VulnerableCode Package Details - pkg:maven/org.apache.hadoop/hadoop-kms@2.7.5

Search for packages

Vulnerability	Summary	Fixed by
VCID-hbtn-6f44-4fa2 Aliases: CVE-2018-11767 GHSA-5cf4-jqwp-584g	Improper Privilege Management Apache Hadoop blocks users or grants access to users incorrectly, if the system uses non-default groups mapping mechanisms.	2.7.7 Affected by 0 other vulnerabilities. 2.8.5 Affected by 0 other vulnerabilities. 2.9.2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-hbtn-6f44-4fa2
Aliases:
CVE-2018-11767
GHSA-5cf4-jqwp-584g

Improper Privilege Management Apache Hadoop blocks users or grants access to users incorrectly, if the system uses non-default groups mapping mechanisms.

2.7.7
Affected by 0 other vulnerabilities.

2.8.5
Affected by 0 other vulnerabilities.

2.9.2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-76cj-vggg-9bhe	Information Exposure The YARN NodeManager in Apache Hadoop can leak the password for credential store provider used by the NodeManager to YARN Applications.	CVE-2017-15718 GHSA-mq8p-h798-xcrp

Vulnerability

Summary

Aliases

VCID-76cj-vggg-9bhe

Information Exposure The YARN NodeManager in Apache Hadoop can leak the password for credential store provider used by the NodeManager to YARN Applications.

CVE-2017-15718
GHSA-mq8p-h798-xcrp

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T20:52:55.929930+00:00	GitLab Importer	Affected by	VCID-hbtn-6f44-4fa2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-kms/CVE-2018-11767.yml	38.4.0
2026-04-16T20:41:22.534554+00:00	GitLab Importer	Fixing	VCID-76cj-vggg-9bhe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-kms/CVE-2017-15718.yml	38.4.0
2026-04-11T22:03:45.945254+00:00	GitLab Importer	Affected by	VCID-hbtn-6f44-4fa2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-kms/CVE-2018-11767.yml	38.3.0
2026-04-11T21:51:57.768742+00:00	GitLab Importer	Fixing	VCID-76cj-vggg-9bhe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-kms/CVE-2017-15718.yml	38.3.0
2026-04-02T22:16:46.227565+00:00	GitLab Importer	Affected by	VCID-hbtn-6f44-4fa2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-kms/CVE-2018-11767.yml	38.1.0
2026-04-02T22:05:45.380550+00:00	GitLab Importer	Fixing	VCID-76cj-vggg-9bhe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-kms/CVE-2017-15718.yml	38.1.0
2026-04-01T12:48:21.776420+00:00	GitLab Importer	Affected by	VCID-hbtn-6f44-4fa2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-kms/CVE-2018-11767.yml	38.0.0
2026-04-01T12:47:33.651407+00:00	GitLab Importer	Fixing	VCID-76cj-vggg-9bhe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-kms/CVE-2017-15718.yml	38.0.0