Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.hadoop/hadoop-common@0.23.11
Typemaven
Namespaceorg.apache.hadoop
Namehadoop-common
Version0.23.11
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.4.0
Latest_non_vulnerable_version3.4.0
Affected_by_vulnerabilities
0
url VCID-1h2m-ywk8-b7dm
vulnerability_id VCID-1h2m-ywk8-b7dm
summary 
Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2
There is a potential heap buffer overflow in Apache Hadoop libhdfs native code. Opening a file path provided by user without validation may result in a denial of service or arbitrary code execution. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37404.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37404.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-37404
reference_id
reference_type
scores
0
value 0.01071
scoring_system epss
scoring_elements 0.77812
published_at 2026-04-26T12:55:00Z
1
value 0.01071
scoring_system epss
scoring_elements 0.77803
published_at 2026-04-24T12:55:00Z
2
value 0.01071
scoring_system epss
scoring_elements 0.77771
published_at 2026-04-21T12:55:00Z
3
value 0.01071
scoring_system epss
scoring_elements 0.77777
published_at 2026-04-18T12:55:00Z
4
value 0.01071
scoring_system epss
scoring_elements 0.77779
published_at 2026-04-16T12:55:00Z
5
value 0.01071
scoring_system epss
scoring_elements 0.77742
published_at 2026-04-13T12:55:00Z
6
value 0.01071
scoring_system epss
scoring_elements 0.77743
published_at 2026-04-12T12:55:00Z
7
value 0.01071
scoring_system epss
scoring_elements 0.77758
published_at 2026-04-11T12:55:00Z
8
value 0.01071
scoring_system epss
scoring_elements 0.77682
published_at 2026-04-01T12:55:00Z
9
value 0.01071
scoring_system epss
scoring_elements 0.77689
published_at 2026-04-02T12:55:00Z
10
value 0.01071
scoring_system epss
scoring_elements 0.77716
published_at 2026-04-04T12:55:00Z
11
value 0.01071
scoring_system epss
scoring_elements 0.77699
published_at 2026-04-07T12:55:00Z
12
value 0.01071
scoring_system epss
scoring_elements 0.77732
published_at 2026-04-09T12:55:00Z
13
value 0.01071
scoring_system epss
scoring_elements 0.77727
published_at 2026-04-08T12:55:00Z
14
value 0.01455
scoring_system epss
scoring_elements 0.80887
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-37404
2
reference_url https://github.com/apache/hadoop
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop
3
reference_url https://lists.apache.org/thread/2h56ztcj3ojc66qzf1nno88vjw9vd4wo
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/2h56ztcj3ojc66qzf1nno88vjw9vd4wo
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-37404
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-37404
5
reference_url https://security.netapp.com/advisory/ntap-20220715-0007
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220715-0007
6
reference_url https://security.netapp.com/advisory/ntap-20220715-0007/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220715-0007/
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2097421
reference_id 2097421
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2097421
8
reference_url https://github.com/advisories/GHSA-rmpj-7c96-mrg8
reference_id GHSA-rmpj-7c96-mrg8
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rmpj-7c96-mrg8
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-common@2.10.2
purl pkg:maven/org.apache.hadoop/hadoop-common@2.10.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fz1-e6n6-rfh6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.10.2
1
url pkg:maven/org.apache.hadoop/hadoop-common@3.2.3
purl pkg:maven/org.apache.hadoop/hadoop-common@3.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fz1-e6n6-rfh6
1
vulnerability VCID-a8xd-ukj7-tqbk
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@3.2.3
2
url pkg:maven/org.apache.hadoop/hadoop-common@3.3.2
purl pkg:maven/org.apache.hadoop/hadoop-common@3.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fz1-e6n6-rfh6
