5 matches found
ai.grakn:grakn-dist (>=0.7.0 <=0.14.0), ai.grakn:grakn-engine (>=0.12.0 <=0.16.0) +638 more potentially affected by CVE-2016-5001 via org.apache.hadoop:hadoop-common (>=2.7.0 <=2.7.1)
org.apache.hadoop:hadoop-common MAVEN version =2.7.0, =0.7.0, =0.12.0, =0.12.0, =0.10.0, =0.15.0, =0.6.1, =0.12.1, =0.11.0, =3.3.2-public, =0.21.3-public, =3.3.2-public, =lxw-test-3.0.0-public - com.aliyun.odps:odps-spark-client2.11 =lxw-test-3.0.0-public and more Source cves: CVE-2016-5001 Sourc...
ae.teletronics.nlp:entityextraction (=1.3), ae.teletronics.nlp:w2vec (=1.0) +2139 more potentially affected by CVE-2016-5001 via org.apache.hadoop:hadoop-common (>=0.22.0 <=2.6.3)
org.apache.hadoop:hadoop-common MAVEN version =0.22.0, =0.2.5, =2.0.0, =0.2.5, =2.0.0, =1.6.4, =2.0.0, =1.4.11, =2.0.0, =1.0.0, =0.18.5, =0.5.2, =1.0, =2.0 and more Source cves: CVE-2016-5001 Source advisory: OSV:GHSA-8R28-R8CP-G6CP...
Security Bulletin: IBM InfoSphere BigInsights 4.2 is affected by Open Source vulnerabilities in Hadoop (CVE-2016-3086, CVE-2016-5001) and Solr (CVE-2017-3163)
Summary IBM InfoSphere BigInsights 4.2 is affected by Open Source vulnerabilities in Hadoop CVE-2016-3086, CVE-2016-5001 and Solr CVE-2017-3163 Vulnerability Details CVEID: CVE-2016-3086 DESCRIPTION: Apache Hadoop could allow a remote attacker to obtain sensitive information, caused by a flaw in...
CVE-2016-5001
This is an information disclosure vulnerability in Apache Hadoop before 2.6.4 and 2.7.x before 2.7.2 in the short-circuit reads feature of HDFS. A local user on an HDFS DataNode may be able to craft a block token that grants unauthorized read access to random files by guessing certain fields in t...
CVE-2016-5001
CVE-2016-5001 affects Apache Hadoop before 2.6.4 and 2.7.x before 2.7.2, in the HDFS short-circuit reads feature. Root cause: a flaw in the token-based access control that lets a local DataNode user craft a block token to read arbitrary files. Impact: information disclosure (unauthorized read acc...