Apache Hadoop Vulnerabilities

Apache Hadoop vulnerabilities.

25 September 2024

Hadoop's RunJar.run() does not set permissions for temporary directory by default, posing risk to sensitive data
CVE-2024-23454
ApacheApache Hadoop

16 November 2023

Privilege escalation in Apache Hadoop Yarn container-executor binary on Linux systems
CVE-2023-26031
ApacheApache Hadoop7.5HIGH

25 August 2022

Apache Hadoop YARN remote code execution in ZKConfigurationStore of capacity scheduler
CVE-2021-25642
ApacheApache Hadoop👾🟡8.8HIGH

4 August 2022

Command injection in org.apache.hadoop.fs.FileUtil.unTarUsingTar
CVE-2022-25168
ApacheApache Hadoop9.8CRITICAL

15 June 2022

Apache Hadoop Privilege escalation vulnerability
CVE-2021-33036
ApacheApache Hadoop8.8HIGH

13 June 2022

Heap buffer overflow in libhdfs native library
CVE-2021-37404
ApacheApache Hadoop9.8CRITICAL

7 April 2022

Arbitrary file write in FileUtil#unpackEntries on Windows
CVE-2022-26612
ApacheApache Hadoop9.8CRITICAL

26 January 2021

Authentication Flaw in Apache Hadoop WebHDFS Client Leads to Potential Security Risk
CVE-2020-9492
ApacheApache Hadoop8.8HIGH

21 October 2020

Authentication Bypass Vulnerability in Apache Hadoop by Apache Software Foundation
CVE-2018-11764
ApacheApache Hadoop8.8HIGH

30 September 2020

Authorization Bypass Vulnerability in Apache Hadoop
CVE-2018-11765
ApacheApache Hadoop7.5HIGH

29 October 2019

Symlink Vulnerability in Hadoop by Apache
CVE-2012-2945
ApacheHadoop7.5HIGH

4 October 2019

User/Group Information Corruption in Apache Hadoop Software
CVE-2018-11768
ApacheApache Hadoop7.5HIGH

30 May 2019

Command Execution Vulnerability in Apache Hadoop by Apache
CVE-2018-8029
ApacheApache Hadoop8.8HIGH

21 March 2019

Access Control Issues in Apache Hadoop KMS for Specific User Groups
CVE-2018-11767
ApacheApache Hadoop7.4HIGH

7 February 2019

Path-Level Permission Flaw in Apache Hadoop's HDFS Functionality
CVE-2018-1296
ApacheApache Hadoop7.5HIGH

27 November 2018

Apache Hadoop Vulnerability Allows Command Execution by Escalated Users
CVE-2018-11766
ApacheApache Hadoop8.8HIGH

13 November 2018

Zip Slip Vulnerability in Apache Hadoop Products
CVE-2018-8009
ApacheApache Hadoop8.8HIGH

24 January 2018

Credential Store Password Leak in Apache Hadoop YARN NodeManager
CVE-2017-15718
ApacheApache Hadoop9.8CRITICAL

19 January 2018

Vulnerability in Apache Hadoop MapReduce Job History Server Exposes Private Files
CVE-2017-15713
ApacheApache Hadoop6.5MEDIUM

13 November 2017

Privilege Escalation Vulnerability in Apache Hadoop
CVE-2017-3166
ApacheApache Hadoop7.8HIGH

30 October 2017

Token Password Generation Vulnerability in Apache Hadoop
CVE-2012-4449
ApacheHadoop9.8CRITICAL

5 September 2017

YARN NodeManager Password Leak in Apache Hadoop
CVE-2016-3086
ApacheApache Hadoop9.8CRITICAL

30 August 2017

Information Disclosure Vulnerability in Apache Hadoop Data Management
CVE-2016-5001
ApacheApache Hadoop5.5MEDIUM

5 June 2017

Privilege Escalation Vulnerability in Apache Hadoop by The Apache Software Foundation
CVE-2017-7669
ApacheApache Hadoop7.5HIGH

26 April 2017

CVE-2017-3161
ApacheApache Hadoop6.1MEDIUM