3 matches found
Information Leakage
Apache Hadoop HDFS is vulnerable to information leakage. When listXAttrs is used, the library misses the authorization checks for path-level read permissions, leaking extended attribute key/value pairs...
Cross-site Scripting (XSS)
Apache Hadoop HDFS is susceptible to cross-site scripting XSS attacks. The attacks are possible because it does not sanitize the user-provided input properly, allowing XSS attacks...
Input Validation Bypass
Apache Hadoop HDFS is vulnerable to input validation bypass. The attack is possible because it does not correctly handle the validation of the input to NameNode when it is sent as a query parameter during the interaction of the HDFS client with the DataNode in the HDFS namespace browsing. A user...