Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.2.3
Typemaven
Namespaceorg.apache.hadoop
Namehadoop-hdfs-native-client
Version3.2.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.4.2
Latest_non_vulnerable_version3.4.2
Affected_by_vulnerabilities
0
url VCID-a7g7-weay-bqa1
vulnerability_id VCID-a7g7-weay-bqa1
summary 
Apache Hadoop HDFS Native Client has Out-of-bounds Write Vulnerability
Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client.

This issue affects Apache Hadoop: from 3.2.0 before 3.4.2.

Users are recommended to upgrade to version 3.4.2, which fixes the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-27821
reference_id
reference_type
scores
0
value 0.00045
scoring_system epss
scoring_elements 0.13774
published_at 2026-04-02T12:55:00Z
1
value 0.00047
scoring_system epss
scoring_elements 0.14241
published_at 2026-04-29T12:55:00Z
2
value 0.00047
scoring_system epss
scoring_elements 0.14324
published_at 2026-04-24T12:55:00Z
3
value 0.00047
scoring_system epss
scoring_elements 0.143
published_at 2026-04-26T12:55:00Z
4
value 0.00047
scoring_system epss
scoring_elements 0.14227
published_at 2026-04-18T12:55:00Z
5
value 0.00047
scoring_system epss
scoring_elements 0.14336
published_at 2026-04-13T12:55:00Z
6
value 0.00047
scoring_system epss
scoring_elements 0.14391
published_at 2026-04-12T12:55:00Z
7
value 0.00047
scoring_system epss
scoring_elements 0.14428
published_at 2026-04-11T12:55:00Z
8
value 0.00047
scoring_system epss
scoring_elements 0.14478
published_at 2026-04-09T12:55:00Z
9
value 0.00047
scoring_system epss
scoring_elements 0.14423
published_at 2026-04-08T12:55:00Z
10
value 0.00047
scoring_system epss
scoring_elements 0.1434
published_at 2026-04-07T12:55:00Z
11
value 0.00047
scoring_system epss
scoring_elements 0.1453
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-27821
1
reference_url https://github.com/apache/hadoop
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop
2
reference_url https://github.com/apache/hadoop/commit/2b32e46f666c7645f5d1e026be3982b99319ccb8
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commit/2b32e46f666c7645f5d1e026be3982b99319ccb8
3
reference_url https://github.com/apache/hadoop/pull/7481
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/pull/7481
4
reference_url https://issues.apache.org/jira/browse/HDFS-17754
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/HDFS-17754
5
reference_url https://lists.apache.org/thread/kwjhyyx0wl2z9b0mw0styjk0hhdbyplh
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-26T18:13:15Z/
url https://lists.apache.org/thread/kwjhyyx0wl2z9b0mw0styjk0hhdbyplh
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-27821
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-27821
7
reference_url http://www.openwall.com/lists/oss-security/2026/01/23/7
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/01/23/7
8
reference_url https://github.com/advisories/GHSA-92cc-952p-v8rh
reference_id GHSA-92cc-952p-v8rh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-92cc-952p-v8rh
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.4.2
purl pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.4.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.4.2
aliases CVE-2025-27821, GHSA-92cc-952p-v8rh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a7g7-weay-bqa1
1
url VCID-d4z5-7jk1-j3b7
vulnerability_id VCID-d4z5-7jk1-j3b7
summary 
User account escalation in Apache Hadoop
In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33036.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33036.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33036
reference_id
reference_type
scores
0
value 0.02095
scoring_system epss
scoring_elements 0.84102
published_at 2026-04-29T12:55:00Z
1
value 0.02095
scoring_system epss
scoring_elements 0.84098
published_at 2026-04-26T12:55:00Z
2
value 0.02095
scoring_system epss
scoring_elements 0.84092
published_at 2026-04-24T12:55:00Z
3
value 0.02095
scoring_system epss
scoring_elements 0.84066
published_at 2026-04-21T12:55:00Z
4
value 0.02095
scoring_system epss
scoring_elements 0.84065
published_at 2026-04-18T12:55:00Z
5
value 0.02095
scoring_system epss
scoring_elements 0.84063
published_at 2026-04-16T12:55:00Z
6
value 0.02095
scoring_system epss
scoring_elements 0.8404
published_at 2026-04-13T12:55:00Z
7
value 0.02095
scoring_system epss
scoring_elements 0.83972
published_at 2026-04-01T12:55:00Z
8
value 0.02095
scoring_system epss
scoring_elements 0.84051
published_at 2026-04-11T12:55:00Z
9
value 0.02095
scoring_system epss
scoring_elements 0.84034
published_at 2026-04-09T12:55:00Z
10
value 0.02095
scoring_system epss
scoring_elements 0.84028
published_at 2026-04-08T12:55:00Z
11
value 0.02095
scoring_system epss
scoring_elements 0.84005
published_at 2026-04-07T12:55:00Z
12
value 0.02095
scoring_system epss
scoring_elements 0.84002
published_at 2026-04-04T12:55:00Z
13
value 0.02095
scoring_system epss
scoring_elements 0.83987
published_at 2026-04-02T12:55:00Z
14
value 0.02095
scoring_system epss
scoring_elements 0.84044
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33036
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/hadoop
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop
4
reference_url https://github.com/apache/hadoop/commit/227d64ab59e8aa6477769b2542ad0cd7a6d855cb
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commit/227d64ab59e8aa6477769b2542ad0cd7a6d855cb
5
