Vulnerabilities > Apache > Hadoop > 0.1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-07 | CVE-2022-26612 | Link Following vulnerability in Apache Hadoop In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes. | 9.8 |
| 2017-10-30 | CVE-2012-4449 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Apache Hadoop Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a 20-bit secret when Kerberos security features are enabled, which makes it easier for context-dependent attackers to crack secret keys via a brute-force attack. | 9.8 |
| 2017-08-30 | CVE-2016-5001 | Information Exposure vulnerability in Apache Hadoop This is an information disclosure vulnerability in Apache Hadoop before 2.6.4 and 2.7.x before 2.7.2 in the short-circuit reads feature of HDFS. | 5.5 |
| 2017-04-26 | CVE-2017-3162 | Improper Input Validation vulnerability in Apache Hadoop HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. | 7.3 |
| 2017-04-26 | CVE-2017-3161 | Cross-site Scripting vulnerability in Apache Hadoop The HDFS web UI in Apache Hadoop before 2.7.0 is vulnerable to a cross-site scripting (XSS) attack through an unescaped query parameter. | 6.1 |