VulnerableCode Package Details - pkg:maven/org.apache.hadoop/hadoop-client@2.0.1-alpha

Search for packages

Package details: pkg:maven/org.apache.hadoop/hadoop-client@2.0.1-alpha

Essentials
History (1)

purl	pkg:maven/org.apache.hadoop/hadoop-client@2.0.1-alpha

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-qmd4-j2gq-qqeb	Client BlockTokens not checked in Apache Hadoop DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName, which might allow remote clients to read arbitrary blocks, write to blocks to which they only have read access, and have other unspecified impacts.	CVE-2012-3376 GHSA-qmh2-h7r6-gm6q

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-01T12:28:46.029467+00:00	GithubOSV Importer	Fixing	VCID-qmd4-j2gq-qqeb	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-qmh2-h7r6-gm6q/GHSA-qmh2-h7r6-gm6q.json	36.1.3