1
vulnerability VCID-a8xd-ukj7-tqbk
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@3.3.2
aliases CVE-2021-37404, GHSA-rmpj-7c96-mrg8
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1h2m-ywk8-b7dm
1
url VCID-3fz1-e6n6-rfh6
vulnerability_id VCID-3fz1-e6n6-rfh6
summary 
Apache Hadoop: Temporary File Local Information Disclosure
Apache Hadoop’s `RunJar.run()` does not set permissions for temporary directory by default. If sensitive data will be present in this file, all the other local users may be able to view the content. This is because, on unix-like systems, the system temporary directory is shared between all local users. As such, files written in this directory, without setting the correct posix permissions explicitly, may be viewable by all other local users.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-23454
reference_id
reference_type
scores
0
value 0.00104
scoring_system epss
scoring_elements 0.28393
published_at 2026-04-09T12:55:00Z
1
value 0.00104
scoring_system epss
scoring_elements 0.27953
published_at 2026-04-29T12:55:00Z
2
value 0.00104
scoring_system epss
scoring_elements 0.28031
published_at 2026-04-26T12:55:00Z
3
value 0.00104
scoring_system epss
scoring_elements 0.28144
published_at 2026-04-24T12:55:00Z
4
value 0.00104
scoring_system epss
scoring_elements 0.28239
published_at 2026-04-21T12:55:00Z
5
value 0.00104
scoring_system epss
scoring_elements 0.28285
published_at 2026-04-18T12:55:00Z
6
value 0.00104
scoring_system epss
scoring_elements 0.28306
published_at 2026-04-16T12:55:00Z
7
value 0.00104
scoring_system epss
scoring_elements 0.28295
published_at 2026-04-13T12:55:00Z
8
value 0.00104
scoring_system epss
scoring_elements 0.28353
published_at 2026-04-12T12:55:00Z
9
value 0.00104
scoring_system epss
scoring_elements 0.2845
published_at 2026-04-02T12:55:00Z
10
value 0.00104
scoring_system epss
scoring_elements 0.28493
published_at 2026-04-04T12:55:00Z
11
value 0.00104
scoring_system epss
scoring_elements 0.28284
published_at 2026-04-07T12:55:00Z
12
value 0.00104
scoring_system epss
scoring_elements 0.2835
published_at 2026-04-08T12:55:00Z
13
value 0.00104
scoring_system epss
scoring_elements 0.28396
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-23454
1
reference_url https://github.com/apache/hadoop
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop
2
reference_url https://github.com/apache/hadoop/commit/8c2836402fbb2f619f1fef4ef625a8542e853a64
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commit/8c2836402fbb2f619f1fef4ef625a8542e853a64
3
reference_url https://issues.apache.org/jira/browse/HADOOP-19031
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T15:19:22Z/
url https://issues.apache.org/jira/browse/HADOOP-19031
4
reference_url https://lists.apache.org/thread/xlo7q8kn4tsjvx059r789oz19hzgfkfs
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T15:19:22Z/
url https://lists.apache.org/thread/xlo7q8kn4tsjvx059r789oz19hzgfkfs
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-23454
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-23454
6
reference_url https://security.netapp.com/advisory/ntap-20241101-0002
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20241101-0002
7
reference_url http://www.openwall.com/lists/oss-security/2024/09/25/1
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/09/25/1
8
reference_url https://github.com/advisories/GHSA-f5fw-25gw-5m92
reference_id GHSA-f5fw-25gw-5m92
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f5fw-25gw-5m92
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-common@3.4.0
purl pkg:maven/org.apache.hadoop/hadoop-common@3.4.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@3.4.0
aliases CVE-2024-23454, GHSA-f5fw-25gw-5m92
risk_score 2.8
exploitability 0.5
weighted_severity 5.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3fz1-e6n6-rfh6
2
url VCID-5a9g-vebh-67cq
vulnerability_id VCID-5a9g-vebh-67cq
