Apache Hadoop versions prior to 2.0.6-alpha, 0.23.9, and 1.2.1 suffer from a man in the middle vulnerability.
920b4b37291877975ac89ad350cad1cbc7140726f76783a940c8e7f9a30bb34b
Apache HBase versions prior to 0.92.3 and 0.94.9 suffer from a man in the middle vulnerability.
5cbbf2fbcb303a708f88f69ffb41c24dc8538ff7d51887f0601d19e0d147af31
Apache Hadoop version 2.0.0-alpha suffers from an HDFS information disclosure vulnerability. Malicious clients may gain write access to data for which they have read-only permission, or gain read access to any data blocks whose IDs they can determine.
8ea4cabe21ecd11c0e368081bd0fd9e1d9007bdbf2e8fcaaf287c6748a7721da
Apache Hadoop suffers from a user impersonation vulnerability. Versions 0.20.203.0, 0.20.204.0, 0.20.205.0, 1.0.0 to 1.0.1, and 0.23.0 to 0.23.1 are affected.
f18d6fe1a65b53c7bf4c4fb8af009952274a8ee8ebd8a89c223cb57b2eec58b7