1 matches found
File Permission Manipulation Via Symlink Attack
hadoop-common-yarn is vulnerable to file permission manipulation. Using a symlink attack in a public tar archive, attackers can change the permissions on files to be world-readable...