diff --git a/2020/25xxx/CVE-2020-25649.json b/2020/25xxx/CVE-2020-25649.json
index d3c5d3ae1f5..55ab987ea4a 100644
--- a/2020/25xxx/CVE-2020-25649.json
+++ b/2020/25xxx/CVE-2020-25649.json
@@ -248,6 +248,16 @@
                 "refsource": "MLIST",
                 "name": "[karaf-commits] 20210217 [GitHub] [karaf] jbonofre commented on pull request #1296: Update jackson-databind to fix CVE-2020-25649 / BDSA-2020-2965",
                 "url": "https://lists.apache.org/thread.html/rf1809a1374041a969d77afab21fc38925de066bc97e86157d3ac3402@%3Ccommits.karaf.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[hive-issues] 20210223 [jira] [Assigned] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
+                "url": "https://lists.apache.org/thread.html/r0881e23bd9034c8f51fdccdc8f4d085ba985dcd738f8520569ca5c3d@%3Cissues.hive.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[hive-dev] 20210223 [jira] [Created] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
+                "url": "https://lists.apache.org/thread.html/r2eb66c182853c69ecfb52f63d3dec09495e9b65be829fd889a081ae1@%3Cdev.hive.apache.org%3E"
             }
         ]
     },