Lucene search
K

12 matches found

Veracode
Veracode
added 2026/02/05 2:9 p.m.7 views

Out-of-bounds Write

org.apache.hadoop:hadoop-hdfs-native-client is vulnerable to Out-of-bounds Write. The vulnerability is due to improper bounds checking in the HDFS native client, which allows an attacker to trigger memory corruption by writing outside allocated buffers, potentially leading to denial of service or...

7.3CVSS6AI score0.00862EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/01/26 12:30 p.m.5 views

GHSA-92CC-952P-V8RH Apache Hadoop HDFS Native Client has Out-of-bounds Write Vulnerability

Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue...

7.3CVSS5.8AI score0.00862EPSS
Exploits0References7
Snyk
Snyk
added 2026/01/26 12:30 p.m.6 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write via statically linked code from uriparser2. An attacker can cause memory corruption or denial of service by sending specially crafted requests to the affected process. Remediation Upgrade...

7.3CVSS6AI score0.00862EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/01/26 12:30 p.m.11 views

Apache Hadoop HDFS Native Client has Out-of-bounds Write Vulnerability

Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue...

7.3CVSS5.8AI score0.00862EPSS
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/26 9:44 a.m.7 views

CVE-2025-27821

Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue...

7.3CVSS5.8AI score0.00862EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2021/01/27 6:24 a.m.17 views

Information Disclosure

hadoop-hdfs-client is vulnerable to information disclosure. The application allows the sending of authentication credentials over an insecure HTTP channel. An attacker is able to intercept the network traffic and obtain the SPNEGO authorization header and gain access to the server...

8.8CVSS1.5AI score0.04403EPSS
Exploits0References29Affected Software1
Veracode
Veracode
added 2019/10/07 4:27 a.m.22 views

Denial Of Service (DoS)

hadoop-hdfs is vulnerable to denial of service DoS. The vulnerability exists as it is possible to cause a FSImage corruption through the mismatch in size of the fields used to store user/group information...

7.5CVSS2.3AI score0.06554EPSS
Exploits0References21Affected Software1
Imperva Blog
Imperva Blog
added 2019/03/14 5:45 p.m.173 views

How Our Threat Analytics Multi-Region Data Lake on AWS Stores More, Slashes Costs

Data is the lifeblood of digital businesses, and a key competitive advantage. The question is: how can you store your data cost-efficiently, access it quickly, while abiding by privacy laws? At Imperva, we wanted to store our data for long-term access. Databases would’ve cost too much in disk and...

Exploits0
Veracode
Veracode
added 2019/02/08 8:27 a.m.21 views

Information Leakage

Apache Hadoop HDFS is vulnerable to information leakage. When listXAttrs is used, the library misses the authorization checks for path-level read permissions, leaking extended attribute key/value pairs...

7.5CVSS7.4AI score0.03299EPSS
Exploits0References7Affected Software1
Veracode
Veracode
added 2017/04/27 2:56 a.m.27 views

Cross-site Scripting (XSS)

Apache Hadoop HDFS is susceptible to cross-site scripting XSS attacks. The attacks are possible because it does not sanitize the user-provided input properly, allowing XSS attacks...

6.1CVSS5.8AI score0.03838EPSS
Exploits0References4Affected Software1
Veracode
Veracode
added 2017/04/27 2:21 a.m.25 views

Input Validation Bypass

Apache Hadoop HDFS is vulnerable to input validation bypass. The attack is possible because it does not correctly handle the validation of the input to NameNode when it is sent as a query parameter during the interaction of the HDFS client with the DataNode in the HDFS namespace browsing. A user...

7.5CVSS7.1AI score0.062EPSS
Exploits1References4Affected Software1
Veracode
Veracode
added 2017/03/24 7:20 a.m.21 views

Escalation Of Privileges

hadoop-hdfs is vulnerable to escalation of privileges. It does not check for admin authorization for the refreshNamenodes, deleteBlockPool and shutdownDatanode commands. This allows remotely authenticated attackers to perform these commands or cause denial of service attacks...

6.5CVSS6.7AI score0.01591EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder