Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.apache.hadoop/hadoop-yarn-server@2.10.2
purl pkg:maven/org.apache.hadoop/hadoop-yarn-server@2.10.2
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-r29h-hzhg-uyce Deserialization of Untrusted Data in Apache Hadoop YARN ZKConfigurationStore which is optionally used by CapacityScheduler of Apache Hadoop YARN deserializes data obtained from ZooKeeper without validation. An attacker having access to ZooKeeper can run arbitrary commands as YARN user by exploiting this. Users should upgrade to Apache Hadoop 2.10.2, 3.2.4, 3.3.4 or later (containing YARN-11126) if ZKConfigurationStore is used. CVE-2021-25642
GHSA-rr2m-gffv-mgrj

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:07:44.820545+00:00 GitLab Importer Fixing VCID-r29h-hzhg-uyce https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-yarn-server/CVE-2021-25642.yml 38.4.0
2026-04-11T23:24:07.692760+00:00 GitLab Importer Fixing VCID-r29h-hzhg-uyce https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-yarn-server/CVE-2021-25642.yml 38.3.0
2026-04-02T23:30:33.670391+00:00 GitLab Importer Fixing VCID-r29h-hzhg-uyce https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-yarn-server/CVE-2021-25642.yml 38.1.0
2026-04-01T17:52:03.673322+00:00 GitLab Importer Fixing VCID-r29h-hzhg-uyce https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-yarn-server/CVE-2021-25642.yml 38.0.0
2026-04-01T16:03:01.823267+00:00 GHSA Importer Fixing VCID-r29h-hzhg-uyce https://github.com/advisories/GHSA-rr2m-gffv-mgrj 38.0.0
2026-04-01T13:06:45.541295+00:00 GithubOSV Importer Fixing VCID-r29h-hzhg-uyce https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/08/GHSA-rr2m-gffv-mgrj/GHSA-rr2m-gffv-mgrj.json 38.0.0