Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.hadoop/hadoop-client@2.0.2-alpha
Typemaven
Namespaceorg.apache.hadoop
Namehadoop-client
Version2.0.2-alpha
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.7.0
Latest_non_vulnerable_version2.7.0
Affected_by_vulnerabilities
0
url VCID-1jer-fvap-a3et
vulnerability_id VCID-1jer-fvap-a3et
summary 
Improper Input Validation
HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3162
reference_id
reference_type
scores
0
value 0.01938
scoring_system epss
scoring_elements 0.83424
published_at 2026-04-11T12:55:00Z
1
value 0.01938
scoring_system epss
scoring_elements 0.83484
published_at 2026-04-29T12:55:00Z
2
value 0.01938
scoring_system epss
scoring_elements 0.83414
published_at 2026-04-13T12:55:00Z
3
value 0.01938
scoring_system epss
scoring_elements 0.8336
published_at 2026-04-02T12:55:00Z
4
value 0.01938
scoring_system epss
scoring_elements 0.83375
published_at 2026-04-07T12:55:00Z
5
value 0.01938
scoring_system epss
scoring_elements 0.83399
published_at 2026-04-08T12:55:00Z
6
value 0.01938
scoring_system epss
scoring_elements 0.83409
published_at 2026-04-09T12:55:00Z
7
value 0.01938
scoring_system epss
scoring_elements 0.83419
published_at 2026-04-12T12:55:00Z
8
value 0.01938
scoring_system epss
scoring_elements 0.83481
published_at 2026-04-26T12:55:00Z
9
value 0.01938
scoring_system epss
scoring_elements 0.83474
published_at 2026-04-24T12:55:00Z
10
value 0.01938
scoring_system epss
scoring_elements 0.83451
published_at 2026-04-21T12:55:00Z
11
value 0.01938
scoring_system epss
scoring_elements 0.83449
published_at 2026-04-16T12:55:00Z
12
value 0.01938
scoring_system epss
scoring_elements 0.83346
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3162
1
reference_url https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b@%3Cuser.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b@%3Cuser.hadoop.apache.org%3E
2
reference_url https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b%40%3Cuser.hadoop.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b%40%3Cuser.hadoop.apache.org%3E
3
reference_url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a@%3Cuser.flink.apache.org%3E
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a@%3Cuser.flink.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a%40%3Cuser.flink.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a%40%3Cuser.flink.apache.org%3E
5
reference_url https://s.apache.org/k2ss
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://s.apache.org/k2ss
6
reference_url http://www.securityfocus.com/bid/98017
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/98017
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-3162
reference_id CVE-2017-3162
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
2
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-3162
9
reference_url https://github.com/advisories/GHSA-pr9x-qmp5-j3rr
reference_id GHSA-pr9x-qmp5-j3rr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pr9x-qmp5-j3rr
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-client@2.7.0
purl pkg:maven/org.apache.hadoop/hadoop-client@2.7.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.7.0
aliases CVE-2017-3162, GHSA-pr9x-qmp5-j3rr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1jer-fvap-a3et
1
url VCID-417a-z2w6-s3bq
vulnerability_id VCID-417a-z2w6-s3bq
summary 
Use of a Broken or Risky Cryptographic Algorithm in Apache Hadoop
Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a 20-bit secret when Kerberos security features are enabled, which makes it easier for context-dependent attackers to crack secret keys via a brute-force attack.
