Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.hadoop/hadoop-client@2.0.0-alpha
Typemaven
Namespaceorg.apache.hadoop
Namehadoop-client
Version2.0.0-alpha
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.7.0
Latest_non_vulnerable_version2.7.0
Affected_by_vulnerabilities
0
url VCID-1jer-fvap-a3et
vulnerability_id VCID-1jer-fvap-a3et
summary 
Improper Input Validation
HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3162
reference_id
reference_type
scores
0
value 0.01938
scoring_system epss
scoring_elements 0.83424
published_at 2026-04-11T12:55:00Z
1
value 0.01938
scoring_system epss
scoring_elements 0.83484
published_at 2026-04-29T12:55:00Z
2
value 0.01938
scoring_system epss
scoring_elements 0.83414
published_at 2026-04-13T12:55:00Z
3
value 0.01938
scoring_system epss
scoring_elements 0.8336
published_at 2026-04-02T12:55:00Z
4
value 0.01938
scoring_system epss
scoring_elements 0.83375
published_at 2026-04-07T12:55:00Z
5
value 0.01938
scoring_system epss
scoring_elements 0.83399
published_at 2026-04-08T12:55:00Z
6
value 0.01938
scoring_system epss
scoring_elements 0.83409
published_at 2026-04-09T12:55:00Z
7
value 0.01938
scoring_system epss
scoring_elements 0.83419
published_at 2026-04-12T12:55:00Z
8
value 0.01938
scoring_system epss
scoring_elements 0.83481
published_at 2026-04-26T12:55:00Z
9
value 0.01938
scoring_system epss
scoring_elements 0.83474
published_at 2026-04-24T12:55:00Z
10
value 0.01938
scoring_system epss
scoring_elements 0.83451
published_at 2026-04-21T12:55:00Z
11
value 0.01938
scoring_system epss
scoring_elements 0.83449
published_at 2026-04-16T12:55:00Z
12
value 0.01938
scoring_system epss
scoring_elements 0.83346
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3162
1
reference_url https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b@%3Cuser.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b@%3Cuser.hadoop.apache.org%3E
2
reference_url https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b%40%3Cuser.hadoop.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b%40%3Cuser.hadoop.apache.org%3E
3
reference_url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a@%3Cuser.flink.apache.org%3E
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a@%3Cuser.flink.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a%40%3Cuser.flink.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a%40%3Cuser.flink.apache.org%3E
5
reference_url https://s.apache.org/k2ss
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://s.apache.org/k2ss
6
reference_url http://www.securityfocus.com/bid/98017
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/98017
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-3162
reference_id CVE-2017-3162
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
2
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-3162
9
reference_url https://github.com/advisories/GHSA-pr9x-qmp5-j3rr
reference_id GHSA-pr9x-qmp5-j3rr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pr9x-qmp5-j3rr
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-client@2.7.0
purl pkg:maven/org.apache.hadoop/hadoop-client@2.7.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.7.0
aliases CVE-2017-3162, GHSA-pr9x-qmp5-j3rr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1jer-fvap-a3et
1
url VCID-6x8y-ffja-k3cw
vulnerability_id VCID-6x8y-ffja-k3cw
summary 
Client BlockTokens not checked in Apache Hadoop
DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName, which might allow remote clients to read arbitrary blocks, write to blocks to which they only have read access, and have other unspecified impacts.