summary 
Exposure of Sensitive Information to an Unauthorized Actor
This is an information disclosure vulnerability in Apache Hadoop before 2.6.4 and 2.7.x before 2.7.2 in the short-circuit reads feature of HDFS. A local user on an HDFS DataNode may be able to craft a block token that grants unauthorized read access to random files by guessing certain fields in the token.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5001
reference_id
reference_type
scores
0
value 0.00118
scoring_system epss
scoring_elements 0.30242
published_at 2026-04-29T12:55:00Z
1
value 0.00118
scoring_system epss
scoring_elements 0.30688
published_at 2026-04-12T12:55:00Z
2
value 0.00118
scoring_system epss
scoring_elements 0.30644
published_at 2026-04-13T12:55:00Z
3
value 0.00118
scoring_system epss
scoring_elements 0.30669
published_at 2026-04-16T12:55:00Z
4
value 0.00118
scoring_system epss
scoring_elements 0.30652
published_at 2026-04-18T12:55:00Z
5
value 0.00118
scoring_system epss
scoring_elements 0.30618
published_at 2026-04-21T12:55:00Z
6
value 0.00118
scoring_system epss
scoring_elements 0.30438
published_at 2026-04-24T12:55:00Z
7
value 0.00118
scoring_system epss
scoring_elements 0.30324
published_at 2026-04-26T12:55:00Z
8
value 0.00118
scoring_system epss
scoring_elements 0.30638
published_at 2026-04-01T12:55:00Z
9
value 0.00118
scoring_system epss
scoring_elements 0.30774
published_at 2026-04-02T12:55:00Z
10
value 0.00118
scoring_system epss
scoring_elements 0.30822
published_at 2026-04-04T12:55:00Z
11
value 0.00118
scoring_system epss
scoring_elements 0.3064
published_at 2026-04-07T12:55:00Z
12
value 0.00118
scoring_system epss
scoring_elements 0.30698
published_at 2026-04-08T12:55:00Z
13
value 0.00118
scoring_system epss
scoring_elements 0.3073
published_at 2026-04-09T12:55:00Z
14
value 0.00118
scoring_system epss
scoring_elements 0.30734
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5001
1
reference_url http://seclists.org/oss-sec/2016/q4/698
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2016/q4/698
2
reference_url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a@%3Cuser.flink.apache.org%3E
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a@%3Cuser.flink.apache.org%3E
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5001
reference_id CVE-2016-5001
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5001
4
reference_url https://github.com/advisories/GHSA-8r28-r8cp-g6cp
reference_id GHSA-8r28-r8cp-g6cp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8r28-r8cp-g6cp
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-common@2.6.4
purl pkg:maven/org.apache.hadoop/hadoop-common@2.6.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1h2m-ywk8-b7dm
1
vulnerability VCID-3fz1-e6n6-rfh6
2
vulnerability VCID-5k2f-qcuj-7yex
3
vulnerability VCID-67cn-ebsg-zbdd
4
vulnerability VCID-6fnh-mjwd-9qee
5
vulnerability VCID-6ue7-puv7-wbcb
6
vulnerability VCID-a8xd-ukj7-tqbk
7
vulnerability VCID-kt1w-97bw-r7bp
8
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.6.4
1
url pkg:maven/org.apache.hadoop/hadoop-common@2.7.2
purl pkg:maven/org.apache.hadoop/hadoop-common@2.7.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1h2m-ywk8-b7dm
1
vulnerability VCID-3fz1-e6n6-rfh6
2
vulnerability VCID-5k2f-qcuj-7yex
3
vulnerability VCID-67cn-ebsg-zbdd
4
vulnerability VCID-6fnh-mjwd-9qee
5
vulnerability VCID-a8xd-ukj7-tqbk
6
vulnerability VCID-kt1w-97bw-r7bp
7
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.7.2
aliases CVE-2016-5001, GHSA-8r28-r8cp-g6cp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5a9g-vebh-67cq
3
url VCID-kt1w-97bw-r7bp
vulnerability_id VCID-kt1w-97bw-r7bp
summary 
Information Exposure
Vulnerability in Apache Hadoop allows a cluster user to expose private files owned by the user running the `MapReduce` job history server process. The malicious user can construct a configuration file containing XML directives that reference sensitive files on the `MapReduce` job history server host.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15713
