com.amazon.emr:emr-dynamodb-hadoop (>=4.2.0 <=4.3.0), com.amazon.emr:emr-dynamodb-tools (=4.2.0) +150 more potentially affected by CVE-2016-3086 via org.apache.hadoop:hadoop-yarn-server-nodemanager (>=2.7.0 <=2.7.2)

org.apache.hadoop:hadoop-yarn-server-nodemanager MAVEN version =2.7.0, =4.2.0, =1.0.4, =1.0.4, =1.2.0, =1.0.2, =1.0.2, =1.2.1, =10.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =1.2.0 - com.intropro.prairie:hbase-unit =1.2.0 and more Source cves: CVE-2016-3086 Source advisory: OSV:GHSA-895M-WW55-5...

Security Bulletin: IBM InfoSphere BigInsights 4.2 is affected by Open Source vulnerabilities in Hadoop (CVE-2016-3086, CVE-2016-5001) and Solr (CVE-2017-3163)

Summary IBM InfoSphere BigInsights 4.2 is affected by Open Source vulnerabilities in Hadoop CVE-2016-3086, CVE-2016-5001 and Solr CVE-2017-3163 Vulnerability Details CVEID: CVE-2016-3086 DESCRIPTION: Apache Hadoop could allow a remote attacker to obtain sensitive information, caused by a flaw in...

CVE-2016-3086

The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3 can leak the password for credential store provider used by the NodeManager to YARN Applications...

CVE-2016-3086

The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3 can leak the password for credential store provider used by the NodeManager to YARN Applications...

CVE-2016-3086

The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3 can leak the password for credential store provider used by the NodeManager to YARN Applications...

CVE-2016-3086

CVE-2016-3086 affects Apache Hadoop’s YARN NodeManager. Affected are Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, where a flaw in the NodeManager can leak the password for the credential store provider to YARN applications. Root cause is a credential store/password handling flaw in the NodeM...