Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-s1ru-ts2c-ubf5
Summary
Improper Link Resolution Before File Access in Apache Hadoop
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
Aliases
0
alias CVE-2014-3627
1
alias GHSA-jpmf-8cj2-595g
Fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-client@1.0.1
purl pkg:maven/org.apache.hadoop/hadoop-client@1.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-417a-z2w6-s3bq
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@1.0.1
1
url pkg:maven/org.apache.hadoop/hadoop-client@2.5.2
purl pkg:maven/org.apache.hadoop/hadoop-client@2.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.5.2
Affected_packages
0
url pkg:maven/org.apache.hadoop/hadoop-client@0.23.0
purl pkg:maven/org.apache.hadoop/hadoop-client@0.23.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-s1ru-ts2c-ubf5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@0.23.0
1
url pkg:maven/org.apache.hadoop/hadoop-client@0.23.1
purl pkg:maven/org.apache.hadoop/hadoop-client@0.23.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-417a-z2w6-s3bq
2
vulnerability VCID-s1ru-ts2c-ubf5
3
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@0.23.1
2
url pkg:maven/org.apache.hadoop/hadoop-client@0.23.3
purl pkg:maven/org.apache.hadoop/hadoop-client@0.23.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-417a-z2w6-s3bq
2
vulnerability VCID-s1ru-ts2c-ubf5
3
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@0.23.3
3
url pkg:maven/org.apache.hadoop/hadoop-client@0.23.4
purl pkg:maven/org.apache.hadoop/hadoop-client@0.23.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@0.23.4
4
url pkg:maven/org.apache.hadoop/hadoop-client@0.23.5
purl pkg:maven/org.apache.hadoop/hadoop-client@0.23.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@0.23.5
5
url pkg:maven/org.apache.hadoop/hadoop-client@0.23.6
purl pkg:maven/org.apache.hadoop/hadoop-client@0.23.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@0.23.6
6
url pkg:maven/org.apache.hadoop/hadoop-client@0.23.7
purl pkg:maven/org.apache.hadoop/hadoop-client@0.23.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@0.23.7
7
url pkg:maven/org.apache.hadoop/hadoop-client@0.23.8
purl pkg:maven/org.apache.hadoop/hadoop-client@0.23.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@0.23.8
8
url pkg:maven/org.apache.hadoop/hadoop-client@0.23.9
purl pkg:maven/org.apache.hadoop/hadoop-client@0.23.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@0.23.9
9
url pkg:maven/org.apache.hadoop/hadoop-client@0.23.10
purl pkg:maven/org.apache.hadoop/hadoop-client@0.23.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@0.23.10
10
url pkg:maven/org.apache.hadoop/hadoop-client@0.23.11
purl pkg:maven/org.apache.hadoop/hadoop-client@0.23.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@0.23.11
11
url pkg:maven/org.apache.hadoop/hadoop-client@2.0.0
purl pkg:maven/org.apache.hadoop/hadoop-client@2.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-417a-z2w6-s3bq
1
vulnerability VCID-s1ru-ts2c-ubf5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.0.0
12
url pkg:maven/org.apache.hadoop/hadoop-client@2.0.1-alpha
purl pkg:maven/org.apache.hadoop/hadoop-client@2.0.1-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-417a-z2w6-s3bq
2
vulnerability VCID-s1ru-ts2c-ubf5
3
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.0.1-alpha
13
url pkg:maven/org.apache.hadoop/hadoop-client@2.0.2-alpha
purl pkg:maven/org.apache.hadoop/hadoop-client@2.0.2-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-417a-z2w6-s3bq
2
vulnerability VCID-s1ru-ts2c-ubf5
3
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.0.2-alpha
14
url pkg:maven/org.apache.hadoop/hadoop-client@2.0.3-alpha
purl pkg:maven/org.apache.hadoop/hadoop-client@2.0.3-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.0.3-alpha
15
url pkg:maven/org.apache.hadoop/hadoop-client@2.0.4-alpha
purl pkg:maven/org.apache.hadoop/hadoop-client@2.0.4-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.0.4-alpha
16
url pkg:maven/org.apache.hadoop/hadoop-client@2.0.5-alpha
purl pkg:maven/org.apache.hadoop/hadoop-client@2.0.5-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.0.5-alpha
17
url pkg:maven/org.apache.hadoop/hadoop-client@2.0.6-alpha
purl pkg:maven/org.apache.hadoop/hadoop-client@2.0.6-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.0.6-alpha
18
url pkg:maven/org.apache.hadoop/hadoop-client@2.1.0-beta
purl pkg:maven/org.apache.hadoop/hadoop-client@2.1.0-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.1.0-beta
19
url pkg:maven/org.apache.hadoop/hadoop-client@2.1.1-beta
purl pkg:maven/org.apache.hadoop/hadoop-client@2.1.1-beta
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.1.1-beta
20
url pkg:maven/org.apache.hadoop/hadoop-client@2.2.0
purl pkg:maven/org.apache.hadoop/hadoop-client@2.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.2.0
21
url pkg:maven/org.apache.hadoop/hadoop-client@2.3.0
purl pkg:maven/org.apache.hadoop/hadoop-client@2.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.3.0
22
url pkg:maven/org.apache.hadoop/hadoop-client@2.4.0
purl pkg:maven/org.apache.hadoop/hadoop-client@2.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.4.0
23
url pkg:maven/org.apache.hadoop/hadoop-client@2.4.1
purl pkg:maven/org.apache.hadoop/hadoop-client@2.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.4.1
24
url pkg:maven/org.apache.hadoop/hadoop-client@2.5.0
purl pkg:maven/org.apache.hadoop/hadoop-client@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.5.0
25
url pkg:maven/org.apache.hadoop/hadoop-client@2.5.1
purl pkg:maven/org.apache.hadoop/hadoop-client@2.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-s1ru-ts2c-ubf5
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.5.1
References
0
reference_url http://mail-archives.apache.org/mod_mbox/hadoop-general/201411.mbox/%3CCALwhT97dOi04aC3VbekaB+zn2UAS_OZV2EAiP78GmjnMzfp2Ug%40mail.gmail.com%3E
reference_id
reference_type
scores
url http://mail-archives.apache.org/mod_mbox/hadoop-general/201411.mbox/%3CCALwhT97dOi04aC3VbekaB+zn2UAS_OZV2EAiP78GmjnMzfp2Ug%40mail.gmail.com%3E
1