reference_id
reference_type
scores
0
value 0.00311
scoring_system epss
scoring_elements 0.54321
published_at 2026-04-29T12:55:00Z
1
value 0.00311
scoring_system epss
scoring_elements 0.54382
published_at 2026-04-16T12:55:00Z
2
value 0.00311
scoring_system epss
scoring_elements 0.54364
published_at 2026-04-12T12:55:00Z
3
value 0.00311
scoring_system epss
scoring_elements 0.54343
published_at 2026-04-13T12:55:00Z
4
value 0.00311
scoring_system epss
scoring_elements 0.54386
published_at 2026-04-18T12:55:00Z
5
value 0.00311
scoring_system epss
scoring_elements 0.54367
published_at 2026-04-21T12:55:00Z
6
value 0.00311
scoring_system epss
scoring_elements 0.5433
published_at 2026-04-24T12:55:00Z
7
value 0.00311
scoring_system epss
scoring_elements 0.54345
published_at 2026-04-26T12:55:00Z
8
value 0.00311
scoring_system epss
scoring_elements 0.5426
published_at 2026-04-01T12:55:00Z
9
value 0.00311
scoring_system epss
scoring_elements 0.5428
published_at 2026-04-02T12:55:00Z
10
value 0.00311
scoring_system epss
scoring_elements 0.5431
published_at 2026-04-04T12:55:00Z
11
value 0.00311
scoring_system epss
scoring_elements 0.54285
published_at 2026-04-07T12:55:00Z
12
value 0.00311
scoring_system epss
scoring_elements 0.54337
published_at 2026-04-08T12:55:00Z
13
value 0.00311
scoring_system epss
scoring_elements 0.54332
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15713
1
reference_url https://lists.apache.org/thread.html/a790a251ace7213bde9f69777dedb453b1a01a6d18289c14a61d4f91@%3Cgeneral.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/a790a251ace7213bde9f69777dedb453b1a01a6d18289c14a61d4f91@%3Cgeneral.hadoop.apache.org%3E
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-15713
reference_id CVE-2017-15713
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-15713
3
reference_url https://github.com/advisories/GHSA-3v44-382q-55f4
reference_id GHSA-3v44-382q-55f4
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-3v44-382q-55f4
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-common@2.0.0-alpha
purl pkg:maven/org.apache.hadoop/hadoop-common@2.0.0-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1h2m-ywk8-b7dm
1
vulnerability VCID-3fz1-e6n6-rfh6
2
vulnerability VCID-5a9g-vebh-67cq
3
vulnerability VCID-67cn-ebsg-zbdd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.0.0-alpha
1
url pkg:maven/org.apache.hadoop/hadoop-common@2.1.0-beta
purl pkg:maven/org.apache.hadoop/hadoop-common@2.1.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-179c-6pqr-dyb4
1
vulnerability VCID-1h2m-ywk8-b7dm
2
vulnerability VCID-3fz1-e6n6-rfh6
3
vulnerability VCID-5a9g-vebh-67cq
4
vulnerability VCID-67cn-ebsg-zbdd
5
vulnerability VCID-a8xd-ukj7-tqbk
6
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.1.0-beta
2
url pkg:maven/org.apache.hadoop/hadoop-common@2.8.3
purl pkg:maven/org.apache.hadoop/hadoop-common@2.8.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1h2m-ywk8-b7dm
1
vulnerability VCID-3fz1-e6n6-rfh6
2
vulnerability VCID-6fnh-mjwd-9qee
3
vulnerability VCID-a8xd-ukj7-tqbk
4
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.8.3
3
url pkg:maven/org.apache.hadoop/hadoop-common@3.0.1
purl pkg:maven/org.apache.hadoop/hadoop-common@3.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1h2m-ywk8-b7dm
1
vulnerability VCID-3fz1-e6n6-rfh6
2
vulnerability VCID-6fnh-mjwd-9qee
3
vulnerability VCID-a8xd-ukj7-tqbk
4
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@3.0.1
aliases CVE-2017-15713, GHSA-3v44-382q-55f4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kt1w-97bw-r7bp
4
url VCID-p5ab-z4u4-akcv
vulnerability_id VCID-p5ab-z4u4-akcv
summary Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2.8.4, 2.0.0-alpha to 2.7.6, 0.23.0 to 0.23.11 is exploitable via the zip slip vulnerability in places that accept a zip file.
