org.apache.hadoop:hadoop-core@1.2.0 vulnerabilities
-
latest version
1.2.1
-
latest non vulnerable version
-
first published
14 years ago
-
latest version published
11 years ago
-
licenses detected
- [0.20.2,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.hadoop:hadoop-core package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1, when the Kerberos security features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information by forcing a downgrade to simple authentication. |
[,1.2.1)
|