Filter

maven/org.apache.hadoop:hadoop-yarn-projectPrivilege escalation in Apache Hadoop Yarn container-executor binary on Linux systems

7.5
First published (updated )

Apache HadoopApache Hadoop YARN remote code execution in ZKConfigurationStore of capacity scheduler

8.8
First published (updated )

Apache HadoopCommand injection in org.apache.hadoop.fs.FileUtil.unTarUsingTar

First published (updated )

Apache HadoopApache Hadoop Privilege escalation vulnerability

First published (updated )

Apache HadoopHeap buffer overflow in libhdfs native library

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache HadoopArbitrary file write in FileUtil#unpackEntries on Windows

First published (updated )

redhat/hadoopIn Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client mi…

8.8
First published (updated )

Apache HadoopWeb endpoint authentication check is broken in Apache Hadoop 3.0.0-alpha4, 3.0.0-beta1, and 3.0.0. A…

First published (updated )

Apache HadoopIn Apache Hadoop versions 3.0.0-alpha2 to 3.0.0, 2.9.0 to 2.9.2, 2.8.0 to 2.8.5, any users can acces…

7.5
First published (updated )

Apache HadoopHadoop 1.0.3 contains a symlink vulnerability.

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle PeopleSoft Enterprise PeopleToolsConnect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, wh…

First published (updated )

Apache HadoopBuffer Overflow

7.5
First published (updated )

Apache HadoopIn Apache Hadoop versions 3.0.0-alpha1 to 3.1.0, 2.9.0 to 2.9.1, and 2.2.0 to 2.8.4, a user who can …

First published (updated )

Apache HadoopIn Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting acce…

7.4
First published (updated )

Apache HadoopInfoleak

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache HadoopIn Apache Hadoop 2.7.4 to 2.7.6, the security fix for CVE-2016-6811 is incomplete. A user who can es…

First published (updated )

Apache HadoopPath Traversal

8.8
First published (updated )

Apache HadoopThe YARN NodeManager in Apache Hadoop 2.7.3 and 2.7.4 can leak the password for credential store pro…

First published (updated )

Apache HadoopInfoleak

First published (updated )

Apache HadoopIn Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1, if a file in an encrypti…

7.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache HadoopApache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a…

First published (updated )

Apache HadoopInfoleak

First published (updated )

Apache HadoopInput Validation

8.5
First published (updated )

Apache HadoopInput Validation

7.5
First published (updated )

Apache HadoopXSS

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache HadoopIn Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn user can possibly run arbitrary c…

First published (updated )

Apache HadoopApache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as used in Cloudera CDH 5.0.x before 5.0.2…

First published (updated )

Apache HadoopInfoleak

First published (updated )

Apache HadoopIn Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with …

8.8
First published (updated )

Apache HadoopInfoleak

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203