1. Home
  2. Packages
  3. maven
  4. org.apache.hadoop
  5. hadoop-main

pkg:maven/org.apache.hadoop/hadoop-main

Type maven
Namespace org.apache.hadoop
Name hadoop-main

Known advisories, vulnerabilities and fixes for org.apache.hadoop/hadoop-main package.

Repository
https://mvnrepository.com/artifact/org.apache.hadoop/hadoop-main
Critical 1
High 9
Moderate 3
Type Version Distribution # CVEs # Advisory ID Title Severity Published
Affected >= 3.0.0, < 3.1.1 >= 2.9.0, < 2.9.2 >= 2.2.0, < 2.8.4 CVE-2018-8029
maven MAVEN:GHSA-37PW-QW47-4JXM Privilege escalation vulnerability in Apache Hadoop high 2019-05-31T16:09:15
(5 years ago)
Fixed = 3.1.1 = 2.9.2 = 2.8.4 CVE-2018-8029
maven MAVEN:GHSA-37PW-QW47-4JXM Privilege escalation vulnerability in Apache Hadoop high 2019-05-31T16:09:15
(5 years ago)
Affected >= 2.8.0, < 2.8.3 < 2.7.5 CVE-2017-15713
maven MAVEN:GHSA-3V44-382Q-55F4 Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main moderate 2018-12-21T17:50:13
(5 years ago)
Fixed = 2.8.3 = 2.7.5 CVE-2017-15713
maven MAVEN:GHSA-3V44-382Q-55F4 Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main moderate 2018-12-21T17:50:13
(5 years ago)
Affected = 3.0.0 = 3.0.0-beta1 = 3.0.0-alpha4 CVE-2018-11764
maven MAVEN:GHSA-4FH8-PM7G-PMXQ Authentication bypass in Apache Hadoop high 2022-02-10T20:28:06
(2 years ago)
Fixed = 3.0.1 CVE-2018-11764
maven MAVEN:GHSA-4FH8-PM7G-PMXQ Authentication bypass in Apache Hadoop high 2022-02-10T20:28:06
(2 years ago)
Affected >= 2.9.0, < 2.9.2 >= 2.8.3, < 2.8.5 >= 2.7.5, < 2.7.7 CVE-2018-11767
maven MAVEN:GHSA-5CF4-JQWP-584G Improper Privilege Management in org.apache.hadoop:hadoop-main high 2019-03-25T16:17:32
(5 years ago)
Fixed = 2.9.2 = 2.8.5 = 2.7.7 CVE-2018-11767
maven MAVEN:GHSA-5CF4-JQWP-584G Improper Privilege Management in org.apache.hadoop:hadoop-main high 2019-03-25T16:17:32
(5 years ago)
Affected < 2.7.7 >= 2.8.0, < 2.8.5 >= 2.9.0, < 2.9.2 >= 3.0.0, < 3.0.3 = 3.1.0 CVE-2018-8009
maven MAVEN:GHSA-6X48-J4X4-CQW3 Path Traversal in Hadoop high 2018-12-21T17:50:29
(5 years ago)
Fixed = 2.7.7 = 2.8.5 = 2.9.2 = 3.0.3 = 3.1.1 CVE-2018-8009
maven MAVEN:GHSA-6X48-J4X4-CQW3 Path Traversal in Hadoop high 2018-12-21T17:50:29
(5 years ago)
Affected < 2.7.3 CVE-2017-3166
maven MAVEN:GHSA-99QR-9CC9-FV2X Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main moderate 2018-12-21T17:50:03
(5 years ago)
Fixed = 2.7.3 CVE-2017-3166
maven MAVEN:GHSA-99QR-9CC9-FV2X Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main moderate 2018-12-21T17:50:03
(5 years ago)
Affected >= 1.0, < 1.0.2 >= 0.23, < 0.23.2 CVE-2012-1574
maven MAVEN:GHSA-C6F9-4PMV-M7M6 Apache Hadoop allows impersonation of arbitrary cluster user accounts moderate 2022-05-17T02:54:07
(2 years ago)
Fixed = 1.0.2 = 0.23.2 CVE-2012-1574
maven MAVEN:GHSA-C6F9-4PMV-M7M6 Apache Hadoop allows impersonation of arbitrary cluster user accounts moderate 2022-05-17T02:54:07
(2 years ago)
Affected >= 3.0.0, < 3.1.1 >= 2.9.0, < 2.9.2 >= 2.2.0, < 2.8.5 CVE-2018-11768
maven MAVEN:GHSA-HX83-RPQF-M267 user/group information can be corrupted across storing in fsimage and reading back from fsimage high 2019-11-20T01:38:00
(4 years ago)
Fixed = 3.1.1 = 2.9.2 = 2.8.5 CVE-2018-11768
maven MAVEN:GHSA-HX83-RPQF-M267 user/group information can be corrupted across storing in fsimage and reading back from fsimage high 2019-11-20T01:38:00
(4 years ago)
Affected >= 2.7.3, <= 2.7.4 CVE-2017-15718
maven MAVEN:GHSA-MQ8P-H798-XCRP Exposure of Sensitive Information in Hadoop critical 2018-12-21T17:50:20
(5 years ago)
Fixed = 2.7.5 CVE-2017-15718
maven MAVEN:GHSA-MQ8P-H798-XCRP Exposure of Sensitive Information in Hadoop critical 2018-12-21T17:50:20
(5 years ago)
Affected >= 2.8.0, <= 2.8.5 >= 2.9.0, <= 2.9.2 >= 3.0.0-alpha2, <= 3.0.0 CVE-2018-11765
maven MAVEN:GHSA-RHH9-CM65-3W54 Improper Authentication in Apache Hadoop high 2021-04-30T17:29:30
(3 years ago)
Fixed = 2.8.6 = 2.9.3 = 3.0.1 CVE-2018-11765
maven MAVEN:GHSA-RHH9-CM65-3W54 Improper Authentication in Apache Hadoop high 2021-04-30T17:29:30
(3 years ago)
Affected >= 2.7.4, <= 2.7.6 CVE-2018-11766
maven MAVEN:GHSA-RQJ9-CQ6J-958R Arbitrary Command Execution in Hadoop high 2018-12-21T17:50:26
(5 years ago)
Fixed = 2.7.7 CVE-2018-11766
maven MAVEN:GHSA-RQJ9-CQ6J-958R Arbitrary Command Execution in Hadoop high 2018-12-21T17:50:26
(5 years ago)
Affected = 2.9.0 >= 2.8.0, < 2.8.4 < 2.7.6 CVE-2018-1296
maven MAVEN:GHSA-V569-G72V-Q434 Exposure of Sensitive Information to an Unauthorized Actor in Hadoop high 2019-02-12T17:26:12
(5 years ago)
Fixed = 2.9.1 = 2.8.4 = 2.7.6 CVE-2018-1296
maven MAVEN:GHSA-V569-G72V-Q434 Exposure of Sensitive Information to an Unauthorized Actor in Hadoop high 2019-02-12T17:26:12
(5 years ago)
Affected <= 1.0.3 CVE-2012-2945
maven MAVEN:GHSA-V5C9-98F7-2H54 Hadoop symlink vulnerability high 2022-04-23T00:40:07
(2 years ago)
Fixed = 1.0.4 CVE-2012-2945
maven MAVEN:GHSA-V5C9-98F7-2H54 Hadoop symlink vulnerability high 2022-04-23T00:40:07
(2 years ago)