references
0
reference_url http://archives.neohapsis.com/archives/bugtraq/2012-07/0049.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://archives.neohapsis.com/archives/bugtraq/2012-07/0049.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3376
reference_id
reference_type
scores
0
value 0.00962
scoring_system epss
scoring_elements 0.76543
published_at 2026-04-18T12:55:00Z
1
value 0.00962
scoring_system epss
scoring_elements 0.76565
published_at 2026-04-24T12:55:00Z
2
value 0.00962
scoring_system epss
scoring_elements 0.7657
published_at 2026-04-26T12:55:00Z
3
value 0.00962
scoring_system epss
scoring_elements 0.76532
published_at 2026-04-21T12:55:00Z
4
value 0.00962
scoring_system epss
scoring_elements 0.7654
published_at 2026-04-16T12:55:00Z
5
value 0.00962
scoring_system epss
scoring_elements 0.76583
published_at 2026-04-29T12:55:00Z
6
value 0.01302
scoring_system epss
scoring_elements 0.79741
published_at 2026-04-12T12:55:00Z
7
value 0.01302
scoring_system epss
scoring_elements 0.79728
published_at 2026-04-08T12:55:00Z
8
value 0.01302
scoring_system epss
scoring_elements 0.79686
published_at 2026-04-01T12:55:00Z
9
value 0.01302
scoring_system epss
scoring_elements 0.79693
published_at 2026-04-02T12:55:00Z
10
value 0.01302
scoring_system epss
scoring_elements 0.79714
published_at 2026-04-04T12:55:00Z
11
value 0.01302
scoring_system epss
scoring_elements 0.797
published_at 2026-04-07T12:55:00Z
12
value 0.01302
scoring_system epss
scoring_elements 0.79735
published_at 2026-04-13T12:55:00Z
13
value 0.01302
scoring_system epss
scoring_elements 0.79757
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3376
2
reference_url https://github.com/apache/hadoop
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3376
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3376
4
reference_url https://seclists.org/fulldisclosure/2012/Jul/78
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/fulldisclosure/2012/Jul/78
5
reference_url https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html
6
reference_url https://github.com/advisories/GHSA-qmh2-h7r6-gm6q
reference_id GHSA-qmh2-h7r6-gm6q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qmh2-h7r6-gm6q
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-client@2.0.1-alpha
purl pkg:maven/org.apache.hadoop/hadoop-client@2.0.1-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-417a-z2w6-s3bq
2
vulnerability VCID-s1ru-ts2c-ubf5
3
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.0.1-alpha
aliases CVE-2012-3376, GHSA-qmh2-h7r6-gm6q
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6x8y-ffja-k3cw
2
url VCID-teju-geqm-j7cy
vulnerability_id VCID-teju-geqm-j7cy
summary 
Cross-site Scripting
The HDFS web UI in Apache Hadoop is vulnerable to a cross-site scripting (XSS) attack through an unescaped query parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3161
reference_id
reference_type
scores
0
value 0.058
scoring_system epss
scoring_elements 0.90484
published_at 2026-04-04T12:55:00Z
1
value 0.058
scoring_system epss
scoring_elements 0.90537
published_at 2026-04-29T12:55:00Z
2
value 0.058
scoring_system epss
scoring_elements 0.9054
published_at 2026-04-26T12:55:00Z
3
value 0.058
scoring_system epss
scoring_elements 0.90508
published_at 2026-04-09T12:55:00Z
4
value 0.058
scoring_system epss
scoring_elements 0.90502
published_at 2026-04-08T12:55:00Z
5
value 0.058
scoring_system epss
scoring_elements 0.90473
published_at 2026-04-02T12:55:00Z
6
value 0.058
scoring_system epss
scoring_elements 0.9049
published_at 2026-04-07T12:55:00Z
7
value 0.058
scoring_system epss
scoring_elements 0.90526
published_at 2026-04-21T12:55:00Z
8
value 0.058
scoring_system epss
scoring_elements 0.90528
published_at 2026-04-18T12:55:00Z
9
value 0.058
scoring_system epss
scoring_elements 0.9051
published_at 2026-04-13T12:55:00Z
10
value 0.058
scoring_system epss
scoring_elements 0.90517
published_at 2026-04-12T12:55:00Z
11
value 0.058
scoring_system epss
scoring_elements 0.90469
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3161
1
reference_url https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b@%3Cuser.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b@%3Cuser.hadoop.apache.org%3E
2
reference_url https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b%40%3Cuser.hadoop.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r127f75748fcabc63bc5a1bec6885753eb9b2bed803b6ed7bd46f965b%40%3Cuser.hadoop.apache.org%3E
3
reference_url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a@%3Cuser.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a@%3Cuser.flink.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a%40%3Cuser.flink.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r66de86b9a608c1da70b2d27d765c11ec88edf6e5dd6f379ab33e072a%40%3Cuser.flink.apache.org%3E
5
reference_url https://s.apache.org/4MQm
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://s.apache.org/4MQm
6
reference_url http://www.securityfocus.com/bid/98025
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/98025
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-3161
reference_id CVE-2017-3161
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-3161
9
reference_url https://github.com/advisories/GHSA-qm7f-r83w-3p46
reference_id GHSA-qm7f-r83w-3p46
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qm7f-r83w-3p46
fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-client@2.7.0
purl pkg:maven/org.apache.hadoop/hadoop-client@2.7.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.7.0
aliases CVE-2017-3161, GHSA-qm7f-r83w-3p46
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-teju-geqm-j7cy
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.0.0-alpha