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:3892
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3892
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8009.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8009.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8009
reference_id
reference_type
scores
0
value 0.05894
scoring_system epss
scoring_elements 0.90613
published_at 2026-04-29T12:55:00Z
1
value 0.05894
scoring_system epss
scoring_elements 0.90617
published_at 2026-04-26T12:55:00Z
2
value 0.05894
scoring_system epss
scoring_elements 0.90616
published_at 2026-04-24T12:55:00Z
3
value 0.05894
scoring_system epss
scoring_elements 0.90601
published_at 2026-04-21T12:55:00Z
4
value 0.05894
scoring_system epss
scoring_elements 0.90604
published_at 2026-04-18T12:55:00Z
5
value 0.05894
scoring_system epss
scoring_elements 0.90544
published_at 2026-04-01T12:55:00Z
6
value 0.05894
scoring_system epss
scoring_elements 0.90548
published_at 2026-04-02T12:55:00Z
7
value 0.05894
scoring_system epss
scoring_elements 0.90559
published_at 2026-04-04T12:55:00Z
8
value 0.05894
scoring_system epss
scoring_elements 0.90567
published_at 2026-04-07T12:55:00Z
9
value 0.05894
scoring_system epss
scoring_elements 0.90579
published_at 2026-04-08T12:55:00Z
10
value 0.05894
scoring_system epss
scoring_elements 0.90585
published_at 2026-04-09T12:55:00Z
11
value 0.05894
scoring_system epss
scoring_elements 0.90595
published_at 2026-04-12T12:55:00Z
12
value 0.05894
scoring_system epss
scoring_elements 0.90589
published_at 2026-04-13T12:55:00Z
13
value 0.05894
scoring_system epss
scoring_elements 0.90607
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8009
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/hadoop
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop
5
reference_url https://github.com/apache/hadoop/commit/11a425d11a329010d0ff8255ecbcd1eb51b642e
reference_id
reference_type
scores
url https://github.com/apache/hadoop/commit/11a425d11a329010d0ff8255ecbcd1eb51b642e
6
reference_url https://github.com/apache/hadoop/commit/12258c7cff8d32710fbd8b9088a930e3ce27432
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commit/12258c7cff8d32710fbd8b9088a930e3ce27432
7
reference_url https://github.com/apache/hadoop/commit/1373e3d8ad60e4da721a292912cb69243bfdf47
reference_id
reference_type
scores
url https://github.com/apache/hadoop/commit/1373e3d8ad60e4da721a292912cb69243bfdf47
8
reference_url https://github.com/apache/hadoop/commit/45a1c680c276c4501402f7bc4cebcf85a6fbc7f
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commit/45a1c680c276c4501402f7bc4cebcf85a6fbc7f
9
reference_url https://github.com/apache/hadoop/commit/65e55097da2bb3f2fbdf9ba1946da25fe58bec9
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commit/65e55097da2bb3f2fbdf9ba1946da25fe58bec9
10
reference_url https://github.com/apache/hadoop/commit/6a4ae6f6eeed1392a4828a5721fa1499f65bdde
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commit/6a4ae6f6eeed1392a4828a5721fa1499f65bdde
11
reference_url https://github.com/apache/hadoop/commit/6d7d192e4799b51931e55217e02baec14d49607
reference_id
reference_type
scores
url https://github.com/apache/hadoop/commit/6d7d192e4799b51931e55217e02baec14d49607
12
reference_url https://github.com/apache/hadoop/commit/745f203e577bacb35b042206db94615141fa5e6
reference_id
reference_type
scores
url https://github.com/apache/hadoop/commit/745f203e577bacb35b042206db94615141fa5e6
13
reference_url https://github.com/apache/hadoop/commit/bd98d4e77cf9f7b2f4b1afb4d5e5bad0f6b2fde
reference_id
reference_type
scores
url https://github.com/apache/hadoop/commit/bd98d4e77cf9f7b2f4b1afb4d5e5bad0f6b2fde
14
reference_url https://github.com/apache/hadoop/commit/cedc28d4ab2a27ba47e15ab2711218d96ec88d2
reference_id
reference_type
scores
url https://github.com/apache/hadoop/commit/cedc28d4ab2a27ba47e15ab2711218d96ec88d2
15
reference_url https://github.com/apache/hadoop/commit/e3236a9680709de7a95ffbc11b20e1bdc95a860
reference_id
reference_type
scores
url https://github.com/apache/hadoop/commit/e3236a9680709de7a95ffbc11b20e1bdc95a860
16
reference_url https://github.com/apache/hadoop/commit/eaa2b8035b584dfcf7c79a33484eb2dffd3fdb1
reference_id
reference_type
scores
url https://github.com/apache/hadoop/commit/eaa2b8035b584dfcf7c79a33484eb2dffd3fdb1
17
reference_url https://github.com/apache/hadoop/commit/fc4c20fc3469674cb584a4fb98bac7e3c2277c9
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commit/fc4c20fc3469674cb584a4fb98bac7e3c2277c9
18
reference_url https://hadoop.apache.org/cve_list.html#cve-2018-8009-http-cve-mitre-org-cgi-bin-cvename-cgi-name-cve-2018-8009-zip-slip-impact-on-apache-hadoop
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://hadoop.apache.org/cve_list.html#cve-2018-8009-http-cve-mitre-org-cgi-bin-cvename-cgi-name-cve-2018-8009-zip-slip-impact-on-apache-hadoop