references
0
reference_url http://mail-archives.apache.org/mod_mbox/hadoop-general/201210.mbox/%3CCA+z3+9FYdPmzBEaMZ71SUqzRx=eU=o4mSHUsbrpzgR9X_F1c0Q%40mail.gmail.com%3E
reference_id
reference_type
scores
url http://mail-archives.apache.org/mod_mbox/hadoop-general/201210.mbox/%3CCA+z3+9FYdPmzBEaMZ71SUqzRx=eU=o4mSHUsbrpzgR9X_F1c0Q%40mail.gmail.com%3E
1
reference_url http://mail-archives.apache.org/mod_mbox/hadoop-general/201210.mbox/%3CCA+z3+9FYdPmzBEaMZ71SUqzRx=eU=o4mSHUsbrpzgR9X_F1c0Q@mail.gmail.com%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://mail-archives.apache.org/mod_mbox/hadoop-general/201210.mbox/%3CCA+z3+9FYdPmzBEaMZ71SUqzRx=eU=o4mSHUsbrpzgR9X_F1c0Q@mail.gmail.com%3E
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-4449
reference_id
reference_type
scores
0
value 0.00403
scoring_system epss
scoring_elements 0.609
published_at 2026-04-29T12:55:00Z
1
value 0.00403
scoring_system epss
scoring_elements 0.60893
published_at 2026-04-12T12:55:00Z
2
value 0.00403
scoring_system epss
scoring_elements 0.60873
published_at 2026-04-13T12:55:00Z
3
value 0.00403
scoring_system epss
scoring_elements 0.60916
published_at 2026-04-16T12:55:00Z
4
value 0.00403
scoring_system epss
scoring_elements 0.6092
published_at 2026-04-18T12:55:00Z
5
value 0.00403
scoring_system epss
scoring_elements 0.60905
published_at 2026-04-21T12:55:00Z
6
value 0.00403
scoring_system epss
scoring_elements 0.60895
published_at 2026-04-24T12:55:00Z
7
value 0.00403
scoring_system epss
scoring_elements 0.60908
published_at 2026-04-26T12:55:00Z
8
value 0.00403
scoring_system epss
scoring_elements 0.60754
published_at 2026-04-01T12:55:00Z
9
value 0.00403
scoring_system epss
scoring_elements 0.60827
published_at 2026-04-02T12:55:00Z
10
value 0.00403
scoring_system epss
scoring_elements 0.60856
published_at 2026-04-04T12:55:00Z
11
value 0.00403
scoring_system epss
scoring_elements 0.6082
published_at 2026-04-07T12:55:00Z
12
value 0.00403
scoring_system epss
scoring_elements 0.60869
published_at 2026-04-08T12:55:00Z
13
value 0.00403
scoring_system epss
scoring_elements 0.60885
published_at 2026-04-09T12:55:00Z
14
value 0.00403
scoring_system epss
scoring_elements 0.60906
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-4449
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-4449
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-4449
4
reference_url https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html#topic_1_0
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html#topic_1_0
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:1.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:1.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:1.0.0:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:1.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:1.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:1.0.1:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:1.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:1.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:1.0.2:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:1.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:1.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:1.0.3:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.0:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.0:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.0:alpha:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.1:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.1:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.1:alpha:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.2:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.2:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.2:alpha:*:*:*:*:*:*
13
reference_url https://github.com/advisories/GHSA-q46v-cj5v-hvg6
reference_id GHSA-q46v-cj5v-hvg6
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q46v-cj5v-hvg6
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-client@2.0.2
purl pkg:maven/org.apache.hadoop/hadoop-client@2.0.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.0.2
1
url pkg:maven/org.apache.hadoop/hadoop-client@2.0.3-alpha
purl pkg:maven/org.apache.hadoop/hadoop-client@2.0.3-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.0.3-alpha
aliases CVE-2012-4449, GHSA-q46v-cj5v-hvg6
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-417a-z2w6-s3bq
2
url VCID-s1ru-ts2c-ubf5
vulnerability_id VCID-s1ru-ts2c-ubf5
summary 
Improper Link Resolution Before File Access in Apache Hadoop
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
references
0
reference_url http://mail-archives.apache.org/mod_mbox/hadoop-general/201411.mbox/%3CCALwhT97dOi04aC3VbekaB+zn2UAS_OZV2EAiP78GmjnMzfp2Ug%40mail.gmail.com%3E
reference_id
reference_type
scores
url http://mail-archives.apache.org/mod_mbox/hadoop-general/201411.mbox/%3CCALwhT97dOi04aC3VbekaB+zn2UAS_OZV2EAiP78GmjnMzfp2Ug%40mail.gmail.com%3E
1
reference_url http://mail-archives.apache.org/mod_mbox/hadoop-general/201411.mbox/%3CCALwhT97dOi04aC3VbekaB+zn2UAS_OZV2EAiP78GmjnMzfp2Ug@mail.gmail.com%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://mail-archives.apache.org/mod_mbox/hadoop-general/201411.mbox/%3CCALwhT97dOi04aC3VbekaB+zn2UAS_OZV2EAiP78GmjnMzfp2Ug@mail.gmail.com%3E
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3627.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3627.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3627
reference_id
reference_type
scores
0
value 0.01616
scoring_system epss
scoring_elements 0.81732
published_at 2026-04-01T12:55:00Z
1
value 0.01616
scoring_system epss
scoring_elements 0.81877
published_at 2026-04-29T12:55:00Z
2
value 0.01616
scoring_system epss
scoring_elements 0.81838
published_at 2026-04-21T12:55:00Z
3
value 0.01616
scoring_system epss
scoring_elements 0.81862
published_at 2026-04-24T12:55:00Z
4
value 0.01616
scoring_system epss
scoring_elements 0.81872
published_at 2026-04-26T12:55:00Z
5
value 0.01616
scoring_system epss
scoring_elements 0.81742
published_at 2026-04-02T12:55:00Z
6
value 0.01616
scoring_system epss
scoring_elements 0.81765
published_at 2026-04-04T12:55:00Z
7
value 0.01616
scoring_system epss
scoring_elements 0.81763
published_at 2026-04-07T12:55:00Z
8
value 0.01616
scoring_system epss
scoring_elements 0.8179
published_at 2026-04-08T12:55:00Z
9
value 0.01616
scoring_system epss
scoring_elements 0.81796
published_at 2026-04-09T12:55:00Z
10
value 0.01616
scoring_system epss
scoring_elements 0.81815
published_at 2026-04-11T12:55:00Z
11
value 0.01616
scoring_system epss
scoring_elements 0.81803
published_at 2026-04-12T12:55:00Z
12
value 0.01616
scoring_system epss
scoring_elements 0.81798
published_at 2026-04-13T12:55:00Z
13
value 0.01616
