5 matches found
OESA-2022-2016 hadoop security update
Apache Hadoop is a framework that allows for the distributed processing of large data sets across clusters of computers using simple programming models. It is designed to scale up from single servers to thousands of machines, each offering local computation and storage. Security Fixes: In Apache...
CVE-2021-33036
A flaw was found in Hadoop Yarn. This flaw allows an attacker to benefit from permissions, escalate to a yarn user and run arbitrary commands as root...
CVE-2021-33036
In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher...
CVE-2021-33036 Apache Hadoop Privilege escalation vulnerability
In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher...
CVE-2021-33036
CVE-2021-33036 affects Apache Hadoop (versions 2.2.0–2.10.1, 3.0.0–3.1.4, 3.2.0–3.2.2, 3.3.0–3.3.1). The issue arises from improper permission handling that could let an authenticated user who escalates to the yarn user run arbitrary commands with root privileges. The impact is elevated privilege...