19
reference_url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/a1c227745ce30acbcf388c5b0cc8423e8bf495d619cd0fa973f7f38d@%3Cuser.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/a1c227745ce30acbcf388c5b0cc8423e8bf495d619cd0fa973f7f38d@%3Cuser.hadoop.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r4dddf1705dbedfa94392913b2dad1cd2d1d89040facd389eea0b3510@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4dddf1705dbedfa94392913b2dad1cd2d1d89040facd389eea0b3510@%3Ccommits.druid.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rb21df54a4e39732ce653d2aa5672e36a792b59eb6717f2a06bb8d02a@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb21df54a4e39732ce653d2aa5672e36a792b59eb6717f2a06bb8d02a@%3Ccommits.druid.apache.org%3E
23
reference_url https://snyk.io/research/zip-slip-vulnerability
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://snyk.io/research/zip-slip-vulnerability
24
reference_url http://www.securityfocus.com/bid/105927
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/105927
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1593018
reference_id 1593018
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1593018
26
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-8009
reference_id CVE-2018-8009
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-8009
27
reference_url https://github.com/advisories/GHSA-6x48-j4x4-cqw3
reference_id GHSA-6x48-j4x4-cqw3
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-6x48-j4x4-cqw3
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-common@2.0.0-alpha
purl pkg:maven/org.apache.hadoop/hadoop-common@2.0.0-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1h2m-ywk8-b7dm
1
vulnerability VCID-3fz1-e6n6-rfh6
2
vulnerability VCID-5a9g-vebh-67cq
3
vulnerability VCID-67cn-ebsg-zbdd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.0.0-alpha
1
url pkg:maven/org.apache.hadoop/hadoop-common@2.7.7
purl pkg:maven/org.apache.hadoop/hadoop-common@2.7.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1h2m-ywk8-b7dm
1
vulnerability VCID-3fz1-e6n6-rfh6
2
vulnerability VCID-6fnh-mjwd-9qee
3
vulnerability VCID-a8xd-ukj7-tqbk
4
vulnerability VCID-kt1w-97bw-r7bp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.7.7
2
url pkg:maven/org.apache.hadoop/hadoop-common@2.8.5
purl pkg:maven/org.apache.hadoop/hadoop-common@2.8.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1h2m-ywk8-b7dm
1
vulnerability VCID-3fz1-e6n6-rfh6
2
vulnerability VCID-a8xd-ukj7-tqbk
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.8.5
3
url pkg:maven/org.apache.hadoop/hadoop-common@2.9.2
purl pkg:maven/org.apache.hadoop/hadoop-common@2.9.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1h2m-ywk8-b7dm
1
vulnerability VCID-3fz1-e6n6-rfh6
2
vulnerability VCID-a8xd-ukj7-tqbk
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.9.2
4
url pkg:maven/org.apache.hadoop/hadoop-common@3.1.1
purl pkg:maven/org.apache.hadoop/hadoop-common@3.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1h2m-ywk8-b7dm
1
vulnerability VCID-3fz1-e6n6-rfh6
2
vulnerability VCID-a8xd-ukj7-tqbk
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@3.1.1
aliases CVE-2018-8009, GHSA-6x48-j4x4-cqw3
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p5ab-z4u4-akcv
Fixing_vulnerabilities
0
url VCID-179c-6pqr-dyb4
vulnerability_id VCID-179c-6pqr-dyb4
summary 
Improper Authentication in Apache Hadoop
Apache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as used in Cloudera CDH 5.0.x before 5.0.2, do not check authorization for the (1) refreshNamenodes, (2) deleteBlockPool, and (3) shutdownDatanode HDFS admin commands, which allows remote authenticated users to cause a denial of service (DataNodes shutdown) or perform unnecessary operations by issuing a command.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0229
reference_id
reference_type
scores
0
value 0.0037
scoring_system epss
scoring_elements 0.58881
published_at 2026-04-29T12:55:00Z
1
value 0.0037
scoring_system epss
scoring_elements 0.58898
published_at 2026-04-12T12:55:00Z
2
value 0.0037
scoring_system epss
scoring_elements 0.58916
published_at 2026-04-11T12:55:00Z
3
value 0.0037
scoring_system epss
scoring_elements 0.58879
published_at 2026-04-24T12:55:00Z
4
value 0.0037
scoring_system epss
scoring_elements 0.58912
published_at 2026-04-16T12:55:00Z
5
value 0.0037
scoring_system epss
scoring_elements 0.58917
published_at 2026-04-18T12:55:00Z
6
value 0.0037
scoring_system epss
scoring_elements 0.58894
published_at 2026-04-21T12:55:00Z
7
value 0.0037
scoring_system epss
scoring_elements 0.58895
published_at 2026-04-26T12:55:00Z
8
value 0.0037
scoring_system epss
scoring_elements 0.58775
published_at 2026-04-01T12:55:00Z
9
value 0.0037
scoring_system epss
scoring_elements 0.58849
published_at 2026-04-02T12:55:00Z
