CVE-2016-4572

In Cloudera CDH before 5.7.1, Impala REVOKE ALL ON SERVER commands do not revoke all privileges...

SUSE CVE-2017-9792

In Apache Impala incubating before 2.10.0, a malicious user with "ALTER" permissions on an Impala table can access any other Kudu table data by altering the table properties to make it "external" and then changing the underlying table mapping to point to other Kudu tables. This violates and works...

CVE-2024-54660

CVE-2024-54660 affects Cloudera JDBC Connector for Hive (before 2.6.26) and JDBC Connector for Impala (before 2.6.35). The issue is a JNDI injection triggered by untrusted values in the JAAS-using krbJAASFile parameter within the JDBC URL during connection, allowing potential remote code executio...

Apache Impala Authorization Bypass Vulnerability

Apache Impala is the United States Apache Apache Software Foundation of a large-scale, distributed parallel processing database query system. The system is able to query the Hadoop big data analytics software stored in HDFS distributed file system and HBase database in the petabyte of big data. A...

Cloudera CDH Setry Authorization Bypass Vulnerability

CDH is the most complete, tested and widely deployed distribution of Apache Hadoop.CDH is 100% open source and is the only Hadoop solution that offers batch processing, interactive SQL and interactive search, and enterprise-grade continuous availability. A Setry authorization bypass vulnerability...