Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.hadoop/hadoop-common@3.3.3
Typemaven
Namespaceorg.apache.hadoop
Namehadoop-common
Version3.3.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.4.0
Latest_non_vulnerable_version3.4.0
Affected_by_vulnerabilities
0
url VCID-3fz1-e6n6-rfh6
vulnerability_id VCID-3fz1-e6n6-rfh6
summary 
Apache Hadoop: Temporary File Local Information Disclosure
Apache Hadoop’s `RunJar.run()` does not set permissions for temporary directory by default. If sensitive data will be present in this file, all the other local users may be able to view the content. This is because, on unix-like systems, the system temporary directory is shared between all local users. As such, files written in this directory, without setting the correct posix permissions explicitly, may be viewable by all other local users.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-23454
reference_id
reference_type
scores
0
value 0.00104
scoring_system epss
scoring_elements 0.28393
published_at 2026-04-09T12:55:00Z
1
value 0.00104
scoring_system epss
scoring_elements 0.27953
published_at 2026-04-29T12:55:00Z
2
value 0.00104
scoring_system epss
scoring_elements 0.28031
published_at 2026-04-26T12:55:00Z
3
value 0.00104
scoring_system epss
scoring_elements 0.28144
published_at 2026-04-24T12:55:00Z
4
value 0.00104
scoring_system epss
scoring_elements 0.28239
published_at 2026-04-21T12:55:00Z
5
value 0.00104
scoring_system epss
scoring_elements 0.28285
published_at 2026-04-18T12:55:00Z
6
value 0.00104
scoring_system epss
scoring_elements 0.28306
published_at 2026-04-16T12:55:00Z
7
value 0.00104
scoring_system epss
scoring_elements 0.28295
published_at 2026-04-13T12:55:00Z
8
value 0.00104
scoring_system epss
scoring_elements 0.28353
published_at 2026-04-12T12:55:00Z
9
value 0.00104
scoring_system epss
scoring_elements 0.2845
published_at 2026-04-02T12:55:00Z
10
value 0.00104
scoring_system epss
scoring_elements 0.28493
published_at 2026-04-04T12:55:00Z
11
value 0.00104
scoring_system epss
scoring_elements 0.28284
published_at 2026-04-07T12:55:00Z
12
value 0.00104
scoring_system epss
scoring_elements 0.2835
published_at 2026-04-08T12:55:00Z
13
value 0.00104
scoring_system epss
scoring_elements 0.28396
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-23454
1
reference_url https://github.com/apache/hadoop
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop
2
reference_url https://github.com/apache/hadoop/commit/8c2836402fbb2f619f1fef4ef625a8542e853a64
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commit/8c2836402fbb2f619f1fef4ef625a8542e853a64
3
reference_url https://issues.apache.org/jira/browse/HADOOP-19031
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T15:19:22Z/
url https://issues.apache.org/jira/browse/HADOOP-19031
4
reference_url https://lists.apache.org/thread/xlo7q8kn4tsjvx059r789oz19hzgfkfs
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T15:19:22Z/
url https://lists.apache.org/thread/xlo7q8kn4tsjvx059r789oz19hzgfkfs
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-23454
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-23454
6
reference_url https://security.netapp.com/advisory/ntap-20241101-0002
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20241101-0002
7
reference_url http://www.openwall.com/lists/oss-security/2024/09/25/1
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 2.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/09/25/1
8
reference_url https://github.com/advisories/GHSA-f5fw-25gw-5m92
reference_id GHSA-f5fw-25gw-5m92
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f5fw-25gw-5m92
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-common@3.4.0
purl pkg:maven/org.apache.hadoop/hadoop-common@3.4.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@3.4.0
aliases CVE-2024-23454, GHSA-f5fw-25gw-5m92
risk_score 2.8
exploitability 0.5
weighted_severity 5.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3fz1-e6n6-rfh6
Fixing_vulnerabilities
0
url VCID-a8xd-ukj7-tqbk
vulnerability_id VCID-a8xd-ukj7-tqbk
summary 
Apache Hadoop argument injection vulnerability
Apache Hadoop's `FileUtil.unTar(File, File)` API does not escape the input file name before being passed to the shell. An attacker can inject arbitrary commands. This is only used in Hadoop 3.3 InMemoryAliasMap.completeBootstrapTransfer, which is only ever run by a local user. It has been used in Hadoop 2.x for yarn localization, which does enable remote code execution. It is used in Apache Spark, from the SQL command ADD ARCHIVE. As the ADD ARCHIVE command adds new binaries to the classpath, being able to execute shell scripts does not confer new permissions to the caller. SPARK-38305. "Check existence of file before untarring/zipping", which is included in 3.3.0, 3.1.4, 3.2.2, prevents shell commands being executed, regardless of which version of the hadoop libraries are in use. Users should upgrade to Apache Hadoop 2.10.2, 3.2.4, 3.3.3 or upper (including HADOOP-18136).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25168.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25168.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25168