scoring_system epss
scoring_elements 0.81835
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3627
4
reference_url http://secunia.com/advisories/60079
reference_id
reference_type
scores
url http://secunia.com/advisories/60079
5
reference_url http://secunia.com/advisories/60432
reference_id
reference_type
scores
url http://secunia.com/advisories/60432
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3627
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3627
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1170479
reference_id 1170479
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1170479
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.0:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.1:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.10:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.11:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.3:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.4:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.5:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.6:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.7:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.8:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.9:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.0:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.0:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.0:alpha:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.1:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.1:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.1:alpha:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.2:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.2:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.2:alpha:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.3:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.3:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.3:alpha:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.4:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.4:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.4:alpha:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.5:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.5:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.5:alpha:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.6:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.6:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.6:alpha:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.1.0:beta:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.1.0:beta:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.1.0:beta:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.1.1:beta:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.1.1:beta:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.1.1:beta:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.2.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.3.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.4.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.4.1:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.5.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.5.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.5.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.5.1:*:*:*:*:*:*:*
34
reference_url https://github.com/advisories/GHSA-jpmf-8cj2-595g
reference_id GHSA-jpmf-8cj2-595g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jpmf-8cj2-595g
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-client@2.5.2
purl pkg:maven/org.apache.hadoop/hadoop-client@2.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.5.2
aliases CVE-2014-3627, GHSA-jpmf-8cj2-595g
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s1ru-ts2c-ubf5
3
url VCID-teju-geqm-j7cy
vulnerability_id VCID-teju-geqm-j7cy
summary 
Cross-site Scripting
The HDFS web UI in Apache Hadoop is vulnerable to a cross-site scripting (XSS) attack through an unescaped query parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3161
reference_id
reference_type
scores
0
value 0.058
scoring_system epss
scoring_elements 0.90484
published_at 2026-04-04T12:55:00Z
1
value 0.058
scoring_system epss
scoring_elements 0.90537
published_at 2026-04-29T12:55:00Z
2
value 0.058
scoring_system epss
scoring_elements 0.9054
published_at 2026-04-26T12:55:00Z
3
value 0.058
scoring_system epss
scoring_elements 0.90508
published_at 2026-04-09T12:55:00Z
4
value 0.058
scoring_system epss
scoring_elements 0.90502
published_at 2026-04-08T12:55:00Z
5
value 0.058
scoring_system epss
scoring_elements 0.90473
published_at 2026-04-02T12:55:00Z
6
value 0.058
scoring_system epss
scoring_elements 0.9049
published_at 2026-04-07T12:55:00Z
7
value 0.058
scoring_system epss
scoring_elements 0.90526
published_at 2026-04-21T12:55:00Z
8
value 0.058
scoring_system epss
scoring_elements 0.90528
published_at 2026-04-18T12:55:00Z
9
value 0.058
scoring_system epss
scoring_elements 0.9051
published_at 2026-04-13T12:55:00Z
10
value 0.058
scoring_system epss
scoring_elements 0.90517
published_at 2026-04-12T12:55:00Z
11
value 0.058
scoring_system epss
scoring_elements 0.90469
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3161
1
reference_url https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b@%3Cuser.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b@%3Cuser.hadoop.apache.org%3E
2
reference_url https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b%40%3Cuser.hadoop.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b%40%3Cuser.hadoop.apache.org%3E
3
reference_url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a@%3Cuser.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a@%3Cuser.flink.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a%40%3Cuser.flink.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a%40%3Cuser.flink.apache.org%3E
5
reference_url https://s.apache.org/4MQm
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://s.apache.org/4MQm
6
reference_url http://www.securityfocus.com/bid/98025
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/98025
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-3161
reference_id CVE-2017-3161
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-3161
9
reference_url https://github.com/advisories/GHSA-qm7f-r83w-3p46
reference_id GHSA-qm7f-r83w-3p46
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qm7f-r83w-3p46
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-client@2.7.0
purl pkg:maven/org.apache.hadoop/hadoop-client@2.7.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.7.0
aliases CVE-2017-3161, GHSA-qm7f-r83w-3p46
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-teju-geqm-j7cy
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.0.2-alpha