CVE-2014-3627
CVE-2014-3627 affects the YARN NodeManager in Apache Hadoop (versions 0.23.0–0.23.11 and 2.x prior to 2.5.2). The root cause is a symlink/localization handling issue in the distributed cache within a public tar archive when Kerberos authentication is used, enabling remote cluster users to change ...