4 matches found
org.apache.hadoop:hadoop-client (>=0.23.7 <=0.23.11), org.apache.hama:hama-yarn (>=0.5.0 <=0.6.2) +6 more potentially affected by CVE-2013-2192 via org.apache.hadoop:hadoop-common (>=0.23.1 <=0.23.8)
org.apache.hadoop:hadoop-common MAVEN version =0.23.1, =0.23.7, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.6.0, =0.5.0, =0.5.0, =0.8.1 Source cves: CVE-2013-2192 Source advisory: OSV:GHSA-PXV5-5VMP-3JJ4...
de.tudarmstadt.ukp.dkpro.bigdata:de.tudarmstadt.ukp.dkpro.bigdata.collocations (=0.1.0), org.apache.hadoop:hadoop-client (>=2.0.4-alpha <=2.0.5-alpha) +1 more potentially affected by CVE-2013-2192 via org.apache.hadoop:hadoop-common (>=2.0.4-alpha <=2.0.5-alpha)
org.apache.hadoop:hadoop-common MAVEN version =2.0.4-alpha, =2.0.4-alpha, =0.95.2-hadoop21, =0.95.2-hadoop23 Source cves: CVE-2013-2192 Source advisory: OSV:GHSA-PXV5-5VMP-3JJ4...
RHEL 6 : jasperreports-server-pro (RHSA-2014:0037)
An updated jasperreports-server-pro package that fixes two security issues, several bugs, and adds various enhancements is now available. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
CVE-2013-2192
The CVE-2013-2192 issue affects Apache Hadoop RPC with Kerberos enabled, where an attacker can perform a MITM by downgrading to simple authentication, compromising confidentiality and integrity. Affected ranges are Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1. Remedia...