Lucene search
+L

7 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.3 views

SUSE CVE-2022-26612

In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes. As a result, a TAR entry may create a symlink under the expected extraction directory which points to an external directory. A subsequent TAR entry may extract an...

9.8CVSS9.2AI score0.04176EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/22 12:16 p.m.79 views

Security Bulletin: Vulnerabilities in Apache Hadoop affect IBM Operations Analytics - Log Analysis (CVE-2022-26612, CVE-2022-25168)

Summary Multiple vulnerabilities in Apache Hadoop affect IBM Operations Analytics - Log Analysis. This has been fixed. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID:CVE-2022-26612 DESCRIPTION: Apache Hadoop for Windows could allow a remote attacker to bypas...

9.8CVSS9.8AI score0.04176EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2022/04/11 7:35 a.m.53 views

CVE-2022-26612

A flaw was found in Apache Hadoop, where an unTar function bypasses a check. This flaw allows an attacker to write outside of the expected base directory on Windows...

9.8CVSS2.6AI score0.04176EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2022/04/08 12:0 a.m.5 views

ai.onehouse:lakeview-sync-tool (>=0.18.5 <=0.30.0), com.4paradigm.openmldb:openmldb-taskmanager (>=0.4.2 <=0.6.2) +417 more potentially affected by CVE-2022-26612 via org.apache.hadoop:hadoop-common (>=0.22.0 <=2.10.1)

org.apache.hadoop:hadoop-common MAVEN version =0.22.0, =0.18.5, =0.4.2, =2.0.29.2, =0.3.0, =0.3.0, =2.10.6.9, =3.0.0, =3.0.0, =0.24.0, =0.24.0, =0.24.0, =0.24.0, =0.19.3, =0.19.3, =0.26.0 and more Source cves: CVE-2022-26612 Source advisory: OSV:GHSA-GX2C-FVHC-PH4J...

9.8CVSS7.2AI score0.04176EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/04/08 12:0 a.m.7 views

ai.catboost:catboost-spark_3.2_2.12 (>=1.0.6 <=1.2.10), ai.catboost:catboost-spark_3.2_2.13 (>=1.0.6 <=1.2.10) +647 more potentially affected by CVE-2022-26612 via org.apache.hadoop:hadoop-common (>=3.3.0 <=3.3.2)

org.apache.hadoop:hadoop-common MAVEN version =3.3.0, =1.0.6, =1.0.6, =1.1, =1.1.1, =0.13.0, =0.2.7, =0.2.7, =0.6.1.2, =1.0.0, =1.0.0, =0.2.2, =1.0.0, =1.0.0, =0.2.2, =0.4.1 and more Source cves: CVE-2022-26612 Source advisory: OSV:GHSA-GX2C-FVHC-PH4J...

9.8CVSS7.2AI score0.04176EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/04/08 12:0 a.m.4 views

ai.catboost:catboost-spark_3.1_2.12 (>=1.0.1 <=1.2.8), ai.chronon:aggregator_2.12 (>=0.0.25 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +840 more potentially affected by CVE-2022-26612 via org.apache.hadoop:hadoop-common (>=3.2.0 <=3.2.2)

org.apache.hadoop:hadoop-common MAVEN version =3.2.0, =1.0.1, =0.0.25, =0.0.25, =0.0.62, =0.0.25, =0.0.86, =thread-pool-0.0.24-dev, =0.0.6, =0.0.2, =3.34.0.3-1-3.1, =0.0.3, =1.0.0, =1.4.0, =1.4.0, =1.7.0 and more Source cves: CVE-2022-26612 Source advisory: OSV:GHSA-GX2C-FVHC-PH4J...

9.8CVSS7.2AI score0.04176EPSS
Exploits1
Cvelist
Cvelist
added 2022/04/07 6:20 p.m.34 views

CVE-2022-26612 Arbitrary file write in FileUtil#unpackEntries on Windows

In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes. As a result, a TAR entry may create a symlink under the expected extraction directory which points to an external directory. A subsequent TAR entry may extract an...

9.5AI score0.04176EPSS
Exploits1References2
Rows per page
Query Builder