reference_url https://github.com/apache/hadoop/commit/45801fba8b00257ab32c02a7d1a05948ba687a49
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commit/45801fba8b00257ab32c02a7d1a05948ba687a49
6
reference_url https://github.com/apache/hadoop/commit/ba041fe6d34215f075e0a7b2078d7273147e14b7
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commit/ba041fe6d34215f075e0a7b2078d7273147e14b7
7
reference_url https://lists.apache.org/thread/ctr84rmo3xd2tzqcx2b277c8z692vhl5
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/ctr84rmo3xd2tzqcx2b277c8z692vhl5
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33036
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33036
9
reference_url https://security.netapp.com/advisory/ntap-20220722-0003
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220722-0003
10
reference_url https://security.netapp.com/advisory/ntap-20220722-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220722-0003/
11
reference_url http://www.openwall.com/lists/oss-security/2022/06/15/2
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/06/15/2
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2102826
reference_id 2102826
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2102826
13
reference_url https://github.com/advisories/GHSA-58jx-f5rf-qgqf
reference_id GHSA-58jx-f5rf-qgqf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-58jx-f5rf-qgqf
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.2.4
purl pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a7g7-weay-bqa1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.2.4
1
url pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.3.2
purl pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a7g7-weay-bqa1
1
vulnerability VCID-s95m-v2xc-ayen
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.3.2
aliases CVE-2021-33036, GHSA-58jx-f5rf-qgqf
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d4z5-7jk1-j3b7
Fixing_vulnerabilities
0
url VCID-1h2m-ywk8-b7dm
vulnerability_id VCID-1h2m-ywk8-b7dm
summary 
Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2
There is a potential heap buffer overflow in Apache Hadoop libhdfs native code. Opening a file path provided by user without validation may result in a denial of service or arbitrary code execution. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37404.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37404.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-37404
reference_id
reference_type
scores
0
value 0.01071
scoring_system epss
scoring_elements 0.77812
published_at 2026-04-26T12:55:00Z
1
value 0.01071
scoring_system epss
scoring_elements 0.77803
published_at 2026-04-24T12:55:00Z
2
value 0.01071
scoring_system epss
scoring_elements 0.77771
published_at 2026-04-21T12:55:00Z
3
value 0.01071
scoring_system epss
scoring_elements 0.77777
published_at 2026-04-18T12:55:00Z
4
value 0.01071
scoring_system epss
scoring_elements 0.77779
published_at 2026-04-16T12:55:00Z
5
value 0.01071
scoring_system epss
scoring_elements 0.77742
published_at 2026-04-13T12:55:00Z
6
value 0.01071
scoring_system epss
scoring_elements 0.77743
published_at 2026-04-12T12:55:00Z
7
value 0.01071
scoring_system epss
scoring_elements 0.77758
published_at 2026-04-11T12:55:00Z
8
value 0.01071
scoring_system epss
scoring_elements 0.77682
published_at 2026-04-01T12:55:00Z
9
value 0.01071
scoring_system epss
scoring_elements 0.77689
published_at 2026-04-02T12:55:00Z
10
value 0.01071
scoring_system epss
scoring_elements 0.77716
published_at 2026-04-04T12:55:00Z
11
value 0.01071
scoring_system epss
scoring_elements 0.77699
published_at 2026-04-07T12:55:00Z
12
value 0.01071
scoring_system epss
scoring_elements 0.77732
published_at 2026-04-09T12:55:00Z
13
value 0.01071
scoring_system epss
scoring_elements 0.77727
published_at 2026-04-08T12:55:00Z
14
value 0.01455
scoring_system epss
scoring_elements 0.80887
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-37404
2
reference_url https://github.com/apache/hadoop
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop
3
reference_url https://lists.apache.org/thread/2h56ztcj3ojc66qzf1nno88vjw9vd4wo
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/2h56ztcj3ojc66qzf1nno88vjw9vd4wo
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-37404
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-37404
5
reference_url https://security.netapp.com/advisory/ntap-20220715-0007
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220715-0007
6
reference_url https://security.netapp.com/advisory/ntap-20220715-0007/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220715-0007/
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2097421
reference_id 2097421
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2097421
8
reference_url https://github.com/advisories/GHSA-rmpj-7c96-mrg8
reference_id GHSA-rmpj-7c96-mrg8
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rmpj-7c96-mrg8
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@2.10.2
purl pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@2.10.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-s95m-v2xc-ayen
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@2.10.2
1
url pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.2.3
purl pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a7g7-weay-bqa1
1
vulnerability VCID-d4z5-7jk1-j3b7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.2.3
2
url pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.3.2
