Lucene search
ApacheCVELIST:CVE-2021-37404HistoryJun 13, 2022 - 7:00 a.m.
CVE-2021-37404 Heap buffer overflow in libhdfs native library
2022-06-1307:00:16
CWE-787
apache
www.cve.org
There is a potential heap buffer overflow in Apache Hadoop libhdfs native code. Opening a file path provided by user without validation may result in a denial of service or arbitrary code execution. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher.
CNA Affected
[
{
"product": "Apache Hadoop",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "2.9.0 to 2.10.1"
},
{
"status": "affected",
"version": "3.0.0 to 3.1.4"
},
{
"status": "affected",
"version": " 3.2.0 to 3.2.2"
},
{
"status": "affected",
"version": "3.3.0 to 3.3.1"
}
]
}
]Related
osv
osv
CVE-2021-37404
2022-06-13 07:15:08
Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2
2022-06-14 00:00:37
github
github
Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2
2022-06-14 00:00:37
cve
cve
CVE-2021-37404
2022-06-13 07:15:08
nvd
nvd
CVE-2021-37404
2022-06-13 07:15:08
redhatcve
redhatcve
CVE-2021-37404
2022-06-15 16:29:20
prion
prion
Heap overflow
2022-06-13 07:15:00
ibm
ibm
oracle
oracle
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00