VulnerableCode Package Details - pkg:maven/org.apache.hadoop/hadoop-client@1.0.4

Search for packages

Vulnerability	Summary	Fixed by
VCID-1jer-fvap-a3et Aliases: CVE-2017-3162 GHSA-pr9x-qmp5-j3rr	Improper Input Validation HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace	2.7.0 Affected by 0 other vulnerabilities.
VCID-teju-geqm-j7cy Aliases: CVE-2017-3161 GHSA-qm7f-r83w-3p46	Cross-site Scripting The HDFS web UI in Apache Hadoop is vulnerable to a cross-site scripting (XSS) attack through an unescaped query parameter.	2.7.0 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-1jer-fvap-a3et
Aliases:
CVE-2017-3162
GHSA-pr9x-qmp5-j3rr

Improper Input Validation HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace

2.7.0
Affected by 0 other vulnerabilities.

VCID-teju-geqm-j7cy
Aliases:
CVE-2017-3161
GHSA-qm7f-r83w-3p46

Cross-site Scripting The HDFS web UI in Apache Hadoop is vulnerable to a cross-site scripting (XSS) attack through an unescaped query parameter.

2.7.0
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-417a-z2w6-s3bq	Use of a Broken or Risky Cryptographic Algorithm in Apache Hadoop Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a 20-bit secret when Kerberos security features are enabled, which makes it easier for context-dependent attackers to crack secret keys via a brute-force attack.	CVE-2012-4449 GHSA-q46v-cj5v-hvg6

Vulnerability

Summary

Aliases

VCID-417a-z2w6-s3bq

Use of a Broken or Risky Cryptographic Algorithm in Apache Hadoop Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a 20-bit secret when Kerberos security features are enabled, which makes it easier for context-dependent attackers to crack secret keys via a brute-force attack.

CVE-2012-4449
GHSA-q46v-cj5v-hvg6

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:54:38.249468+00:00	GitLab Importer	Fixing	VCID-417a-z2w6-s3bq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2012-4449.yml	38.4.0
2026-04-16T21:48:18.627674+00:00	GitLab Importer	Affected by	VCID-1jer-fvap-a3et	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2017-3162.yml	38.4.0
2026-04-16T21:47:11.834908+00:00	GitLab Importer	Affected by	VCID-teju-geqm-j7cy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2017-3161.yml	38.4.0
2026-04-11T23:09:56.390220+00:00	GitLab Importer	Fixing	VCID-417a-z2w6-s3bq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2012-4449.yml	38.3.0
2026-04-11T23:04:12.034650+00:00	GitLab Importer	Affected by	VCID-1jer-fvap-a3et	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2017-3162.yml	38.3.0
2026-04-11T23:03:00.973454+00:00	GitLab Importer	Affected by	VCID-teju-geqm-j7cy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2017-3161.yml	38.3.0
2026-04-04T14:31:05.344038+00:00	GHSA Importer	Fixing	VCID-417a-z2w6-s3bq	https://github.com/advisories/GHSA-q46v-cj5v-hvg6	38.1.0
2026-04-02T23:18:40.811132+00:00	GitLab Importer	Fixing	VCID-417a-z2w6-s3bq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2012-4449.yml	38.1.0
2026-04-02T23:12:33.600738+00:00	GitLab Importer	Affected by	VCID-1jer-fvap-a3et	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2017-3162.yml	38.1.0
2026-04-02T23:11:24.933472+00:00	GitLab Importer	Affected by	VCID-teju-geqm-j7cy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2017-3161.yml	38.1.0
2026-04-01T17:39:01.952512+00:00	GitLab Importer	Fixing	VCID-417a-z2w6-s3bq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2012-4449.yml	38.0.0
2026-04-01T17:32:29.262538+00:00	GitLab Importer	Affected by	VCID-1jer-fvap-a3et	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2017-3162.yml	38.0.0
2026-04-01T17:31:16.497759+00:00	GitLab Importer	Affected by	VCID-teju-geqm-j7cy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2017-3161.yml	38.0.0
2026-04-01T13:08:23.231880+00:00	GithubOSV Importer	Fixing	VCID-417a-z2w6-s3bq	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-q46v-cj5v-hvg6/GHSA-q46v-cj5v-hvg6.json	38.0.0