Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-9wd5-xmya-xug6

Summary

Incorrect Permission Assignment for Critical Resource
In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1, if a file in an encryption zone with access permissions that make it world readable is localized via YARN's localization mechanism, that file will be stored in a world-readable location and can be shared freely with any application that requests to localize that file.

Aliases

alias	CVE-2017-3166

alias	GHSA-99qr-9cc9-fv2x

Fixed_packages

url pkg:maven/org.apache.hadoop/hadoop-main@2.7.3

purl pkg:maven/org.apache.hadoop/hadoop-main@2.7.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-76cj-vggg-9bhe

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.7.3

Affected_packages

url pkg:maven/org.apache.hadoop/hadoop-main@0.23.1

purl pkg:maven/org.apache.hadoop/hadoop-main@0.23.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-qwzh-r4an-rubv

vulnerability	VCID-zjq7-gsc9-y7ep

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@0.23.1

url pkg:maven/org.apache.hadoop/hadoop-main@0.23.3

purl pkg:maven/org.apache.hadoop/hadoop-main@0.23.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-zjq7-gsc9-y7ep

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@0.23.3

url pkg:maven/org.apache.hadoop/hadoop-main@0.23.4

purl pkg:maven/org.apache.hadoop/hadoop-main@0.23.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-zjq7-gsc9-y7ep

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@0.23.4

url pkg:maven/org.apache.hadoop/hadoop-main@0.23.5

purl pkg:maven/org.apache.hadoop/hadoop-main@0.23.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-zjq7-gsc9-y7ep

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@0.23.5

url pkg:maven/org.apache.hadoop/hadoop-main@0.23.6

purl pkg:maven/org.apache.hadoop/hadoop-main@0.23.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-zjq7-gsc9-y7ep

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@0.23.6

url pkg:maven/org.apache.hadoop/hadoop-main@0.23.7

purl pkg:maven/org.apache.hadoop/hadoop-main@0.23.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-zjq7-gsc9-y7ep

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@0.23.7

url pkg:maven/org.apache.hadoop/hadoop-main@0.23.8

purl pkg:maven/org.apache.hadoop/hadoop-main@0.23.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-zjq7-gsc9-y7ep

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@0.23.8

url pkg:maven/org.apache.hadoop/hadoop-main@0.23.9

purl pkg:maven/org.apache.hadoop/hadoop-main@0.23.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-zjq7-gsc9-y7ep

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@0.23.9

url pkg:maven/org.apache.hadoop/hadoop-main@0.23.10

purl pkg:maven/org.apache.hadoop/hadoop-main@0.23.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-zjq7-gsc9-y7ep

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@0.23.10

url pkg:maven/org.apache.hadoop/hadoop-main@0.23.11

purl pkg:maven/org.apache.hadoop/hadoop-main@0.23.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-zjq7-gsc9-y7ep

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@0.23.11

url pkg:maven/org.apache.hadoop/hadoop-main@2.0.0-alpha

purl pkg:maven/org.apache.hadoop/hadoop-main@2.0.0-alpha

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.0.0-alpha

url pkg:maven/org.apache.hadoop/hadoop-main@2.0.1-alpha

purl pkg:maven/org.apache.hadoop/hadoop-main@2.0.1-alpha

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.0.1-alpha

url pkg:maven/org.apache.hadoop/hadoop-main@2.0.2-alpha

purl pkg:maven/org.apache.hadoop/hadoop-main@2.0.2-alpha

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.0.2-alpha

url pkg:maven/org.apache.hadoop/hadoop-main@2.0.3-alpha

purl pkg:maven/org.apache.hadoop/hadoop-main@2.0.3-alpha

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.0.3-alpha

url pkg:maven/org.apache.hadoop/hadoop-main@2.0.4-alpha

purl pkg:maven/org.apache.hadoop/hadoop-main@2.0.4-alpha

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.0.4-alpha

url pkg:maven/org.apache.hadoop/hadoop-main@2.0.5-alpha

purl pkg:maven/org.apache.hadoop/hadoop-main@2.0.5-alpha

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.0.5-alpha

url pkg:maven/org.apache.hadoop/hadoop-main@2.0.6-alpha

purl pkg:maven/org.apache.hadoop/hadoop-main@2.0.6-alpha

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.0.6-alpha

url pkg:maven/org.apache.hadoop/hadoop-main@2.1.0-beta

purl pkg:maven/org.apache.hadoop/hadoop-main@2.1.0-beta

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.1.0-beta

url pkg:maven/org.apache.hadoop/hadoop-main@2.1.1-beta

purl pkg:maven/org.apache.hadoop/hadoop-main@2.1.1-beta

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.1.1-beta

url pkg:maven/org.apache.hadoop/hadoop-main@2.2.0

purl pkg:maven/org.apache.hadoop/hadoop-main@2.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.2.0

url pkg:maven/org.apache.hadoop/hadoop-main@2.3.0

purl pkg:maven/org.apache.hadoop/hadoop-main@2.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.3.0

url pkg:maven/org.apache.hadoop/hadoop-main@2.4.0

purl pkg:maven/org.apache.hadoop/hadoop-main@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.4.0

