Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-p5ab-z4u4-akcv

Summary Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2.8.4, 2.0.0-alpha to 2.7.6, 0.23.0 to 0.23.11 is exploitable via the zip slip vulnerability in places that accept a zip file.

Aliases

alias	CVE-2018-8009

alias	GHSA-6x48-j4x4-cqw3

Fixed_packages

url pkg:maven/org.apache.hadoop/hadoop-common@2.0.0-alpha

purl pkg:maven/org.apache.hadoop/hadoop-common@2.0.0-alpha

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-67cn-ebsg-zbdd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.0.0-alpha

url pkg:maven/org.apache.hadoop/hadoop-common@2.7.7

purl pkg:maven/org.apache.hadoop/hadoop-common@2.7.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.7.7

url pkg:maven/org.apache.hadoop/hadoop-common@2.8.5

purl pkg:maven/org.apache.hadoop/hadoop-common@2.8.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-a8xd-ukj7-tqbk

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.8.5

url pkg:maven/org.apache.hadoop/hadoop-common@2.9.2

purl pkg:maven/org.apache.hadoop/hadoop-common@2.9.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-a8xd-ukj7-tqbk

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.9.2

url pkg:maven/org.apache.hadoop/hadoop-common@3.1.1

purl pkg:maven/org.apache.hadoop/hadoop-common@3.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-a8xd-ukj7-tqbk

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@3.1.1

url pkg:maven/org.apache.hadoop/hadoop-main@2.7.7

purl pkg:maven/org.apache.hadoop/hadoop-main@2.7.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-jxf7-btpn-xyax

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.7.7

url pkg:maven/org.apache.hadoop/hadoop-main@2.8.5

purl pkg:maven/org.apache.hadoop/hadoop-main@2.8.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14hy-wmsv-fbeh

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-a8xd-ukj7-tqbk

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.8.5

url pkg:maven/org.apache.hadoop/hadoop-main@2.9.2

purl pkg:maven/org.apache.hadoop/hadoop-main@2.9.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14hy-wmsv-fbeh

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-a8xd-ukj7-tqbk

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.9.2

url pkg:maven/org.apache.hadoop/hadoop-main@3.0.3

purl pkg:maven/org.apache.hadoop/hadoop-main@3.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-jxf7-btpn-xyax

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@3.0.3

url pkg:maven/org.apache.hadoop/hadoop-main@3.1.1

purl pkg:maven/org.apache.hadoop/hadoop-main@3.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-jxf7-btpn-xyax

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@3.1.1

Affected_packages

url pkg:maven/org.apache.hadoop/hadoop-common@0.23.0

purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-f7dh-1ngq-5kdz

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.0

url pkg:maven/org.apache.hadoop/hadoop-common@0.23.1

purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-f7dh-1ngq-5kdz

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.1

url pkg:maven/org.apache.hadoop/hadoop-common@0.23.3

purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-f7dh-1ngq-5kdz

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.3

url pkg:maven/org.apache.hadoop/hadoop-common@0.23.4

purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-f7dh-1ngq-5kdz

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.4

url pkg:maven/org.apache.hadoop/hadoop-common@0.23.5

purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-f7dh-1ngq-5kdz

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.5

url pkg:maven/org.apache.hadoop/hadoop-common@0.23.6

purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-f7dh-1ngq-5kdz

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.6

url pkg:maven/org.apache.hadoop/hadoop-common@0.23.7

purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-f7dh-1ngq-5kdz

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.7

url pkg:maven/org.apache.hadoop/hadoop-common@0.23.8

purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-f7dh-1ngq-5kdz

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.8

url pkg:maven/org.apache.hadoop/hadoop-common@0.23.9

purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.9

url pkg:maven/org.apache.hadoop/hadoop-common@0.23.10

purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.10

url pkg:maven/org.apache.hadoop/hadoop-common@0.23.11

purl pkg:maven/org.apache.hadoop/hadoop-common@0.23.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@0.23.11

url pkg:maven/org.apache.hadoop/hadoop-common@2.0.0

purl pkg:maven/org.apache.hadoop/hadoop-common@2.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-f7dh-1ngq-5kdz

