Vulnerabilities > Apache > Hadoop > 1.0.4

DATE CVE VULNERABILITY TITLE RISK
2022-04-07 CVE-2022-26612 Link Following vulnerability in Apache Hadoop
In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes.
network
low complexity
apache CWE-59
critical
 9.8
9.8
2017-08-30 CVE-2016-5001 Information Exposure vulnerability in Apache Hadoop
This is an information disclosure vulnerability in Apache Hadoop before 2.6.4 and 2.7.x before 2.7.2 in the short-circuit reads feature of HDFS.
local
low complexity
apache CWE-200
5.5
5.5
2017-04-26 CVE-2017-3162 Improper Input Validation vulnerability in Apache Hadoop
HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace.
network
low complexity
apache CWE-20
7.3
7.3
2017-04-26 CVE-2017-3161 Cross-site Scripting vulnerability in Apache Hadoop
The HDFS web UI in Apache Hadoop before 2.7.0 is vulnerable to a cross-site scripting (XSS) attack through an unescaped query parameter.
network
low complexity
apache CWE-79
6.1
6.1