12 matches found
Out-of-bounds Write
org.apache.hadoop:hadoop-hdfs-native-client is vulnerable to Out-of-bounds Write. The vulnerability is due to improper bounds checking in the HDFS native client, which allows an attacker to trigger memory corruption by writing outside allocated buffers, potentially leading to denial of service or...
GHSA-92CC-952P-V8RH Apache Hadoop HDFS Native Client has Out-of-bounds Write Vulnerability
Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write via statically linked code from uriparser2. An attacker can cause memory corruption or denial of service by sending specially crafted requests to the affected process. Remediation Upgrade...
Apache Hadoop HDFS Native Client has Out-of-bounds Write Vulnerability
Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue...
CVE-2025-27821
Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue...
Information Disclosure
hadoop-hdfs-client is vulnerable to information disclosure. The application allows the sending of authentication credentials over an insecure HTTP channel. An attacker is able to intercept the network traffic and obtain the SPNEGO authorization header and gain access to the server...
Denial Of Service (DoS)
hadoop-hdfs is vulnerable to denial of service DoS. The vulnerability exists as it is possible to cause a FSImage corruption through the mismatch in size of the fields used to store user/group information...
How Our Threat Analytics Multi-Region Data Lake on AWS Stores More, Slashes Costs
Data is the lifeblood of digital businesses, and a key competitive advantage. The question is: how can you store your data cost-efficiently, access it quickly, while abiding by privacy laws? At Imperva, we wanted to store our data for long-term access. Databases would’ve cost too much in disk and...
Information Leakage
Apache Hadoop HDFS is vulnerable to information leakage. When listXAttrs is used, the library misses the authorization checks for path-level read permissions, leaking extended attribute key/value pairs...
Cross-site Scripting (XSS)
Apache Hadoop HDFS is susceptible to cross-site scripting XSS attacks. The attacks are possible because it does not sanitize the user-provided input properly, allowing XSS attacks...
Input Validation Bypass
Apache Hadoop HDFS is vulnerable to input validation bypass. The attack is possible because it does not correctly handle the validation of the input to NameNode when it is sent as a query parameter during the interaction of the HDFS client with the DataNode in the HDFS namespace browsing. A user...
Escalation Of Privileges
hadoop-hdfs is vulnerable to escalation of privileges. It does not check for admin authorization for the refreshNamenodes, deleteBlockPool and shutdownDatanode commands. This allows remotely authenticated attackers to perform these commands or cause denial of service attacks...