE-2025-11226MEDIUMch.qos.logback:logback-core1.2.131.3.16CVE-2025-11226
CVE-2025-15649MEDIUMperl5.34.0-3ubuntu1.75.5CVE-2025-15649
CVE-2025-25193MEDIUMio.netty:netty-common4.1.86.Final4.1.118.Final5.5CVE-2025-25193
CVE-2025-25193MEDIUMio.netty:netty-common4.1.94.Final4.1.118.Final5.5CVE-2025-25193
CVE-2025-45582MEDIUMtar1.34+dfsg-1ubuntu0.1.22.04.31.34+dfsg-1ubuntu0.1.22.04.4CVE-2025-45582
CVE-2025-48924MEDIUMcommons-lang:commons-lang2.45.3CVE-2025-48924
CVE-2025-48924MEDIUMcommons-lang:commons-lang2.65.3CVE-2025-48924
CVE-2025-48924MEDIUMorg.apache.commons:commons-lang33.103.18.05.3CVE-2025-48924
CVE-2025-48924MEDIUMorg.apache.commons:commons-lang33.12.03.18.05.3CVE-2025-48924
CVE-2025-53864MEDIUMcom.nimbusds:nimbus-jose-jwt9.37.29.37.4CVE-2025-53864
CVE-2025-58057MEDIUMio.netty:netty-codec4.1.94.Final4.1.125.Final7.5CVE-2025-58057
CVE-2025-67735MEDIUMio.netty:netty-codec-http4.1.101.Final4.1.129.Final6.5CVE-2025-67735
CVE-2025-68161MEDIUMorg.apache.logging.log4j:log4j-core2.17.12.25.34.8CVE-2025-68161
CVE-2025-68161MEDIUMorg.apache.logging.log4j:log4j-core2.20.02.25.34.8CVE-2025-68161
CVE-2026-11850MEDIUMkrb51.19.2-2ubuntu0.75CVE-2026-11850
CVE-2026-12087MEDIUMperl5.34.0-3ubuntu1.79.1CVE-2026-12087
CVE-2026-13595MEDIUMutil-linux2.37.2-4ubuntu3.55.3CVE-2026-13595
CVE-2026-13757MEDIUMp11-kit0.24.0-6build16.2CVE-2026-13757
CVE-2026-27456MEDIUMutil-linux2.37.2-4ubuntu3.54.7CVE-2026-27456
CVE-2026-34477MEDIUMorg.apache.logging.log4j:log4j-core2.17.12.25.45.9CVE-2026-34477
CVE-2026-34477MEDIUMorg.apache.logging.log4j:log4j-core2.20.02.25.45.9CVE-2026-34477
CVE-2026-34480MEDIUMorg.apache.logging.log4j:log4j-core2.17.12.25.47.5CVE-2026-34480
CVE-2026-34480MEDIUMorg.apache.logging.log4j:log4j-core2.20.02.25.47.5CVE-2026-34480
CVE-2026-40355MEDIUMkrb51.19.2-2ubuntu0.77.5CVE-2026-40355
CVE-2026-40356MEDIUMkrb51.19.2-2ubuntu0.77.5CVE-2026-40356
CVE-2026-4046MEDIUMglibc2.35-0ubuntu3.137.5CVE-2026-4046
CVE-2026-41417MEDIUMio.netty:netty-codec-http4.1.101.Final4.1.133.Final5.3CVE-2026-41417
CVE-2026-41991MEDIUMgzip1.10-4ubuntu4.11.10-4ubuntu4.24.7CVE-2026-41991
CVE-2026-41992MEDIUMgzip1.10-4ubuntu4.11.10-4ubuntu4.27.5CVE-2026-41992
CVE-2026-42497MEDIUMperl5.34.0-3ubuntu1.77.5CVE-2026-42497
CVE-2026-42580MEDIUMio.netty:netty-codec-http4.1.101.Final4.1.133.Final6.5CVE-2026-42580
CVE-2026-42581MEDIUMio.netty:netty-codec-http4.1.101.Final4.1.133.Final9.8CVE-2026-42581
CVE-2026-42585MEDIUMio.netty:netty-codec-http4.1.101.Final4.1.133.Final7.5CVE-2026-42585
CVE-2026-42586MEDIUMio.netty:netty-codec-redis4.1.101.Final4.1.133.Final7.1CVE-2026-42586
