CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-25168 – Command injection in org.apache.hadoop.fs.FileUtil.unTarUsingTar
https://notcve.org/view.php?id=CVE-2022-25168
04 Aug 2022 — Apache Hadoop's FileUtil.unTar(File, File) API does not escape the input file name before being passed to the shell. An attacker can inject arbitrary commands. This is only used in Hadoop 3.3 InMemoryAliasMap.completeBootstrapTransfer, which is only ever run by a local user. It has been used in Hadoop 2.x for yarn localization, which does enable remote code execution. It is used in Apache Spark, from the SQL command ADD ARCHIVE. • https://lists.apache.org/thread/mxqnb39jfrwgs3j6phwvlrfq4mlox130 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 7EXPL: 0CVE-2021-33036 – Apache Hadoop Privilege escalation vulnerability
https://notcve.org/view.php?id=CVE-2021-33036
15 Jun 2022 — In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher. En Apache Hadoop versiones 2.2.0 a 2.10.1, 3.0.0-alpha1 a 3.1.4, 3.2.0 a 3.2.2 y 3.3.0 a 3.3.1, un usuario que puede escalar a usuario hilo puede ejecutar posiblemente comandos arbitrarios como usuario root. Los usuarios deben actualizar a Apache Hadoop versione... • http://www.openwall.com/lists/oss-security/2022/06/15/2 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-24: Path Traversal: '../filedir' CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-26612 – Arbitrary file write in FileUtil#unpackEntries on Windows
https://notcve.org/view.php?id=CVE-2022-26612
07 Apr 2022 — In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes. As a result, a TAR entry may create a symlink under the expected extraction directory which points to an external directory. A subsequent TAR entry may extract an arbitrary file into the external directory using the symlink name. This however would be caught by the same targetDirPath check on Unix because of the getCanonicalPath call. However on Windows, getCanonicalPath doesn't ... • https://lists.apache.org/thread/hslo7wzw2449gv1jyjk8g6ttd7935fyz • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2020-9492 – hadoop: WebHDFS client might send SPNEGO authorization header
https://notcve.org/view.php?id=CVE-2020-9492
26 Jan 2021 — In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification. En Apache Hadoop versiones 3.2.0 hasta 3.2.1, versiones 3.0.0-alpha1 hasta 3.1.3 y versiones 2.0.0-alpha hasta 2.10.0, el cliente WebHDFS puede enviar el encabezado de autorización SPNEGO hacia una URL remota sin la comprobación apropiada A flaw was found in Apache hadoop. The WebHDFS client can send a SPNEGO authorization header ... • https://lists.apache.org/thread.html/r0a534f1cde7555f7208e9f9b791c1ab396d215eaaef283b3a9153429%40%3Ccommits.druid.apache.org%3E • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-11765
https://notcve.org/view.php?id=CVE-2018-11765
30 Sep 2020 — In Apache Hadoop versions 3.0.0-alpha2 to 3.0.0, 2.9.0 to 2.9.2, 2.8.0 to 2.8.5, any users can access some servlets without authentication when Kerberos authentication is enabled and SPNEGO through HTTP is not enabled. En las versiones de Apache Hadoop versiones 3.0.0-alpha2 hasta 3.0.0, versiones 2.9.0 hasta 2.9.2, versiones 2.8.0 hasta 2.8.5, cualquier usuario puede acceder a algunos servlets sin autenticación cuando la autenticación Kerberos está habilitada y SPNEGO por medio de HTTP no está habilitado • https://lists.apache.org/thread.html/r17d94d132b207dad221595fd8b8b18628f5f5ec7e3f5be939ecd8928%40%3Ccommits.druid.apache.org%3E • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 0CVE-2018-11768
https://notcve.org/view.php?id=CVE-2018-11768
04 Oct 2019 — In Apache Hadoop 3.1.0 to 3.1.1, 3.0.0-alpha1 to 3.0.3, 2.9.0 to 2.9.1, and 2.0.0-alpha to 2.8.4, the user/group information can be corrupted across storing in fsimage and reading back from fsimage. En Apache Hadoop versiones 3.1.0 hasta 3.1.1, 3.0.0-alpha1 hasta 3.0.3, 2.9.0 hasta 2.9.1 y 2.0.0-alpha hasta 2.8.4, la información de user/group puede corromperse durante el almacenamiento en fsimage y una lectura nuevamente desde fsimage. • https://lists.apache.org/thread.html/2067a797b330530a6932f4b08f703b3173253d0a2b7c8c524e54adaf%40%3Cgeneral.hadoop.apache.org%3E • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 0%CPEs: 10EXPL: 0CVE-2018-8029
https://notcve.org/view.php?id=CVE-2018-8029
30 May 2019 — In Apache Hadoop versions 3.0.0-alpha1 to 3.1.0, 2.9.0 to 2.9.1, and 2.2.0 to 2.8.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user. En las versiones 3.0.0-alpha1 hasta 3.1.0, 2.9.0 hasta 2.9.1, y 2.2.0 hasta 2.8.4 de Apache Hadoop, Un usuario que pueda escalar a usuario yarn puede ejecutar comandos arbitrarios como usuario root. • http://www.securityfocus.com/bid/108518 •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2018-11767
https://notcve.org/view.php?id=CVE-2018-11767
18 Mar 2019 — In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms. En Apache Hadoop, de la versión 2.9.0 a la 2.9.1, de la 2.8.3 a la 2.8.4 y de la 2.7.5 a la 2.7.6, KMS bloquea usuarios o proporciona acceso a los usuarios de forma incorrecta, si el sistema emplea mecanismos de mapeo de grupos que no son por defecto. • https://lists.apache.org/thread.html/246cf223e7dc0c1dff90b78dccb6c3fe94e1a044dbf98e2333393302%40%3Ccommon-issues.hadoop.apache.org%3E • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2018-1296
https://notcve.org/view.php?id=CVE-2018-1296
07 Feb 2019 — In Apache Hadoop 3.0.0-alpha1 to 3.0.0, 2.9.0, 2.8.0 to 2.8.3, and 2.5.0 to 2.7.5, HDFS exposes extended attribute key/value pairs during listXAttrs, verifying only path-level search access to the directory rather than path-level read permission to the referent. En Apache Hadoop, desde la versión 3.0.0-alpha1 hasta la 3.0.0, 2.9.0, desde la 2.8.0 hasta la 2.8.3 y desde la 2.5.0 hasta la 2.7.5, HDFS expone pares de atributos de valor/clave extendidos durante listXAttrs, verificando solo el acceso de búsqueda... • http://www.securityfocus.com/bid/106764 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 1%CPEs: 12EXPL: 1CVE-2018-8009 – hadoop: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file
https://notcve.org/view.php?id=CVE-2018-8009
13 Nov 2018 — Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2.8.4, 2.0.0-alpha to 2.7.6, 0.23.0 to 0.23.11 is exploitable via the zip slip vulnerability in places that accept a zip file. Apache Hadoop 3.1.0, 3.0.0-alpha a 3.0.2, 2.9.0 a 2.9.1, 2.8.0 a 2.8.4, 2.0.0-alpha a 2.7.6 y 0.23.0 a 0.23.11 puede explotarse mediante la vulnerabilidad "zip slip" en lugares que aceptan un archivo zip. This release of Red Hat Fuse 7.5.0 serves as a replacement for Red Hat Fuse 7.4, and includes bug fixes and enha... • http://www.securityfocus.com/bid/105927 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •