VulnerableCode Package Details - pkg:maven/org.apache.hadoop/hadoop-client@2.0.0-alpha

Search for packages

Vulnerability	Summary	Fixed by
VCID-1jer-fvap-a3et Aliases: CVE-2017-3162 GHSA-pr9x-qmp5-j3rr	Improper Input Validation HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace	2.7.0 Affected by 0 other vulnerabilities.
VCID-6x8y-ffja-k3cw Aliases: CVE-2012-3376 GHSA-qmh2-h7r6-gm6q	Client BlockTokens not checked in Apache Hadoop DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName, which might allow remote clients to read arbitrary blocks, write to blocks to which they only have read access, and have other unspecified impacts.	2.0.1-alpha Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-teju-geqm-j7cy Aliases: CVE-2017-3161 GHSA-qm7f-r83w-3p46	Cross-site Scripting The HDFS web UI in Apache Hadoop is vulnerable to a cross-site scripting (XSS) attack through an unescaped query parameter.	2.7.0 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-1jer-fvap-a3et
Aliases:
CVE-2017-3162
GHSA-pr9x-qmp5-j3rr

Improper Input Validation HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace

2.7.0
Affected by 0 other vulnerabilities.

VCID-6x8y-ffja-k3cw
Aliases:
CVE-2012-3376
GHSA-qmh2-h7r6-gm6q

Client BlockTokens not checked in Apache Hadoop DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName, which might allow remote clients to read arbitrary blocks, write to blocks to which they only have read access, and have other unspecified impacts.

2.0.1-alpha
Affected by 4 other vulnerabilities.

VCID-teju-geqm-j7cy
Aliases:
CVE-2017-3161
GHSA-qm7f-r83w-3p46

Cross-site Scripting The HDFS web UI in Apache Hadoop is vulnerable to a cross-site scripting (XSS) attack through an unescaped query parameter.

2.7.0
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:53:44.912481+00:00	GitLab Importer	Affected by	VCID-6x8y-ffja-k3cw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2012-3376.yml	38.4.0
2026-04-16T21:48:18.649167+00:00	GitLab Importer	Affected by	VCID-1jer-fvap-a3et	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2017-3162.yml	38.4.0
2026-04-16T21:47:11.855780+00:00	GitLab Importer	Affected by	VCID-teju-geqm-j7cy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2017-3161.yml	38.4.0
2026-04-11T23:09:09.966934+00:00	GitLab Importer	Affected by	VCID-6x8y-ffja-k3cw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2012-3376.yml	38.3.0
2026-04-11T23:04:12.056371+00:00	GitLab Importer	Affected by	VCID-1jer-fvap-a3et	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2017-3162.yml	38.3.0
2026-04-11T23:03:00.998050+00:00	GitLab Importer	Affected by	VCID-teju-geqm-j7cy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2017-3161.yml	38.3.0
2026-04-04T14:31:23.978909+00:00	GHSA Importer	Affected by	VCID-6x8y-ffja-k3cw	https://github.com/advisories/GHSA-qmh2-h7r6-gm6q	38.1.0
2026-04-02T23:17:52.999381+00:00	GitLab Importer	Affected by	VCID-6x8y-ffja-k3cw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2012-3376.yml	38.1.0
2026-04-02T23:12:33.620334+00:00	GitLab Importer	Affected by	VCID-1jer-fvap-a3et	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2017-3162.yml	38.1.0
2026-04-02T23:11:24.953143+00:00	GitLab Importer	Affected by	VCID-teju-geqm-j7cy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2017-3161.yml	38.1.0
2026-04-01T17:38:07.701387+00:00	GitLab Importer	Affected by	VCID-6x8y-ffja-k3cw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2012-3376.yml	38.0.0
2026-04-01T17:32:29.284663+00:00	GitLab Importer	Affected by	VCID-1jer-fvap-a3et	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2017-3162.yml	38.0.0
2026-04-01T17:31:16.525556+00:00	GitLab Importer	Affected by	VCID-teju-geqm-j7cy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-client/CVE-2017-3161.yml	38.0.0
2026-04-01T13:10:14.232471+00:00	GithubOSV Importer	Affected by	VCID-6x8y-ffja-k3cw	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-qmh2-h7r6-gm6q/GHSA-qmh2-h7r6-gm6q.json	38.0.0