CVE-2026-44248MEDIUMio.netty:netty-codec-mqtt4.1.101.Final4.1.133.Final7.5CVE-2026-44248
CVE-2026-45205MEDIUMorg.apache.commons:commons-configuration22.8.02.15.05.3CVE-2026-45205
CVE-2026-45205MEDIUMorg.apache.commons:commons-configuration22.9.02.15.05.3CVE-2026-45205
CVE-2026-45536MEDIUMio.netty:netty-transport-native-epoll4.1.100.Final4.1.135.Final4CVE-2026-45536
CVE-2026-45536MEDIUMio.netty:netty-transport-native-epoll4.1.101.Final4.1.135.Final4CVE-2026-45536
CVE-2026-45536MEDIUMio.netty:netty-transport-native-kqueue4.1.101.Final4.1.135.Final4CVE-2026-45536
CVE-2026-45673MEDIUMio.netty:netty-resolver-dns4.1.101.Final4.1.135.Final6.8CVE-2026-45673
CVE-2026-47244MEDIUMio.netty:netty-codec-http24.1.101.Final4.1.135.Final5.3CVE-2026-47244
CVE-2026-48043MEDIUMio.netty:netty-codec-http24.1.101.Final4.1.135.Final7.5CVE-2026-48043
CVE-2026-48959MEDIUMperl5.34.0-3ubuntu1.77.5CVE-2026-48959
CVE-2026-48961MEDIUMperl5.34.0-3ubuntu1.77.3CVE-2026-48961
CVE-2026-48962MEDIUMperl5.34.0-3ubuntu1.77.3CVE-2026-48962
CVE-2026-50020MEDIUMio.netty:netty-codec-http4.1.101.Final4.1.135.Final5.3CVE-2026-50020
CVE-2026-50193MEDIUMcom.fasterxml.jackson.core:jackson-databind2.13.4.22.14.07.5CVE-2026-50193
CVE-2026-50560MEDIUMio.netty:netty-codec-http24.1.101.Final4.1.135.Final5.3CVE-2026-50560
CVE-2026-53612MEDIUMutil-linux2.37.2-4ubuntu3.5CVE-2026-53612
CVE-2026-53613MEDIUMutil-linux2.37.2-4ubuntu3.5CVE-2026-53613
CVE-2026-53614MEDIUMutil-linux2.37.2-4ubuntu3.5CVE-2026-53614
CVE-2026-53615MEDIUMutil-linux2.37.2-4ubuntu3.5CVE-2026-53615
CVE-2026-5435MEDIUMglibc2.35-0ubuntu3.137.3CVE-2026-5435
CVE-2026-54369MEDIUMacl2.3.1-17.1CVE-2026-54369
CVE-2026-54370MEDIUMacl2.3.1-16.3CVE-2026-54370
CVE-2026-54371MEDIUMattr1:2.5.1-1build17.1CVE-2026-54371
CVE-2026-54411MEDIUMpam1.4.0-11ubuntu2.6CVE-2026-54411
CVE-2026-5450MEDIUMglibc2.35-0ubuntu3.139.8CVE-2026-5450
CVE-2026-54514MEDIUMcom.fasterxml.jackson.core:jackson-databind2.13.4.22.18.85.3CVE-2026-54514
CVE-2026-54514MEDIUMcom.fasterxml.jackson.core:jackson-databind2.14.02.18.85.3CVE-2026-54514
CVE-2026-54514MEDIUMcom.fasterxml.jackson.core:jackson-databind2.14.12.18.85.3CVE-2026-54514
CVE-2026-54514MEDIUMcom.fasterxml.jackson.core:jackson-databind2.14.32.18.85.3CVE-2026-54514
CVE-2026-54514MEDIUMcom.fasterxml.jackson.core:jackson-databind2.16.02.18.85.3CVE-2026-54514
CVE-2026-54515MEDIUMcom.fasterxml.jackson.core:jackson-databind2.13.4.25.3CVE-2026-54515
CVE-2026-54515MEDIUMcom.fasterxml.jackson.core:jackson-databind2.14.05.3CVE-2026-54515
