Lucene search

CVE-2018-8009

🗓️ 13 Nov 2018 21:00:29Reported by [email protected]Type

CVE-2018-8009 Apache Hadoop zip slip vulnerabilit

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 27
OSV	CVE-2018-8009	13 Nov 201821:29	–	osv
OSV	Path Traversal in Hadoop	21 Dec 201817:50	–	osv
Veracode	Arbitrary File Write	6 Jun 201805:41	–	veracode
Cvelist	CVE-2018-8009	13 Nov 201821:00	–	cvelist
RedhatCVE	CVE-2018-8009	19 Jun 201821:19	–	redhatcve
Prion	Code injection	13 Nov 201821:29	–	prion
IBM Security Bulletins	Security Bulletin: Due to use of Spark from Hadoop, IBM Cloud Pak for Multicloud Management Monitoring could allow a remote attacker to traverse directories on the system.	5 Sep 202310:36	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Incident Forensics is vulnerable to using component with known vulnerabilities	7 Oct 202020:58	–	ibm
IBM Security Bulletins	Security Bulletin: IBM InfoSphere Information Server is affected but not classified as vulnerable to multiple vulnerabilities in Apache Hadoop	17 May 202321:55	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics	20 Jul 202220:48	–	ibm

Nvd

Node

apache hadoopRange0.23.0–0.23.11

apache hadoopRange2.0.0–2.7.6

apache hadoopRange2.8.0–2.8.4

apache hadoopRange2.9.0–2.9.1

apache hadoopRange3.0.0–3.0.2

apache hadoopMatch2.0.0alpha

apache hadoopMatch3.0.0alpha1

apache hadoopMatch3.0.0alpha2

apache hadoopMatch3.0.0alpha3

apache hadoopMatch3.0.0alpha4

apache hadoopMatch3.0.0beta1

apache hadoopMatch3.1.0

Source	Link
lists	www.lists.apache.org/thread.html/r4dddf1705dbedfa94392913b2dad1cd2d1d89040facd389eea0b3510%40%3Ccommits.druid.apache.org%3E
securityfocus	www.securityfocus.com/bid/105927
lists	www.lists.apache.org/thread.html/a1c227745ce30acbcf388c5b0cc8423e8bf495d619cd0fa973f7f38d%40%3Cuser.hadoop.apache.org%3E
lists	www.lists.apache.org/thread.html/rb21df54a4e39732ce653d2aa5672e36a792b59eb6717f2a06bb8d02a%40%3Ccommits.druid.apache.org%3E
snyk	www.snyk.io/research/zip-slip-vulnerability
access	www.access.redhat.com/errata/RHSA-2019:3892
lists	www.lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
hadoop	www.hadoop.apache.org/cve_list.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Nov 2018 21:29Current

8.9High risk

Vulners AI Score8.9

CVSS26.5

CVSS38.8

EPSS0.13152

CWE-22