10
value 0.0037
scoring_system epss
scoring_elements 0.58872
published_at 2026-04-04T12:55:00Z
11
value 0.0037
scoring_system epss
scoring_elements 0.5884
published_at 2026-04-07T12:55:00Z
12
value 0.0037
scoring_system epss
scoring_elements 0.58893
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0229
1
reference_url https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html#concept_i1q_xvk_2r
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html#concept_i1q_xvk_2r
2
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.0:*:*:*:*:*:*:*
3
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.1:*:*:*:*:*:*:*
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.10:*:*:*:*:*:*:*
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.3:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.4:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.5:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.6:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.7:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.8:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.9:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.0:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.0:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.0:alpha:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.1:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.1:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.1:alpha:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.2:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.2:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.2:alpha:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.3:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.3:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.3:alpha:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.4:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.4:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.4:alpha:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.5:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.5:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.5:alpha:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.6:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.6:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.6:alpha:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.1.0:beta:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.1.0:beta:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.1.0:beta:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.1.1:beta:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.1.1:beta:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.1.1:beta:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.2.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.3.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.4.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cloudera:cdh:5.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:cloudera:cdh:5.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cloudera:cdh:5.0.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cloudera:cdh:5.0.0:beta:*:*:*:*:*:*
reference_id cpe:2.3:a:cloudera:cdh:5.0.0:beta:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cloudera:cdh:5.0.0:beta:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cloudera:cdh:5.0.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:cloudera:cdh:5.0.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cloudera:cdh:5.0.0:beta2:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0229
reference_id CVE-2014-0229
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:N/A:P
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0229
28
reference_url https://github.com/advisories/GHSA-9r7g-325h-mxrm
reference_id GHSA-9r7g-325h-mxrm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9r7g-325h-mxrm
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-common@0.23.11
purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1h2m-ywk8-b7dm
1
vulnerability VCID-3fz1-e6n6-rfh6
2
vulnerability VCID-5a9g-vebh-67cq
3
vulnerability VCID-kt1w-97bw-r7bp
4
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.11
1
url pkg:maven/org.apache.hadoop/hadoop-common@2.4.1
purl pkg:maven/org.apache.hadoop/hadoop-common@2.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1h2m-ywk8-b7dm
1
vulnerability VCID-3fz1-e6n6-rfh6
2
vulnerability VCID-5a9g-vebh-67cq
3
vulnerability VCID-67cn-ebsg-zbdd
4
vulnerability VCID-6fnh-mjwd-9qee
5
vulnerability VCID-a8xd-ukj7-tqbk
6
vulnerability VCID-kt1w-97bw-r7bp
7
vulnerability VCID-p5ab-z4u4-akcv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.4.1
aliases CVE-2014-0229, GHSA-9r7g-325h-mxrm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-179c-6pqr-dyb4
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.11