VYPR

Maven package

org.apache.hbase/hbase

pkg:maven/org.apache.hbase/hbase

Vulnerabilities (2)

  • CVE-2019-0212Mar 28, 2019
    affected >= 2.0.0, < 2.0.5fixed 2.0.5

    In all previously released Apache HBase 2.x versions (2.0.0-2.0.4, 2.1.0-2.1.3), authorization was incorrectly applied to users of the HBase REST server. Requests sent to the HBase REST server were executed with the permissions of the REST server itself, not with the permissions

  • CVE-2015-1836HigDec 21, 2015
    affected >= 0.98, < 0.98.12.1fixed 0.98.12.1

    Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, uses incorrect ACLs for ZooKeeper coordination state, which allows remote attackers to cause a denial of service (da