Filter
Versions
3.0.0
10
2.0.0-alpha
8
2.9.0
8
3.0.0-alpha1
8
3.0.0-alpha2
8
2.2.0
7
3.0.0-alpha4
7
0.23.0
6
2.0.1-alpha
6
2.0.2-alpha
6
3.0.0-alpha3
6
3.0.0-beta1
6
2.0.3-alpha
5
2.0.4-alpha
5
2.0.5-alpha
5
2.6.3
5
2.7.0
5
0.23.1
4
0.23.3
4
2.0.0
4
2.0.6-alpha
4
2.1.0-beta
4
2.1.1-beta
4
2.6.1
4
2.6.2
4
2.6.4
4
2.7.1
4
2.8.0
4
2.8.4
4
2.9.1
4
3.3.0
4
0.23.11
3
0.23.4
3
0.23.5
3
0.23.6
3
0.23.7
3
0.23.8
3
1.0.0
3
1.0.1
3
1.0.3
3
2.4.0
3
2.5.0
3
2.6.0
3
2.6.5
3
2.7.2
3
2.7.3
3
2.7.6
3
3.0.1
3
3.1.0
3
0.23.10
2
0.23.9
2
1.0.2
2
1.1.1
2
2.3.0
2
2.7.4
2
2.7.5
2
2.8.2
2
2.8.3
2
3.2.0
2
3.2.1
2
3.3.1
2
3.3.2
2
0.20.203.0
1
0.20.204.0
1
0.20.205.0
1
1.0.4
1
1.1.0
1
1.1.2
1
1.2.0
1
2.0.1
1
2.0.2
1
2.0.3
1
2.0.4
1
2.0.5
1
2.0.6
1
2.1.0
1
2.10.0
1
2.10.1
1
2.4.1
1
2.5.1
1
2.8.1
1
2.8.5
1
2.9.2
1
3.0.2
1
3.0.3
1
3.1.1
1
3.1.3
1
3.1.4
1
3.2.3
1
3.3.4
1
Oracle PeopleSoft Enterprise PeopleToolsConnect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, wh…
9.8
First published (updated )
Apache HadoopApache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a…
9.8
First published (updated )
Apache HadoopThe YARN NodeManager in Apache Hadoop 2.7.3 and 2.7.4 can leak the password for credential store pro…
9.8
First published (updated )
Apache HadoopHeap buffer overflow in libhdfs native library
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache HadoopCommand injection in org.apache.hadoop.fs.FileUtil.unTarUsingTar
9.8
First published (updated )
Apache HadoopArbitrary file write in FileUtil#unpackEntries on Windows
9.8
First published (updated )
Apache HadoopIn Apache Hadoop 2.7.4 to 2.7.6, the security fix for CVE-2016-6811 is incomplete. A user who can es…
First published (updated )
Apache HadoopIn Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn user can possibly run arbitrary c…
First published (updated )
Apache HadoopWeb endpoint authentication check is broken in Apache Hadoop 3.0.0-alpha4, 3.0.0-beta1, and 3.0.0. A…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache HadoopIn Apache Hadoop versions 3.0.0-alpha1 to 3.1.0, 2.9.0 to 2.9.1, and 2.2.0 to 2.8.4, a user who can …
First published (updated )
Apache HadoopApache Hadoop Privilege escalation vulnerability
First published (updated )
redhat/hadoopIn Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client mi…
8.8
First published (updated )
Apache HadoopIn Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with …
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache HadoopApache Hadoop YARN remote code execution in ZKConfigurationStore of capacity scheduler
8.8
First published (updated )
Apache HadoopThe Hadoop connector 1.1.1, 2.4, 2.5, and 2.7.0-0 before 2.7.0-3 for IBM Spectrum Scale and General …
8.4
First published (updated )
Apache HadoopIn Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1, if a file in an encrypti…
7.8
First published (updated )
Apache HadoopDataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is en…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache HadoopIn Apache Hadoop versions 3.0.0-alpha2 to 3.0.0, 2.9.0 to 2.9.2, 2.8.0 to 2.8.5, any users can acces…
7.5
First published (updated )
maven/org.apache.hadoop:hadoop-yarn-projectPrivilege escalation in Apache Hadoop Yarn container-executor binary on Linux systems
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache HadoopHadoop 1.0.3 contains a symlink vulnerability.
7.5
First published (updated )
Apache HadoopIn Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting acce…
7.4
First published (updated )
Apache HadoopApache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as used in Cloudera CDH 5.0.x before 5.0.2…
6.5
First published (updated )
Apache HadoopThe Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 through 0.20.205.0, 0.23.x…
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.