url pkg:maven/org.apache.hadoop/hadoop-main@2.4.1

purl pkg:maven/org.apache.hadoop/hadoop-main@2.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.4.1

url pkg:maven/org.apache.hadoop/hadoop-main@2.5.0

purl pkg:maven/org.apache.hadoop/hadoop-main@2.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.5.0

url pkg:maven/org.apache.hadoop/hadoop-main@2.5.1

purl pkg:maven/org.apache.hadoop/hadoop-main@2.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.5.1

url pkg:maven/org.apache.hadoop/hadoop-main@2.5.2

purl pkg:maven/org.apache.hadoop/hadoop-main@2.5.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.5.2

url pkg:maven/org.apache.hadoop/hadoop-main@2.6.0

purl pkg:maven/org.apache.hadoop/hadoop-main@2.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.6.0

url pkg:maven/org.apache.hadoop/hadoop-main@2.6.1

purl pkg:maven/org.apache.hadoop/hadoop-main@2.6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.6.1

url pkg:maven/org.apache.hadoop/hadoop-main@2.6.2

purl pkg:maven/org.apache.hadoop/hadoop-main@2.6.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.6.2

url pkg:maven/org.apache.hadoop/hadoop-main@2.6.3

purl pkg:maven/org.apache.hadoop/hadoop-main@2.6.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.6.3

url pkg:maven/org.apache.hadoop/hadoop-main@2.6.4

purl pkg:maven/org.apache.hadoop/hadoop-main@2.6.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.6.4

url pkg:maven/org.apache.hadoop/hadoop-main@2.6.5

purl pkg:maven/org.apache.hadoop/hadoop-main@2.6.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.6.5

url pkg:maven/org.apache.hadoop/hadoop-main@2.7.0

purl pkg:maven/org.apache.hadoop/hadoop-main@2.7.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.7.0

url pkg:maven/org.apache.hadoop/hadoop-main@2.7.1

purl pkg:maven/org.apache.hadoop/hadoop-main@2.7.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.7.1

url pkg:maven/org.apache.hadoop/hadoop-main@2.7.2

purl pkg:maven/org.apache.hadoop/hadoop-main@2.7.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-9wd5-xmya-xug6

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.7.2

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-3166

reference_id

reference_type

scores

value	0.00214
scoring_system	epss
scoring_elements	0.43691
published_at	2026-05-12T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43898
published_at	2026-04-13T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.4396
published_at	2026-04-16T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43951
published_at	2026-04-18T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43883
published_at	2026-04-21T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43834
published_at	2026-04-24T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43837
published_at	2026-04-26T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43757
published_at	2026-05-14T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43631
published_at	2026-05-05T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43706
published_at	2026-05-07T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43724
published_at	2026-05-09T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43661
published_at	2026-05-11T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43879
published_at	2026-04-01T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43923
published_at	2026-04-02T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43946
published_at	2026-04-11T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43875
published_at	2026-04-07T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43926
published_at	2026-04-08T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43928
published_at	2026-04-09T12:55:00Z

value	0.00214
scoring_system	epss
scoring_elements	0.43913
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-3166

reference_url

https://lists.apache.org/thread.html/2e16689b44bdd1976b6368c143a4017fc7159d1f2d02a5d54fe9310f@%3Cgeneral.hadoop.apache.org%3E

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/2e16689b44bdd1976b6368c143a4017fc7159d1f2d02a5d54fe9310f@%3Cgeneral.hadoop.apache.org%3E

reference_url	https://lists.apache.org/thread.html/2e16689b44bdd1976b6368c143a4017fc7159d1f2d02a5d54fe9310f%40%3Cgeneral.hadoop.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/2e16689b44bdd1976b6368c143a4017fc7159d1f2d02a5d54fe9310f%40%3Cgeneral.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E

reference_url	https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.6.1:::::::*
reference_id	cpe:2.3:a:apache:hadoop:2.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.6.2:::::::*
reference_id	cpe:2.3:a:apache:hadoop:2.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.6.3:::::::*
reference_id	cpe:2.3:a:apache:hadoop:2.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.6.4:::::::*
reference_id	cpe:2.3:a:apache:hadoop:2.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.6.5:::::::*
reference_id	cpe:2.3:a:apache:hadoop:2.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.7.0:::::::*
reference_id	cpe:2.3:a:apache:hadoop:2.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.7.1:::::::*
reference_id	cpe:2.3:a:apache:hadoop:2.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.7.2:::::::*
reference_id	cpe:2.3:a:apache:hadoop:2.7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.7.3:::::::*
reference_id	cpe:2.3:a:apache:hadoop:2.7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:3.0.0:alpha1::::::
reference_id	cpe:2.3:a:apache:hadoop:3.0.0:alpha1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:3.0.0:alpha1::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-3166

reference_id

CVE-2017-3166

reference_type

scores

value	4.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-3166

reference_url

https://github.com/advisories/GHSA-99qr-9cc9-fv2x

reference_id

GHSA-99qr-9cc9-fv2x

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-99qr-9cc9-fv2x

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	732
name	Incorrect Permission Assignment for Critical Resource
description	The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

Severity_range_score 4.0 - 7.8

Exploitability 0.5

Weighted_severity 7.0

Risk_score 3.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9wd5-xmya-xug6

Vulnerability Instance