VulnerableCode Package Details - pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3

Search for packages

Package details: pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3

Essentials
History (1)

purl	pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-8jek-c6sq-tba9	Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3 can leak the password for credential store provider used by the NodeManager to YARN Applications.	CVE-2016-3086 GHSA-895m-ww55-59vw

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-01T12:27:16.756747+00:00	GithubOSV Importer	Fixing	VCID-8jek-c6sq-tba9	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-895m-ww55-59vw/GHSA-895m-ww55-59vw.json	36.1.3