reference_id
reference_type
scores
0
value 0.03008
scoring_system epss
scoring_elements 0.86623
published_at 2026-04-29T12:55:00Z
1
value 0.03008
scoring_system epss
scoring_elements 0.86553
published_at 2026-04-07T12:55:00Z
2
value 0.03008
scoring_system epss
scoring_elements 0.86572
published_at 2026-04-08T12:55:00Z
3
value 0.03008
scoring_system epss
scoring_elements 0.86582
published_at 2026-04-09T12:55:00Z
4
value 0.03008
scoring_system epss
scoring_elements 0.86597
published_at 2026-04-11T12:55:00Z
5
value 0.03008
scoring_system epss
scoring_elements 0.86594
published_at 2026-04-12T12:55:00Z
6
value 0.03008
scoring_system epss
scoring_elements 0.86586
published_at 2026-04-13T12:55:00Z
7
value 0.03008
scoring_system epss
scoring_elements 0.86601
published_at 2026-04-16T12:55:00Z
8
value 0.03008
scoring_system epss
scoring_elements 0.86606
published_at 2026-04-18T12:55:00Z
9
value 0.03008
scoring_system epss
scoring_elements 0.86598
published_at 2026-04-21T12:55:00Z
10
value 0.03008
scoring_system epss
scoring_elements 0.86616
published_at 2026-04-24T12:55:00Z
11
value 0.03008
scoring_system epss
scoring_elements 0.86625
published_at 2026-04-26T12:55:00Z
12
value 0.03008
scoring_system epss
scoring_elements 0.86535
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25168
2
reference_url https://github.com/apache/hadoop
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop
3
reference_url https://github.com/apache/hadoop/commit/cae749b076f35f0be13a926ee8cfbb7ce4402746
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commit/cae749b076f35f0be13a926ee8cfbb7ce4402746
4
reference_url https://lists.apache.org/thread/mxqnb39jfrwgs3j6phwvlrfq4mlox130
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/mxqnb39jfrwgs3j6phwvlrfq4mlox130
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25168
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-25168
6
reference_url https://security.netapp.com/advisory/ntap-20220915-0007
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220915-0007
7
reference_url https://security.netapp.com/advisory/ntap-20220915-0007/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220915-0007/
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2119084
reference_id 2119084
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2119084
9
reference_url https://github.com/advisories/GHSA-8wm5-8h9c-47pc
reference_id GHSA-8wm5-8h9c-47pc
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8wm5-8h9c-47pc
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-common@2.10.2
purl pkg:maven/org.apache.hadoop/hadoop-common@2.10.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fz1-e6n6-rfh6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.10.2
1
url pkg:maven/org.apache.hadoop/hadoop-common@3.2.4
purl pkg:maven/org.apache.hadoop/hadoop-common@3.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fz1-e6n6-rfh6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@3.2.4
2
url pkg:maven/org.apache.hadoop/hadoop-common@3.3.3
purl pkg:maven/org.apache.hadoop/hadoop-common@3.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fz1-e6n6-rfh6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@3.3.3
aliases CVE-2022-25168, GHSA-8wm5-8h9c-47pc
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a8xd-ukj7-tqbk
1
url VCID-s95m-v2xc-ayen
vulnerability_id VCID-s95m-v2xc-ayen
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes. As a result, a TAR entry may create a symlink under the expected extraction directory which points to an external directory. A subsequent TAR entry may extract an arbitrary file into the external directory using the symlink name. This however would be caught by the same targetDirPath check on Unix because of the getCanonicalPath call. However on Windows, getCanonicalPath does not resolve symbolic links, which bypasses the check. unpackEntries during TAR extraction follows symbolic links which allows writing outside expected base directory on Windows. This was addressed in Apache Hadoop 3.2.3
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26612.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26612.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-26612
