pkg:Maven/org.apache.hadoop:hadoop-main

All known vulnerabilities

• CRITICAL9.8CVE-2017-15718Exposure of Sensitive Information in Hadoop
  >= 2.7.3, < 2.7.5
• HIGH8.8CVE-2018-11764Authentication bypass in Apache Hadoop
  >= 3.0.0-alpha4, < 3.0.1
• HIGH8.8CVE-2018-8029Privilege escalation vulnerability in Apache Hadoop
  >= 2.2.0, < 2.8.4
• HIGH8.8Path Traversal in Hadoop
  >= 3.1.0, < 3.1.1
• HIGH8.8Arbitrary Command Execution in Hadoop
  >= 2.7.4, < 2.7.7
• HIGH7.8Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main
  from 0, < 2.7.3
• HIGH7.5Hadoop symlink vulnerability
  from 0, < 1.0.4
• HIGH7.5Improper Authentication in Apache Hadoop
  >= 3.0.0-alpha2, < 3.0.1
• HIGH7.5user/group information can be corrupted across storing in fsimage and reading back from fsimage
  >= 2.2.0, < 2.8.5
• HIGH7.5Exposure of Sensitive Information to an Unauthorized Actor in Hadoop
  from 0, < 2.7.6
• HIGH7.4Improper Privilege Management in org.apache.hadoop:hadoop-main
  >= 2.7.5, < 2.7.7
• MEDIUM6.5Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main
  from 0, < 2.7.5
• —Apache Hadoop allows impersonation of arbitrary cluster user accounts
  >= 0.23, < 0.23.2