Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache hadoop 2.7.4 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-15718
The YARN NodeManager in Apache Hadoop 2.7.3 and 2.7.4 can leak the password for credential store provider used by the NodeManager to YARN Applications.
Apache Hadoop 2.7.3
Apache Hadoop 2.7.4
8.8
CVSSv3
CVE-2018-11766
In Apache Hadoop 2.7.4 to 2.7.6, the security fix for CVE-2016-6811 is incomplete. A user who can escalate to yarn user can possibly run arbitrary commands as root user.
Apache Hadoop
8.8
CVSSv3
CVE-2016-6811
In Apache Hadoop 2.x prior to 2.7.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user.
Apache Hadoop
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started