reference_url http://mail-archives.apache.org/mod_mbox/hadoop-general/201411.mbox/%3CCALwhT97dOi04aC3VbekaB+zn2UAS_OZV2EAiP78GmjnMzfp2Ug@mail.gmail.com%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://mail-archives.apache.org/mod_mbox/hadoop-general/201411.mbox/%3CCALwhT97dOi04aC3VbekaB+zn2UAS_OZV2EAiP78GmjnMzfp2Ug@mail.gmail.com%3E
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3627.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3627.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3627
reference_id
reference_type
scores
0
value 0.01616
scoring_system epss
scoring_elements 0.81732
published_at 2026-04-01T12:55:00Z
1
value 0.01616
scoring_system epss
scoring_elements 0.82005
published_at 2026-05-15T12:55:00Z
2
value 0.01616
scoring_system epss
scoring_elements 0.81938
published_at 2026-05-11T12:55:00Z
3
value 0.01616
scoring_system epss
scoring_elements 0.81955
published_at 2026-05-12T12:55:00Z
4
value 0.01616
scoring_system epss
scoring_elements 0.81997
published_at 2026-05-14T12:55:00Z
5
value 0.01616
scoring_system epss
scoring_elements 0.81742
published_at 2026-04-02T12:55:00Z
6
value 0.01616
scoring_system epss
scoring_elements 0.81765
published_at 2026-04-04T12:55:00Z
7
value 0.01616
scoring_system epss
scoring_elements 0.81763
published_at 2026-04-07T12:55:00Z
8
value 0.01616
scoring_system epss
scoring_elements 0.8179
published_at 2026-04-08T12:55:00Z
9
value 0.01616
scoring_system epss
scoring_elements 0.81796
published_at 2026-04-09T12:55:00Z
10
value 0.01616
scoring_system epss
scoring_elements 0.81815
published_at 2026-04-11T12:55:00Z
11
value 0.01616
scoring_system epss
scoring_elements 0.81803
published_at 2026-04-12T12:55:00Z
12
value 0.01616
scoring_system epss
scoring_elements 0.81798
published_at 2026-04-13T12:55:00Z
13
value 0.01616
scoring_system epss
scoring_elements 0.81835
published_at 2026-04-18T12:55:00Z
14
value 0.01616
scoring_system epss
scoring_elements 0.81838
published_at 2026-04-21T12:55:00Z
15
value 0.01616
scoring_system epss
scoring_elements 0.81862
published_at 2026-04-24T12:55:00Z
16
value 0.01616
scoring_system epss
scoring_elements 0.81872
published_at 2026-04-26T12:55:00Z
17
value 0.01616
scoring_system epss
scoring_elements 0.81877
published_at 2026-04-29T12:55:00Z
18
value 0.01616
scoring_system epss
scoring_elements 0.81895
published_at 2026-05-05T12:55:00Z
19
value 0.01616
scoring_system epss
scoring_elements 0.81915
published_at 2026-05-07T12:55:00Z
20
value 0.01616
scoring_system epss
scoring_elements 0.81941
published_at 2026-05-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3627
4
reference_url http://secunia.com/advisories/60079
reference_id
reference_type
scores
url http://secunia.com/advisories/60079
5
reference_url http://secunia.com/advisories/60432
reference_id
reference_type
scores
url http://secunia.com/advisories/60432
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3627
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3627
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1170479
reference_id 1170479
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1170479
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.0:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.1:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.10:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.11:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.3:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.4:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.5:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.6:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.7:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.8:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:0.23.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:0.23.9:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.0:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.0:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.0:alpha:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.1:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.1:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.1:alpha:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.2:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.2:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.2:alpha:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.3:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.3:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.3:alpha:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.4:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.4:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.4:alpha:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.5:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.5:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.5:alpha:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.6:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.0.6:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.0.6:alpha:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.1.0:beta:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.1.0:beta:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.1.0:beta:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.1.1:beta:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.1.1:beta:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.1.1:beta:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.2.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.3.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.4.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.4.1:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.5.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.5.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:hadoop:2.5.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:hadoop:2.5.1:*:*:*:*:*:*:*
34
reference_url https://github.com/advisories/GHSA-jpmf-8cj2-595g
reference_id GHSA-jpmf-8cj2-595g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jpmf-8cj2-595g
Weaknesses
0
cwe_id 59
name Improper Link Resolution Before File Access ('Link Following')
description The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
1
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-s1ru-ts2c-ubf5