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.0.0

url pkg:maven/org.apache.hadoop/hadoop-common@2.0.1-alpha

purl pkg:maven/org.apache.hadoop/hadoop-common@2.0.1-alpha

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-f7dh-1ngq-5kdz

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.0.1-alpha

url pkg:maven/org.apache.hadoop/hadoop-common@2.0.2-alpha

purl pkg:maven/org.apache.hadoop/hadoop-common@2.0.2-alpha

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-f7dh-1ngq-5kdz

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.0.2-alpha

url pkg:maven/org.apache.hadoop/hadoop-common@2.0.3-alpha

purl pkg:maven/org.apache.hadoop/hadoop-common@2.0.3-alpha

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-f7dh-1ngq-5kdz

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.0.3-alpha

url pkg:maven/org.apache.hadoop/hadoop-common@2.0.4-alpha

purl pkg:maven/org.apache.hadoop/hadoop-common@2.0.4-alpha

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-f7dh-1ngq-5kdz

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.0.4-alpha

url pkg:maven/org.apache.hadoop/hadoop-common@2.0.5-alpha

purl pkg:maven/org.apache.hadoop/hadoop-common@2.0.5-alpha

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-f7dh-1ngq-5kdz

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.0.5-alpha

url pkg:maven/org.apache.hadoop/hadoop-common@2.0.6-alpha

purl pkg:maven/org.apache.hadoop/hadoop-common@2.0.6-alpha

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.0.6-alpha

url pkg:maven/org.apache.hadoop/hadoop-common@2.1.0-beta

purl pkg:maven/org.apache.hadoop/hadoop-common@2.1.0-beta

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.1.0-beta

url pkg:maven/org.apache.hadoop/hadoop-common@2.1.1-beta

purl pkg:maven/org.apache.hadoop/hadoop-common@2.1.1-beta

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.1.1-beta

url pkg:maven/org.apache.hadoop/hadoop-common@2.2.0

purl pkg:maven/org.apache.hadoop/hadoop-common@2.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.2.0

url pkg:maven/org.apache.hadoop/hadoop-common@2.3.0

purl pkg:maven/org.apache.hadoop/hadoop-common@2.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.3.0

url pkg:maven/org.apache.hadoop/hadoop-common@2.4.0

purl pkg:maven/org.apache.hadoop/hadoop-common@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-179c-6pqr-dyb4

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.4.0

url pkg:maven/org.apache.hadoop/hadoop-common@2.4.1

purl pkg:maven/org.apache.hadoop/hadoop-common@2.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.4.1

url pkg:maven/org.apache.hadoop/hadoop-common@2.5.0

purl pkg:maven/org.apache.hadoop/hadoop-common@2.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.5.0

url pkg:maven/org.apache.hadoop/hadoop-common@2.5.1

purl pkg:maven/org.apache.hadoop/hadoop-common@2.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.5.1

url pkg:maven/org.apache.hadoop/hadoop-common@2.5.2

purl pkg:maven/org.apache.hadoop/hadoop-common@2.5.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.5.2

url pkg:maven/org.apache.hadoop/hadoop-common@2.6.0

purl pkg:maven/org.apache.hadoop/hadoop-common@2.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-5k2f-qcuj-7yex

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-6ue7-puv7-wbcb

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.6.0

url pkg:maven/org.apache.hadoop/hadoop-common@2.6.1

purl pkg:maven/org.apache.hadoop/hadoop-common@2.6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-5k2f-qcuj-7yex

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-6ue7-puv7-wbcb

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.6.1

url pkg:maven/org.apache.hadoop/hadoop-common@2.6.2

purl pkg:maven/org.apache.hadoop/hadoop-common@2.6.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-5k2f-qcuj-7yex

