Search for packages
Package details: pkg:maven/org.apache.hadoop/hadoop-main@0.23
purl pkg:maven/org.apache.hadoop/hadoop-main@0.23
Next non-vulnerable version 0.23.2
Latest non-vulnerable version 3.3.5
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-xx1y-etyu-zfhv
Aliases:
CVE-2012-1574
GHSA-c6f9-4pmv-m7m6
Apache Hadoop allows impersonation of arbitrary cluster user accounts The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 through 0.20.205.0, 0.23.x before 0.23.2, and 1.0.x before 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin before 0.20.2+923.197, and other products, allows remote authenticated users to impersonate arbitrary cluster user accounts via unspecified vectors.
0.23.2
Affected by 0 other vulnerabilities.
0.23.3
Affected by 5 other vulnerabilities.
1.0.2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-07-01T18:13:47.596801+00:00 GitLab Importer Affected by VCID-xx1y-etyu-zfhv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.hadoop/hadoop-main/CVE-2012-1574.yml 36.1.3