Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-6x8y-ffja-k3cw
Summary
Client BlockTokens not checked in Apache Hadoop
DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName, which might allow remote clients to read arbitrary blocks, write to blocks to which they only have read access, and have other unspecified impacts.
Aliases
0
alias CVE-2012-3376
1
alias GHSA-qmh2-h7r6-gm6q
Fixed_packages
0
url pkg:maven/org.apache.hadoop/hadoop-client@2.0.1-alpha
purl pkg:maven/org.apache.hadoop/hadoop-client@2.0.1-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-417a-z2w6-s3bq
2
vulnerability VCID-s1ru-ts2c-ubf5
3
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.0.1-alpha
Affected_packages
0
url pkg:maven/org.apache.hadoop/hadoop-client@2.0.0-alpha
purl pkg:maven/org.apache.hadoop/hadoop-client@2.0.0-alpha
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1jer-fvap-a3et
1
vulnerability VCID-6x8y-ffja-k3cw
2
vulnerability VCID-teju-geqm-j7cy
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hadoop/hadoop-client@2.0.0-alpha
References
0
reference_url http://archives.neohapsis.com/archives/bugtraq/2012-07/0049.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://archives.neohapsis.com/archives/bugtraq/2012-07/0049.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3376
reference_id
reference_type
scores
0
value 0.00962
scoring_system epss
scoring_elements 0.76601
published_at 2026-05-07T12:55:00Z
1
value 0.00962
scoring_system epss
scoring_elements 0.7654
published_at 2026-04-16T12:55:00Z
2
value 0.00962
scoring_system epss
scoring_elements 0.76543
published_at 2026-04-18T12:55:00Z
3
value 0.00962
scoring_system epss
scoring_elements 0.76532
published_at 2026-04-21T12:55:00Z
4
value 0.00962
scoring_system epss
scoring_elements 0.76565
published_at 2026-04-24T12:55:00Z
5
value 0.00962
scoring_system epss
scoring_elements 0.7657
published_at 2026-04-26T12:55:00Z
6
value 0.00962
scoring_system epss
scoring_elements 0.76583
published_at 2026-04-29T12:55:00Z
7
value 0.00962
scoring_system epss
scoring_elements 0.76618
published_at 2026-05-09T12:55:00Z
8
value 0.00962
scoring_system epss
scoring_elements 0.76624
published_at 2026-05-12T12:55:00Z
9
value 0.00962
scoring_system epss
scoring_elements 0.76571
published_at 2026-05-05T12:55:00Z
10
value 0.00962
scoring_system epss
scoring_elements 0.76605
published_at 2026-05-11T12:55:00Z
11
value 0.01302
scoring_system epss
scoring_elements 0.79757
published_at 2026-04-11T12:55:00Z
12
value 0.01302
scoring_system epss
scoring_elements 0.79686
published_at 2026-04-01T12:55:00Z
13
value 0.01302
scoring_system epss
scoring_elements 0.79693
published_at 2026-04-02T12:55:00Z
14
value 0.01302
scoring_system epss
scoring_elements 0.79714
published_at 2026-04-04T12:55:00Z
15
value 0.01302
scoring_system epss
scoring_elements 0.797
published_at 2026-04-07T12:55:00Z
16
value 0.01302
scoring_system epss
scoring_elements 0.79728
published_at 2026-04-08T12:55:00Z
17
value 0.01302
scoring_system epss
scoring_elements 0.79735
published_at 2026-04-13T12:55:00Z
18
value 0.01302
scoring_system epss
scoring_elements 0.79741
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3376
2
reference_url https://github.com/apache/hadoop
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hadoop
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3376
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3376
4
reference_url https://seclists.org/fulldisclosure/2012/Jul/78
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/fulldisclosure/2012/Jul/78
5
reference_url https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html
6
reference_url https://github.com/advisories/GHSA-qmh2-h7r6-gm6q
reference_id GHSA-qmh2-h7r6-gm6q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qmh2-h7r6-gm6q
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 310
name Cryptographic Issues
description Weaknesses in this category are related to the design and implementation of data confidentiality and integrity. Frequently these deal with the use of encoding techniques, encryption libraries, and hashing algorithms. The weaknesses in this category could lead to a degradation of the quality data if they are not addressed.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score7.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-6x8y-ffja-k3cw