purl pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a7g7-weay-bqa1
1
vulnerability VCID-s95m-v2xc-ayen
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.3.2
aliases CVE-2021-37404, GHSA-rmpj-7c96-mrg8
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1h2m-ywk8-b7dm
1
url VCID-s95m-v2xc-ayen
vulnerability_id VCID-s95m-v2xc-ayen
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes. As a result, a TAR entry may create a symlink under the expected extraction directory which points to an external directory. A subsequent TAR entry may extract an arbitrary file into the external directory using the symlink name. This however would be caught by the same targetDirPath check on Unix because of the getCanonicalPath call. However on Windows, getCanonicalPath does not resolve symbolic links, which bypasses the check. unpackEntries during TAR extraction follows symbolic links which allows writing outside expected base directory on Windows. This was addressed in Apache Hadoop 3.2.3
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26612.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26612.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-26612
reference_id
reference_type
scores
0
value 0.00189
scoring_system epss
scoring_elements 0.40683
published_at 2026-04-21T12:55:00Z
1
value 0.00189
scoring_system epss
scoring_elements 0.40575
published_at 2026-04-26T12:55:00Z
2
value 0.00189
scoring_system epss
scoring_elements 0.40587
published_at 2026-04-24T12:55:00Z
3
value 0.00189
scoring_system epss
scoring_elements 0.40771
published_at 2026-04-02T12:55:00Z
4
value 0.00189
scoring_system epss
scoring_elements 0.40799
published_at 2026-04-04T12:55:00Z
5
value 0.00189
scoring_system epss
scoring_elements 0.40724
published_at 2026-04-07T12:55:00Z
6
value 0.00189
scoring_system epss
scoring_elements 0.40774
published_at 2026-04-08T12:55:00Z
7
value 0.00189
scoring_system epss
scoring_elements 0.40781
published_at 2026-04-09T12:55:00Z
8
value 0.00189
scoring_system epss
scoring_elements 0.408
published_at 2026-04-11T12:55:00Z
9
value 0.00189
scoring_system epss
scoring_elements 0.40766
published_at 2026-04-12T12:55:00Z
10
value 0.00189
scoring_system epss
scoring_elements 0.40747
published_at 2026-04-13T12:55:00Z
11
value 0.00189
scoring_system epss
scoring_elements 0.40791
published_at 2026-04-16T12:55:00Z
12
value 0.00189
scoring_system epss
scoring_elements 0.40761
published_at 2026-04-18T12:55:00Z
13
value 0.00214
scoring_system epss
scoring_elements 0.43769
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-26612
2
reference_url https://github.com/apache/hadoop
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop
3
reference_url https://github.com/apache/hadoop/commits/rel/release-2.10.2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileUtil.java
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commits/rel/release-2.10.2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileUtil.java
4
reference_url https://github.com/apache/hadoop/commits/rel/release-3.2.3/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileUtil.java
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commits/rel/release-3.2.3/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileUtil.java
5
reference_url https://github.com/apache/hadoop/commits/rel/release-3.3.3/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileUtil.java
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commits/rel/release-3.3.3/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileUtil.java
6
reference_url https://github.com/apache/hadoop/commits/rel/release-3.4.0/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileUtil.java
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commits/rel/release-3.4.0/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileUtil.java
7
reference_url https://issues.apache.org/jira/browse/HADOOP-18317
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/HADOOP-18317
8
reference_url https://lists.apache.org/thread/hslo7wzw2449gv1jyjk8g6ttd7935fyz
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/hslo7wzw2449gv1jyjk8g6ttd7935fyz
9
reference_url https://security.netapp.com/advisory/ntap-20220519-0004
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220519-0004
10
reference_url https://security.netapp.com/advisory/ntap-20220519-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220519-0004/
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2073923
reference_id 2073923
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2073923
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-26612
reference_id CVE-2022-26612
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-26612
13
reference_url https://github.com/advisories/GHSA-gx2c-fvhc-ph4j
reference_id GHSA-gx2c-fvhc-ph4j
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gx2c-fvhc-ph4j
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.2.3
purl pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a7g7-weay-bqa1
1
vulnerability VCID-d4z5-7jk1-j3b7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.2.3
1
url pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.3.3
purl pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a7g7-weay-bqa1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.3.3
aliases CVE-2022-26612, GHSA-gx2c-fvhc-ph4j
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s95m-v2xc-ayen
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-hdfs-native-client@3.2.3