VulnerableCode Package Details - pkg:maven/org.apache.hadoop/hadoop-common@3.3.2

Search for packages

Package details: pkg:maven/org.apache.hadoop/hadoop-common@3.3.2

Essentials
History (1)

purl	pkg:maven/org.apache.hadoop/hadoop-common@3.3.2

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-rvg8-cbnc-q3bc	Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2 There is a potential heap buffer overflow in Apache Hadoop libhdfs native code. Opening a file path provided by user without validation may result in a denial of service or arbitrary code execution. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher.	CVE-2021-37404 GHSA-rmpj-7c96-mrg8

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-01T12:25:38.759057+00:00	GithubOSV Importer	Fixing	VCID-rvg8-cbnc-q3bc	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/06/GHSA-rmpj-7c96-mrg8/GHSA-rmpj-7c96-mrg8.json	36.1.3