EUVD-2022-4816

Malicious code in bioql PyPI...

EUVD-2022-3045

Malicious code in bioql PyPI...

Fedora: Security Advisory for golang-github-colinmarc-hdfs-2 (FEDORA-2022-5ef0bd9a27)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-github-colinmarc-hdfs-2-2.2.0-5.fc36

This is a native golang client for hdfs. It connects directly to the namenode using the protocol buffers API. It tries to be idiomatic by aping the stdlib os package, where possible, and implements the interfaces from it, including os.FileInfo and os.PathError...

GHSA-PR9X-QMP5-J3RR Improper Input Validation in Apache Hadoop

HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as a query parameter that is not validated in Apache Hadoop before 2.7.0...

Improper Input Validation in Apache Hadoop

HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as a query parameter that is not validated in Apache Hadoop before 2.7.0...

com.huemulsolutions.bigdata:huemul-bigdatagovernance (>=1.1 <=2.1), com.thinkbiganalytics.kylo:kylo-kerberos-test-client (=0.10.0) +3 more potentially affected by CVE-2015-1772 via org.apache.hive:hive-service (=1.1.0)

org.apache.hive:hive-service MAVEN version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hive:hive-service and may be impacted: - com.huemulsolutions.bigdata:huemul-bigdatagovernance =1.1, =2.1 -...

Apache Hadoop Multiple Vulnerabilities

Apache Hadoop is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:hadoop"; if descriptio...

Input Validation Bypass

Apache Hadoop HDFS is vulnerable to input validation bypass. The attack is possible because it does not correctly handle the validation of the input to NameNode when it is sent as a query parameter during the interaction of the HDFS client with the DataNode in the HDFS namespace browsing. A user...

CVE-2017-3162

HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as a query parameter that is not validated in Apache Hadoop before 2.7.0...

CVE-2017-3162

HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as a query parameter that is not validated in Apache Hadoop before 2.7.0...

CVE-2017-3162

Apache Hadoop CVE-2017-3162: A vulnerability in the HDFS namespace browsing flow where the DataNode servlet accepts a NameNode URL as a query parameter without validation, allowing an attacker to bypass security restrictions. Affected software includes Hadoop versions prior to 2.7.0; the issue st...

Apache Hadoop DataNode Missed Validation Vulnerability

HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as a query parameter that is not validated. Apache Hadoop versions 2.6.x and earlier are affected. CVE-2017-3162: Apache Hadoop DataNode web UI vulnerability Severity: Important Vendor: The...

Hadoop HDFSBrowser information disclosure

Browsing the HDFS datalake ========================== Description ----------- There are 2 different and distinct approaches to browse the HDFS datalake: A. Through the WebHDFS API B. Through the native Hadoop CLI WebHDFS ------- WebHDFS offers REST API for users to access data on the HDFS...

CVE-2016-5393

In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with the HDFS NameNode can possibly run arbitrary commands with the same privileges as the HDFS service...

Design/Logic Flaw

In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with the HDFS NameNode can possibly run arbitrary commands with the same privileges as the HDFS service...

Mail.ru: HDFS NameNode Public disclosure: http://185.5.139.33:50070/dfshealth.jsp

Here it is: http://185.5.139.33:50070/dfshealth.jsp...

[CVE-2012-3376] Apache Hadoop HDFS information disclosure vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, Users of Apache Hadoop should be aware of a security vulnerability recently discovered, as described by the following CVE. In particular, please note the "Users affected", "Versions affected", and "Mitigation" sections. The project team will be...

Apache Hadoop HDFS NameNode Web Detection

The web interface for a NameNode was detected on the remote host. A NameNode is the master server in a Hadoop Distributed File System HDFS cluster. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid50306; scriptversion"1.8"; scriptcvsdate"Date: 2019/11/25";...