| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2021-37404 |
120 |
|
DoS Exec Code Overflow |
2022-06-13 |
2022-07-15 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
There is a potential heap buffer overflow in Apache Hadoop libhdfs native code. Opening a file path provided by user without validation may result in a denial of service or arbitrary code execution. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher. |
|
2 |
CVE-2021-33036 |
22 |
|
Dir. Trav. |
2022-06-15 |
2022-07-22 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher. |
|
3 |
CVE-2020-9492 |
863 |
|
|
2021-01-26 |
2022-07-25 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification. |
|
4 |
CVE-2018-11768 |
119 |
|
Overflow |
2019-10-04 |
2020-08-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
In Apache Hadoop 3.1.0 to 3.1.1, 3.0.0-alpha1 to 3.0.3, 2.9.0 to 2.9.1, and 2.0.0-alpha to 2.8.4, the user/group information can be corrupted across storing in fsimage and reading back from fsimage. |
|
5 |
CVE-2018-11767 |
269 |
|
|
2019-03-21 |
2019-10-03 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms. |
|
6 |
CVE-2018-11766 |
|
|
|
2018-11-27 |
2019-10-03 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
In Apache Hadoop 2.7.4 to 2.7.6, the security fix for CVE-2016-6811 is incomplete. A user who can escalate to yarn user can possibly run arbitrary commands as root user. |
|
7 |
CVE-2018-11765 |
287 |
|
|
2020-09-30 |
2020-10-16 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In Apache Hadoop versions 3.0.0-alpha2 to 3.0.0, 2.9.0 to 2.9.2, 2.8.0 to 2.8.5, any users can access some servlets without authentication when Kerberos authentication is enabled and SPNEGO through HTTP is not enabled. |
|
8 |
CVE-2018-8029 |
|
|
|
2019-05-30 |
2020-10-08 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
In Apache Hadoop versions 3.0.0-alpha1 to 3.1.0, 2.9.0 to 2.9.1, and 2.2.0 to 2.8.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user. |
|
9 |
CVE-2018-8009 |
22 |
|
Dir. Trav. |
2018-11-13 |
2020-10-08 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2.8.4, 2.0.0-alpha to 2.7.6, 0.23.0 to 0.23.11 is exploitable via the zip slip vulnerability in places that accept a zip file. |
|
10 |
CVE-2018-1296 |
200 |
|
+Info |
2019-02-07 |
2019-02-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Apache Hadoop 3.0.0-alpha1 to 3.0.0, 2.9.0, 2.8.0 to 2.8.3, and 2.5.0 to 2.7.5, HDFS exposes extended attribute key/value pairs during listXAttrs, verifying only path-level search access to the directory rather than path-level read permission to the referent. |
|
11 |
CVE-2017-15713 |
200 |
|
+Info |
2018-01-19 |
2018-02-06 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Vulnerability in Apache Hadoop 0.23.x, 2.x before 2.7.5, 2.8.x before 2.8.3, and 3.0.0-alpha through 3.0.0-beta1 allows a cluster user to expose private files owned by the user running the MapReduce job history server process. The malicious user can construct a configuration file containing XML directives that reference sensitive files on the MapReduce job history server host. |
|
12 |
CVE-2017-3162 |
20 |
|
|
2017-04-26 |
2021-07-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as a query parameter that is not validated in Apache Hadoop before 2.7.0. |
|
13 |
CVE-2017-3161 |
79 |
|
XSS |
2017-04-26 |
2021-07-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The HDFS web UI in Apache Hadoop before 2.7.0 is vulnerable to a cross-site scripting (XSS) attack through an unescaped query parameter. |
|
14 |
CVE-2016-6811 |
264 |
|
|
2017-04-11 |
2018-05-10 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
In Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user. |
|
15 |
CVE-2016-5001 |
200 |
|
+Info |
2017-08-30 |
2021-07-03 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
This is an information disclosure vulnerability in Apache Hadoop before 2.6.4 and 2.7.x before 2.7.2 in the short-circuit reads feature of HDFS. A local user on an HDFS DataNode may be able to craft a block token that grants unauthorized read access to random files by guessing certain fields in the token. |
|
16 |
CVE-2012-4449 |
327 |
|
|
2017-10-30 |
2017-11-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a 20-bit secret when Kerberos security features are enabled, which makes it easier for context-dependent attackers to crack secret keys via a brute-force attack. |
