pkg:Maven/org.apache.hadoop:hadoop-main

13 total CVEsCRITICAL1HIGH10MEDIUM1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2017-15718Exposure of Sensitive Information in Hadoop
    >= 2.7.3, < 2.7.5
  • HIGH8.8CVE-2018-11764Authentication bypass in Apache Hadoop
    >= 3.0.0-alpha4, < 3.0.1
  • HIGH8.8CVE-2018-8029Privilege escalation vulnerability in Apache Hadoop
    >= 2.2.0, < 2.8.4
  • HIGH8.8CVE-2018-8009Path Traversal in Hadoop
    >= 3.1.0, < 3.1.1
  • HIGH8.8CVE-2018-11766Arbitrary Command Execution in Hadoop
    >= 2.7.4, < 2.7.7
  • HIGH7.8CVE-2017-3166Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main
    from 0, < 2.7.3
  • HIGH7.5CVE-2012-2945Hadoop symlink vulnerability
    from 0, < 1.0.4
  • HIGH7.5CVE-2018-11765Improper Authentication in Apache Hadoop
    >= 3.0.0-alpha2, < 3.0.1
  • HIGH7.5CVE-2018-11768user/group information can be corrupted across storing in fsimage and reading back from fsimage
    >= 2.2.0, < 2.8.5
  • HIGH7.5CVE-2018-1296Exposure of Sensitive Information to an Unauthorized Actor in Hadoop
    from 0, < 2.7.6
  • HIGH7.4CVE-2018-11767Improper Privilege Management in org.apache.hadoop:hadoop-main
    >= 2.7.5, < 2.7.7
  • MEDIUM6.5CVE-2017-15713Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main
    from 0, < 2.7.5
  • CVE-2012-1574Apache Hadoop allows impersonation of arbitrary cluster user accounts
    >= 0.23, < 0.23.2