pkg:maven/org.apache.hadoop/hadoop-common
Type
maven
Namespace
org.apache.hadoop
Name
hadoop-common
Known advisories, vulnerabilities and fixes for org.apache.hadoop/hadoop-common package.
Critical
3
High
4
Moderate
3
Low
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | >= 2.7.0, <= 2.7.2 >= 2.6.0, <= 2.6.4 |
CVE-2016-5393
|
MAVEN:GHSA-7Q56-MP4C-GGGG | Improper Access Control in Apache Hadoop | high |
2022-05-17T03:35:31
(2 years ago) |
|
Fixed | = 2.7.3 = 2.6.5 |
CVE-2016-5393
|
MAVEN:GHSA-7Q56-MP4C-GGGG | Improper Access Control in Apache Hadoop | high |
2022-05-17T03:35:31
(2 years ago) |
|
Affected | >= 2.7.0, <= 2.7.1 <= 2.6.3 |
CVE-2016-5001
|
MAVEN:GHSA-8R28-R8CP-G6CP | Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop | moderate |
2022-05-13T01:08:56
(2 years ago) |
|
Fixed | = 2.7.2 = 2.6.4 |
CVE-2016-5001
|
MAVEN:GHSA-8R28-R8CP-G6CP | Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop | moderate |
2022-05-13T01:08:56
(2 years ago) |
|
Affected | >= 3.3.0, < 3.3.3 >= 3.0.0-alpha, < 3.2.4 >= 2.0.0, < 2.10.2 |
CVE-2022-25168
|
MAVEN:GHSA-8WM5-8H9C-47PC | Apache Hadoop argument injection vulnerability | critical |
2022-08-05T00:00:24
(2 years ago) |
|
Fixed | = 3.3.3 = 3.2.4 = 2.10.2 |
CVE-2022-25168
|
MAVEN:GHSA-8WM5-8H9C-47PC | Apache Hadoop argument injection vulnerability | critical |
2022-08-05T00:00:24
(2 years ago) |
|
Affected | >= 2.0.0, < 2.4.1 >= 0.23.0, < 0.23.11 |
CVE-2014-0229
|
MAVEN:GHSA-9R7G-325H-MXRM | Improper Authentication in Apache Hadoop | moderate |
2022-05-17T02:53:20
(2 years ago) |
|
Fixed | = 2.4.1 = 0.23.11 |
CVE-2014-0229
|
MAVEN:GHSA-9R7G-325H-MXRM | Improper Authentication in Apache Hadoop | moderate |
2022-05-17T02:53:20
(2 years ago) |
|
Affected | >= 3.0.0, < 3.1.4 >= 3.2.0, < 3.2.2 >= 2.0.0, < 2.10.1 |
CVE-2020-9492
|
MAVEN:GHSA-F8VC-WFC8-HXQH | Improper Privilege Management in Apache Hadoop | high |
2022-02-09T22:17:38
(2 years ago) |
|
Fixed | = 3.1.4 = 3.2.2 = 2.10.1 |
CVE-2020-9492
|
MAVEN:GHSA-F8VC-WFC8-HXQH | Improper Privilege Management in Apache Hadoop | high |
2022-02-09T22:17:38
(2 years ago) |
|
Affected | >= 2.6.0, <= 2.6.4 |
CVE-2015-1776
|
MAVEN:GHSA-G48F-FF5H-5F64 | Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop | moderate |
2022-05-17T03:44:57
(2 years ago) |
|
Fixed | = 2.6.5 |
CVE-2015-1776
|
MAVEN:GHSA-G48F-FF5H-5F64 | Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop | moderate |
2022-05-17T03:44:57
(2 years ago) |
|
Affected | < 3.2.3 |
CVE-2022-26612
|
MAVEN:GHSA-GX2C-FVHC-PH4J | Path traversal in Hadoop | critical |
2022-04-08T00:00:21
(2 years ago) |
|
Fixed | = 3.2.3 |
CVE-2022-26612
|
MAVEN:GHSA-GX2C-FVHC-PH4J | Path traversal in Hadoop | critical |
2022-04-08T00:00:21
(2 years ago) |
|
Affected | >= 3.0.0-alpha1, < 3.0.0-alpha3 < 2.8.1 |
CVE-2017-7669
|
MAVEN:GHSA-H24P-QWF4-84Q8 | Apache Hadoop's LinuxContainerExecutor runs docker commands as root with insufficient input validation | high |
2022-05-17T02:41:57
(2 years ago) |
|
Fixed | = 3.0.0-alpha3 = 2.8.1 |
CVE-2017-7669
|
MAVEN:GHSA-H24P-QWF4-84Q8 | Apache Hadoop's LinuxContainerExecutor runs docker commands as root with insufficient input validation | high |
2022-05-17T02:41:57
(2 years ago) |
|
Affected | >= 2.0.0-alpha, <= 2.7.3 |
CVE-2016-6811
|
MAVEN:GHSA-MF7C-35MQ-75PJ | Insecure Inherited Permissions in Apache Hadoop | high |
2022-05-14T03:24:59
(2 years ago) |
|
Fixed | = 2.7.4 |
CVE-2016-6811
|
MAVEN:GHSA-MF7C-35MQ-75PJ | Insecure Inherited Permissions in Apache Hadoop | high |
2022-05-14T03:24:59
(2 years ago) |
|
Affected | >= 0.23.0, < 0.23.9 >= 2.0.0, <= 2.0.5-alpha |
CVE-2013-2192
|
MAVEN:GHSA-PXV5-5VMP-3JJ4 | Improper Authentication in Apache Hadoop | low |
2022-05-17T02:54:07
(2 years ago) |
|
Fixed | = 0.23.9 = 2.0.6-alpha |
CVE-2013-2192
|
MAVEN:GHSA-PXV5-5VMP-3JJ4 | Improper Authentication in Apache Hadoop | low |
2022-05-17T02:54:07
(2 years ago) |
|
Affected | < 2.10.2 >= 3.0.0, < 3.2.3 >= 3.3.0, < 3.3.2 |
CVE-2021-37404
|
MAVEN:GHSA-RMPJ-7C96-MRG8 | Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2 | critical |
2022-06-14T00:00:37
(2 years ago) |
|
Fixed | = 2.10.2 = 3.2.3 = 3.3.2 |
CVE-2021-37404
|
MAVEN:GHSA-RMPJ-7C96-MRG8 | Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2 | critical |
2022-06-14T00:00:37
(2 years ago) |