CVE-2026-54515MEDIUMcom.fasterxml.jackson.core:jackson-databind2.14.15.3CVE-2026-54515
CVE-2026-54515MEDIUMcom.fasterxml.jackson.core:jackson-databind2.14.35.3CVE-2026-54515
CVE-2026-54515MEDIUMcom.fasterxml.jackson.core:jackson-databind2.16.05.3CVE-2026-54515
CVE-2026-58469MEDIUMwget1.21.2-2ubuntu1.17.5CVE-2026-58469
CVE-2026-58470MEDIUMwget1.21.2-2ubuntu1.15.3CVE-2026-58470
CVE-2026-58471MEDIUMwget1.21.2-2ubuntu1.17.1CVE-2026-58471
CVE-2026-58472MEDIUMwget1.21.2-2ubuntu1.17.1CVE-2026-58472
CVE-2026-5928MEDIUMglibc2.35-0ubuntu3.137.5CVE-2026-5928
CVE-2026-6238MEDIUMglibc2.35-0ubuntu3.136.5CVE-2026-6238
CVE-2026-7017MEDIUMperl5.34.0-3ubuntu1.77.1CVE-2026-7017
CVE-2026-9538MEDIUMperl5.34.0-3ubuntu1.77.5CVE-2026-9538
GHSA-72hv-8253-57qqMEDIUMcom.fasterxml.jackson.core:jackson-core2.13.42.18.6GHSA-72hv-8253-57qq
GHSA-72hv-8253-57qqMEDIUMcom.fasterxml.jackson.core:jackson-core2.14.02.18.6GHSA-72hv-8253-57qq
GHSA-72hv-8253-57qqMEDIUMcom.fasterxml.jackson.core:jackson-core2.14.12.18.6GHSA-72hv-8253-57qq
GHSA-72hv-8253-57qqMEDIUMcom.fasterxml.jackson.core:jackson-core2.16.02.18.6GHSA-72hv-8253-57qq
CVE-2020-8908LOWcom.google.guava:guava31.1-jre32.0.0-android3.3CVE-2020-8908
CVE-2022-27943LOWgcc-1212.3.0-1ubuntu1~22.04.35.5CVE-2022-27943
CVE-2022-41409LOWpcre210.39-3ubuntu0.17.5CVE-2022-41409
CVE-2022-4899LOWlibzstd1.4.8+dfsg-3build17.5CVE-2022-4899
CVE-2023-29383LOWshadow1:4.8.1-2ubuntu2.23.3CVE-2023-29383
CVE-2023-50495LOWncurses6.3-2ubuntu0.26.5CVE-2023-50495
CVE-2024-10524LOWwget1.21.2-2ubuntu1.1CVE-2024-10524
CVE-2024-12801LOWch.qos.logback:logback-core1.2.131.3.15CVE-2024-12801
CVE-2024-2236LOWlibgcrypt201.9.4-3ubuntu3.25.9CVE-2024-2236
CVE-2024-56433LOWshadow1:4.8.1-2ubuntu2.2CVE-2024-56433
CVE-2025-11143LOWorg.eclipse.jetty:jetty-http9.4.57.v202412196.5CVE-2025-11143
CVE-2025-5278LOWcoreutils8.32-4.1ubuntu1.34.4CVE-2025-5278
CVE-2025-58056LOWio.netty:netty-codec-http4.1.101.Final4.1.125.Final7.5CVE-2025-58056
CVE-2025-6141LOWncurses6.3-2ubuntu0.23.3CVE-2025-6141
CVE-2026-10532LOWch.qos.logback:logback-core1.2.131.5.35CVE-2026-10532
CVE-2026-1225LOWch.qos.logback:logback-core1.2.131.5.25CVE-2026-1225
CVE-2026-42250LOWbzip21.0.8-5build1CVE-2026-42250
CVE-2026-42578LOWio.netty:netty-handler-proxy4.1.101.Final4.1.133.Final7.5CVE-2026-42578
CVE-2026-57062LOWgnupg22.2.27-3ubuntu2.5CVE-2026-57062
CVE-2026-9828LOWch.qos.logback:logback-core1.2.131.5.33CVE-2026-9828
CVE-2017-11164MINIMALpcre32:8.39-13ubuntu0.22.04.17.5CVE-2017-11164

Suppressed as not_affected by VEX statement (see the OpenVEX doc): CVE-2025-59250