VulnerableCode Package Details - pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.2.4

Search for packages

Vulnerability	Summary	Fixed by
VCID-a7g7-weay-bqa1 Aliases: CVE-2025-27821 GHSA-92cc-952p-v8rh	Apache Hadoop HDFS Native Client has Out-of-bounds Write Vulnerability Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue.	3.4.2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-a7g7-weay-bqa1
Aliases:
CVE-2025-27821
GHSA-92cc-952p-v8rh

Apache Hadoop HDFS Native Client has Out-of-bounds Write Vulnerability Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue.

3.4.2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-d4z5-7jk1-j3b7	User account escalation in Apache Hadoop In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher.	CVE-2021-33036 GHSA-58jx-f5rf-qgqf

Vulnerability

Summary

Aliases

VCID-d4z5-7jk1-j3b7

User account escalation in Apache Hadoop In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher.

CVE-2021-33036
GHSA-58jx-f5rf-qgqf

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-17T00:12:21.967332+00:00	GitLab Importer	Affected by	VCID-a7g7-weay-bqa1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-hdfs-native-client/CVE-2025-27821.yml	38.4.0
2026-04-16T22:03:48.327851+00:00	GitLab Importer	Fixing	VCID-d4z5-7jk1-j3b7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-hdfs-native-client/CVE-2021-33036.yml	38.4.0
2026-04-12T01:36:11.293249+00:00	GitLab Importer	Affected by	VCID-a7g7-weay-bqa1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-hdfs-native-client/CVE-2025-27821.yml	38.3.0
2026-04-11T23:19:30.379980+00:00	GitLab Importer	Fixing	VCID-d4z5-7jk1-j3b7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-hdfs-native-client/CVE-2021-33036.yml	38.3.0
2026-04-03T01:45:12.168763+00:00	GitLab Importer	Affected by	VCID-a7g7-weay-bqa1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-hdfs-native-client/CVE-2025-27821.yml	38.1.0
2026-04-02T23:26:58.581174+00:00	GitLab Importer	Fixing	VCID-d4z5-7jk1-j3b7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-hdfs-native-client/CVE-2021-33036.yml	38.1.0
2026-04-01T17:47:54.064916+00:00	GitLab Importer	Fixing	VCID-d4z5-7jk1-j3b7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-hdfs-native-client/CVE-2021-33036.yml	38.0.0