VulnerableCode Package Details - pkg:maven/org.apache.hadoop/hadoop-main@3.0.0-beta1

Search for packages

Package details: pkg:maven/org.apache.hadoop/hadoop-main@3.0.0-beta1

Essentials
History (1)

purl	pkg:maven/org.apache.hadoop/hadoop-main@3.0.0-beta1

Next non-vulnerable version	0.23.2
Latest non-vulnerable version	3.1.1
Risk

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-kp2v-mhqm-kuf9 Aliases: CVE-2018-11764 GHSA-4fh8-pm7g-pmxq	Authentication bypass in Apache Hadoop Web endpoint authentication check is broken in Apache Hadoop 3.0.0-alpha4, 3.0.0-beta1, and 3.0.0. Authenticated users may impersonate any user even if no proxy user is configured.	3.0.1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-01T12:24:34.781329+00:00	GithubOSV Importer	Affected by	VCID-kp2v-mhqm-kuf9	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-4fh8-pm7g-pmxq/GHSA-4fh8-pm7g-pmxq.json	36.1.3