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-6ue7-puv7-wbcb

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.6.2

url pkg:maven/org.apache.hadoop/hadoop-common@2.6.3

purl pkg:maven/org.apache.hadoop/hadoop-common@2.6.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-5k2f-qcuj-7yex

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-6ue7-puv7-wbcb

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.6.3

url pkg:maven/org.apache.hadoop/hadoop-common@2.6.4

purl pkg:maven/org.apache.hadoop/hadoop-common@2.6.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5k2f-qcuj-7yex

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-6ue7-puv7-wbcb

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.6.4

url pkg:maven/org.apache.hadoop/hadoop-common@2.6.5

purl pkg:maven/org.apache.hadoop/hadoop-common@2.6.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.6.5

url pkg:maven/org.apache.hadoop/hadoop-common@2.7.0

purl pkg:maven/org.apache.hadoop/hadoop-common@2.7.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-5k2f-qcuj-7yex

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.7.0

url pkg:maven/org.apache.hadoop/hadoop-common@2.7.1

purl pkg:maven/org.apache.hadoop/hadoop-common@2.7.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5a9g-vebh-67cq

vulnerability	VCID-5k2f-qcuj-7yex

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.7.1

url pkg:maven/org.apache.hadoop/hadoop-common@2.7.2

purl pkg:maven/org.apache.hadoop/hadoop-common@2.7.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-5k2f-qcuj-7yex

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.7.2

url pkg:maven/org.apache.hadoop/hadoop-common@2.7.3

purl pkg:maven/org.apache.hadoop/hadoop-common@2.7.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-67cn-ebsg-zbdd

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.7.3

url pkg:maven/org.apache.hadoop/hadoop-common@2.7.4

purl pkg:maven/org.apache.hadoop/hadoop-common@2.7.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.7.4

url pkg:maven/org.apache.hadoop/hadoop-common@2.7.5

purl pkg:maven/org.apache.hadoop/hadoop-common@2.7.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.7.5

url pkg:maven/org.apache.hadoop/hadoop-common@2.7.6

purl pkg:maven/org.apache.hadoop/hadoop-common@2.7.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.7.6

url pkg:maven/org.apache.hadoop/hadoop-common@2.8.0

purl pkg:maven/org.apache.hadoop/hadoop-common@2.8.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-ncuc-8grw-ubep

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.8.0

url pkg:maven/org.apache.hadoop/hadoop-common@2.8.1

purl pkg:maven/org.apache.hadoop/hadoop-common@2.8.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.8.1

url pkg:maven/org.apache.hadoop/hadoop-common@2.8.2

purl pkg:maven/org.apache.hadoop/hadoop-common@2.8.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.8.2

url pkg:maven/org.apache.hadoop/hadoop-common@2.8.3

purl pkg:maven/org.apache.hadoop/hadoop-common@2.8.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.8.3

url pkg:maven/org.apache.hadoop/hadoop-common@2.8.4

purl pkg:maven/org.apache.hadoop/hadoop-common@2.8.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.8.4

url pkg:maven/org.apache.hadoop/hadoop-common@2.9.0

purl pkg:maven/org.apache.hadoop/hadoop-common@2.9.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.9.0

url pkg:maven/org.apache.hadoop/hadoop-common@2.9.1

purl pkg:maven/org.apache.hadoop/hadoop-common@2.9.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@2.9.1

url pkg:maven/org.apache.hadoop/hadoop-common@3.0.0

purl pkg:maven/org.apache.hadoop/hadoop-common@3.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-ncuc-8grw-ubep

