Lucene search
K

12 matches found

CNNVD
CNNVD
added 2026/01/26 12:0 a.m.8 views

Apache Hadoop security vulnerabilities

Apache Hadoop is an open-source distributed system framework developed by the Apache Foundation in the United States. This product enables distributed processing of large amounts of data, featuring high reliability, scalability, and fault tolerance. ClickHouse is an open-source implementation of...

7.3CVSS7.2AI score0.00862EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:29 a.m.4 views

SUSE CVE-2018-8009

Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2.8.4, 2.0.0-alpha to 2.7.6, 0.23.0 to 0.23.11 is exploitable via the zip slip vulnerability in places that accept a zip file...

8.8CVSS8.7AI score0.07577EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:27 a.m.4 views

SUSE CVE-2018-11767

In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms...

7.4CVSS8.3AI score0.03726EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/08/05 12:0 a.m.6 views

ai.catboost:catboost-spark_3.2_2.12 (>=1.0.6 <=1.2.10), ai.catboost:catboost-spark_3.2_2.13 (>=1.0.6 <=1.2.10) +647 more potentially affected by CVE-2022-25168 via org.apache.hadoop:hadoop-common (>=3.3.0 <=3.3.2)

org.apache.hadoop:hadoop-common MAVEN version =3.3.0, =1.0.6, =1.0.6, =1.1, =1.1.1, =0.13.0, =0.2.7, =0.2.7, =0.6.1.2, =1.0.0, =1.0.0, =0.2.2, =1.0.0, =1.0.0, =0.2.2, =0.4.1 and more Source cves: CVE-2022-25168 Source advisory: OSV:GHSA-8WM5-8H9C-47PC...

9.8CVSS7.2AI score0.03259EPSS
Exploits0
OSV
OSV
added 2022/08/05 12:0 a.m.5 views

GHSA-8WM5-8H9C-47PC Apache Hadoop argument injection vulnerability

Apache Hadoop's FileUtil.unTarFile, File API does not escape the input file name before being passed to the shell. An attacker can inject arbitrary commands. This is only used in Hadoop 3.3 InMemoryAliasMap.completeBootstrapTransfer, which is only ever run by a local user. It has been used in...

9.8CVSS7.5AI score0.03259EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2022/06/14 12:0 a.m.5 views

ai.catboost:catboost-spark_3.2_2.12 (>=1.0.6 <=1.2.10), ai.catboost:catboost-spark_3.2_2.13 (>=1.0.6 <=1.2.10) +590 more potentially affected by CVE-2021-37404 via org.apache.hadoop:hadoop-common (>=3.3.0 <=3.3.1)

org.apache.hadoop:hadoop-common MAVEN version =3.3.0, =1.0.6, =1.0.6, =0.13.0, =0.2.7, =0.2.7, =0.6.1.2, =1.0.0, =1.0.0, =0.2.2, =1.0.0, =1.0.0, =0.2.2, =0.8.0, =0.8.0, =0.8.5 and more Source cves: CVE-2021-37404 Source advisory: OSV:GHSA-RMPJ-7C96-MRG8...

9.8CVSS7.2AI score0.02885EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/17 3:35 a.m.7 views

co.cask.tephra:tephra-examples (>=0.6.2 <=0.7.1), co.cask.tephra:tephra-hbase-compat-1.0-cdh (>=0.6.0 <=0.7.1) +356 more potentially affected by CVE-2016-5393 via org.apache.hadoop:hadoop-common (>=2.6.0 <=2.6.4)

org.apache.hadoop:hadoop-common MAVEN version =2.6.0, =0.6.2, =0.6.0, =1.7.0, =1.1.0, =1.1.0, =7.2.1, =3.0.0, =3.0.0, =7.2.1, =3.0.0, =3.0.0, =3.0.0, =3.6.7 and more Source cves: CVE-2016-5393 Source advisory: OSV:GHSA-7Q56-MP4C-GGGG...

8.8CVSS7.2AI score0.03141EPSS
Exploits0
OSV
OSV
added 2022/05/17 12:22 a.m.3 views

GHSA-Q46V-CJ5V-HVG6 Use of a Broken or Risky Cryptographic Algorithm in Apache Hadoop

Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a 20-bit secret when Kerberos security features are enabled, which makes it easier for context-dependent attackers to crack secret keys via a brute-force attack...

9.8CVSS5.9AI score0.01201EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/05/13 1:8 a.m.4 views

ae.teletronics.nlp:entityextraction (=1.3), ae.teletronics.nlp:w2vec (=1.0) +2821 more potentially affected by CVE-2017-3162 via org.apache.hadoop:hadoop-client (>=0.23.10 <=2.6.5)

org.apache.hadoop:hadoop-client MAVEN version =0.23.10, =0.25-rc1, =0.25-rc1, =0.25, =0.25, =0.25, =0.0.25, =0.0.25, =0.0.25, =0.0.1, =0.0.1, =0.42.1, =0.2.0, =1.6.13 and more Source cves: CVE-2017-3162 Source advisory: OSV:GHSA-PR9X-QMP5-J3RR...

7.5CVSS7.1AI score0.062EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/09 10:17 p.m.6 views

ai.onehouse:lakeview-sync-tool (>=0.18.5 <=0.30.0), com.alibaba.hbase:alihbase-connector (>=2.0.29.2 <=2.1.2.2) +208 more potentially affected by CVE-2020-9492 via org.apache.hadoop:hadoop-common (>=2.0.4-alpha <=2.10.0)

org.apache.hadoop:hadoop-common MAVEN version =2.0.4-alpha, =0.18.5, =2.0.29.2, =0.3.0, =0.3.0, =2.10.6.9, =3.0.0, =3.0.0, =0.24.0, =0.24.0, =0.24.0, =0.24.0, =0.19.3, =0.19.3, =0.24.0, =0.24.0, =0.25.0 and more Source cves: CVE-2020-9492 Source advisory: OSV:GHSA-F8VC-WFC8-HXQH...

8.8CVSS7.1AI score0.04403EPSS
Exploits0
CNVD
CNVD
added 2018/11/28 12:0 a.m.3 views

Apache Hadoop elevation of privilege vulnerability (CNVD-2018-24261)

Apache Hadoop is the U.S. Apache Apache Software Foundation's set of open source distributed systems infrastructure, it can be distributed processing of large amounts of data, and has high reliability, high scalability, high fault tolerance and other characteristics. A security vulnerability exis...

9CVSS8.9AI score0.03244EPSS
Exploits0References1
CNVD
CNVD
added 2017/11/03 12:0 a.m.8 views

Apache Hadoop Information Disclosure Vulnerability (CNVD-2017-36014)

Apache Hadoop is the U.S. Apache Apache Software Foundation's set of open source distributed systems infrastructure, it can be distributed processing of large amounts of data, and has high reliability, high scalability, high fault tolerance and other characteristics. A security vulnerability exis...

9.8CVSS6.9AI score0.01201EPSS
Exploits0References1
Rows per page
Query Builder