reference_id
reference_type
scores
0
value 0.00189
scoring_system epss
scoring_elements 0.40683
published_at 2026-04-21T12:55:00Z
1
value 0.00189
scoring_system epss
scoring_elements 0.40575
published_at 2026-04-26T12:55:00Z
2
value 0.00189
scoring_system epss
scoring_elements 0.40587
published_at 2026-04-24T12:55:00Z
3
value 0.00189
scoring_system epss
scoring_elements 0.40771
published_at 2026-04-02T12:55:00Z
4
value 0.00189
scoring_system epss
scoring_elements 0.40799
published_at 2026-04-04T12:55:00Z
5
value 0.00189
scoring_system epss
scoring_elements 0.40724
published_at 2026-04-07T12:55:00Z
6
value 0.00189
scoring_system epss
scoring_elements 0.40774
published_at 2026-04-08T12:55:00Z
7
value 0.00189
scoring_system epss
scoring_elements 0.40781
published_at 2026-04-09T12:55:00Z
8
value 0.00189
scoring_system epss
scoring_elements 0.408
published_at 2026-04-11T12:55:00Z
9
value 0.00189
scoring_system epss
scoring_elements 0.40766
published_at 2026-04-12T12:55:00Z
10
value 0.00189
scoring_system epss
scoring_elements 0.40747
published_at 2026-04-13T12:55:00Z
11
value 0.00189
scoring_system epss
scoring_elements 0.40791
published_at 2026-04-16T12:55:00Z
12
value 0.00189
scoring_system epss
scoring_elements 0.40761
published_at 2026-04-18T12:55:00Z
13
value 0.00214
scoring_system epss
scoring_elements 0.43769
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-26612
2
reference_url https://github.com/apache/hadoop
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop
3
reference_url https://github.com/apache/hadoop/commits/rel/release-2.10.2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileUtil.java
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commits/rel/release-2.10.2/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileUtil.java
4
reference_url https://github.com/apache/hadoop/commits/rel/release-3.2.3/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileUtil.java
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commits/rel/release-3.2.3/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileUtil.java
5
reference_url https://github.com/apache/hadoop/commits/rel/release-3.3.3/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileUtil.java
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commits/rel/release-3.3.3/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileUtil.java
6
reference_url https://github.com/apache/hadoop/commits/rel/release-3.4.0/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileUtil.java
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop/commits/rel/release-3.4.0/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileUtil.java
7
reference_url https://issues.apache.org/jira/browse/HADOOP-18317
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/HADOOP-18317
8
reference_url https://lists.apache.org/thread/hslo7wzw2449gv1jyjk8g6ttd7935fyz
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/hslo7wzw2449gv1jyjk8g6ttd7935fyz
9
reference_url https://security.netapp.com/advisory/ntap-20220519-0004
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220519-0004
10
reference_url https://security.netapp.com/advisory/ntap-20220519-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220519-0004/
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2073923
reference_id 2073923
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2073923
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-26612
reference_id CVE-2022-26612
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-26612
13
reference_url https://github.com/advisories/GHSA-gx2c-fvhc-ph4j
reference_id GHSA-gx2c-fvhc-ph4j
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gx2c-fvhc-ph4j
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-common@2.10.2
purl pkg:maven/org.apache.hadoop/hadoop-common@2.10.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fz1-e6n6-rfh6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.10.2
1
url pkg:maven/org.apache.hadoop/hadoop-common@3.2.3
purl pkg:maven/org.apache.hadoop/hadoop-common@3.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fz1-e6n6-rfh6
1
vulnerability VCID-a8xd-ukj7-tqbk
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@3.2.3
2
url pkg:maven/org.apache.hadoop/hadoop-common@3.3.3
purl pkg:maven/org.apache.hadoop/hadoop-common@3.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3fz1-e6n6-rfh6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@3.3.3
aliases CVE-2022-26612, GHSA-gx2c-fvhc-ph4j
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s95m-v2xc-ayen
Risk_score2.8
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@3.3.3