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@3.0.0

url pkg:maven/org.apache.hadoop/hadoop-common@3.0.1

purl pkg:maven/org.apache.hadoop/hadoop-common@3.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@3.0.1

url pkg:maven/org.apache.hadoop/hadoop-common@3.0.2

purl pkg:maven/org.apache.hadoop/hadoop-common@3.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@3.0.2

url pkg:maven/org.apache.hadoop/hadoop-common@3.0.3

purl pkg:maven/org.apache.hadoop/hadoop-common@3.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@3.0.3

url pkg:maven/org.apache.hadoop/hadoop-common@3.1.0

purl pkg:maven/org.apache.hadoop/hadoop-common@3.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1h2m-ywk8-b7dm

vulnerability	VCID-3fz1-e6n6-rfh6

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-common@3.1.0

url pkg:maven/org.apache.hadoop/hadoop-main@2.8.0

purl pkg:maven/org.apache.hadoop/hadoop-main@2.8.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14hy-wmsv-fbeh

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-kt1w-97bw-r7bp

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.8.0

url pkg:maven/org.apache.hadoop/hadoop-main@2.9.0

purl pkg:maven/org.apache.hadoop/hadoop-main@2.9.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14hy-wmsv-fbeh

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-hbtn-6f44-4fa2

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@2.9.0

url pkg:maven/org.apache.hadoop/hadoop-main@3.0.0

purl pkg:maven/org.apache.hadoop/hadoop-main@3.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14hy-wmsv-fbeh

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-j858-d38m-vfhc

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-p5ab-z4u4-akcv

vulnerability	VCID-r1cq-j3tq-p3cz

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@3.0.0

url pkg:maven/org.apache.hadoop/hadoop-main@3.1.0

purl pkg:maven/org.apache.hadoop/hadoop-main@3.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1xbr-pekw-ukcn

vulnerability	VCID-6fnh-mjwd-9qee

vulnerability	VCID-a8xd-ukj7-tqbk

vulnerability	VCID-jxf7-btpn-xyax

vulnerability	VCID-p5ab-z4u4-akcv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-main@3.1.0

References

reference_url

https://access.redhat.com/errata/RHSA-2019:3892

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:3892

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8009.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8009.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-8009

reference_id

reference_type

scores

value	0.05894
scoring_system	epss
scoring_elements	0.90656
published_at	2026-05-11T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90658
published_at	2026-05-09T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90645
published_at	2026-05-07T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90626
published_at	2026-05-05T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90613
published_at	2026-04-29T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90617
published_at	2026-04-26T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90616
published_at	2026-04-24T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90601
published_at	2026-04-21T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90604
published_at	2026-04-18T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90589
published_at	2026-04-13T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90595
published_at	2026-04-12T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90585
published_at	2026-04-09T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90579
published_at	2026-04-08T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90607
published_at	2026-04-16T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90679
published_at	2026-05-14T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90665
published_at	2026-05-12T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90567
published_at	2026-04-07T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90559
published_at	2026-04-04T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90548
published_at	2026-04-02T12:55:00Z

value	0.05894
scoring_system	epss
scoring_elements	0.90544
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-8009

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/hadoop

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/hadoop

reference_url	https://github.com/apache/hadoop/commit/11a425d11a329010d0ff8255ecbcd1eb51b642e
reference_id
reference_type
scores
url	https://github.com/apache/hadoop/commit/11a425d11a329010d0ff8255ecbcd1eb51b642e

reference_url

https://github.com/apache/hadoop/commit/12258c7cff8d32710fbd8b9088a930e3ce27432

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/hadoop/commit/12258c7cff8d32710fbd8b9088a930e3ce27432

reference_url	https://github.com/apache/hadoop/commit/1373e3d8ad60e4da721a292912cb69243bfdf47
reference_id
reference_type
scores
url	https://github.com/apache/hadoop/commit/1373e3d8ad60e4da721a292912cb69243bfdf47

reference_url

https://github.com/apache/hadoop/commit/45a1c680c276c4501402f7bc4cebcf85a6fbc7f

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/hadoop/commit/45a1c680c276c4501402f7bc4cebcf85a6fbc7f

reference_url

https://github.com/apache/hadoop/commit/65e55097da2bb3f2fbdf9ba1946da25fe58bec9

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/hadoop/commit/65e55097da2bb3f2fbdf9ba1946da25fe58bec9

