pkg:Maven/org.apache.hadoop:hadoop-common

All known vulnerabilities

• CRITICAL9.8CVE-2022-25168Apache Hadoop argument injection vulnerability
  >= 2.0.0, < 2.10.2
• CRITICAL9.8CVE-2021-37404Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2
  >= 3.3.0, < 3.3.2
• CRITICAL9.8Path traversal in Hadoop
  >= 3.2.0, < 3.2.3
• HIGH8.8Improper Access Control in Apache Hadoop
  >= 2.6.0, < 2.6.5
• HIGH8.8Insecure Inherited Permissions in Apache Hadoop
  >= 2.0.0-alpha, < 2.7.4
• HIGH8.8Improper Privilege Management in Apache Hadoop
  >= 3.2.0, < 3.2.2
• HIGH7.5Apache Hadoop's LinuxContainerExecutor runs docker commands as root with insufficient input validation
  from 0, < 2.8.1
• MEDIUM6.5Improper Authentication in Apache Hadoop
  >= 0.23.0, < 0.23.11
• MEDIUM6.2Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop
  >= 2.6.0, < 2.6.5
• MEDIUM5.5Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop
  from 0, < 2.6.4
• LOW3.3Apache Hadoop: Temporary File Local Information Disclosure
  from 0, < 3.4.0
• —Improper Authentication in Apache Hadoop
  >= 2.0.0, < 2.0.6-alpha