reference_url

https://github.com/apache/hadoop/commit/6a4ae6f6eeed1392a4828a5721fa1499f65bdde

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/hadoop/commit/6a4ae6f6eeed1392a4828a5721fa1499f65bdde

reference_url	https://github.com/apache/hadoop/commit/6d7d192e4799b51931e55217e02baec14d49607
reference_id
reference_type
scores
url	https://github.com/apache/hadoop/commit/6d7d192e4799b51931e55217e02baec14d49607

reference_url	https://github.com/apache/hadoop/commit/745f203e577bacb35b042206db94615141fa5e6
reference_id
reference_type
scores
url	https://github.com/apache/hadoop/commit/745f203e577bacb35b042206db94615141fa5e6

reference_url	https://github.com/apache/hadoop/commit/bd98d4e77cf9f7b2f4b1afb4d5e5bad0f6b2fde
reference_id
reference_type
scores
url	https://github.com/apache/hadoop/commit/bd98d4e77cf9f7b2f4b1afb4d5e5bad0f6b2fde

reference_url	https://github.com/apache/hadoop/commit/cedc28d4ab2a27ba47e15ab2711218d96ec88d2
reference_id
reference_type
scores
url	https://github.com/apache/hadoop/commit/cedc28d4ab2a27ba47e15ab2711218d96ec88d2

reference_url	https://github.com/apache/hadoop/commit/e3236a9680709de7a95ffbc11b20e1bdc95a860
reference_id
reference_type
scores
url	https://github.com/apache/hadoop/commit/e3236a9680709de7a95ffbc11b20e1bdc95a860

reference_url	https://github.com/apache/hadoop/commit/eaa2b8035b584dfcf7c79a33484eb2dffd3fdb1
reference_id
reference_type
scores
url	https://github.com/apache/hadoop/commit/eaa2b8035b584dfcf7c79a33484eb2dffd3fdb1

reference_url

https://github.com/apache/hadoop/commit/fc4c20fc3469674cb584a4fb98bac7e3c2277c9

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/hadoop/commit/fc4c20fc3469674cb584a4fb98bac7e3c2277c9

reference_url

https://hadoop.apache.org/cve_list.html#cve-2018-8009-http-cve-mitre-org-cgi-bin-cvename-cgi-name-cve-2018-8009-zip-slip-impact-on-apache-hadoop

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://hadoop.apache.org/cve_list.html#cve-2018-8009-http-cve-mitre-org-cgi-bin-cvename-cgi-name-cve-2018-8009-zip-slip-impact-on-apache-hadoop

reference_url

https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a1c227745ce30acbcf388c5b0cc8423e8bf495d619cd0fa973f7f38d@%3Cuser.hadoop.apache.org%3E

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a1c227745ce30acbcf388c5b0cc8423e8bf495d619cd0fa973f7f38d@%3Cuser.hadoop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r4dddf1705dbedfa94392913b2dad1cd2d1d89040facd389eea0b3510@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r4dddf1705dbedfa94392913b2dad1cd2d1d89040facd389eea0b3510@%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb21df54a4e39732ce653d2aa5672e36a792b59eb6717f2a06bb8d02a@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb21df54a4e39732ce653d2aa5672e36a792b59eb6717f2a06bb8d02a@%3Ccommits.druid.apache.org%3E

reference_url

https://snyk.io/research/zip-slip-vulnerability

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://snyk.io/research/zip-slip-vulnerability

reference_url

http://www.securityfocus.com/bid/105927

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/105927

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1593018
reference_id	1593018
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1593018

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-8009

reference_id

CVE-2018-8009

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-8009

reference_url

https://github.com/advisories/GHSA-6x48-j4x4-cqw3

reference_id

GHSA-6x48-j4x4-cqw3

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-6x48-j4x4-cqw3

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	22
name	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
description	The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Exploits

Severity_range_score 6.3 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p5ab-z4u4-akcv

Vulnerability Instance