Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache hadoop 2.7.4 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-15718
The YARN NodeManager in Apache Hadoop 2.7.3 and 2.7.4 can leak the password for credential store provider used by the NodeManager to YARN Applications.
Apache Hadoop 2.7.3
Apache Hadoop 2.7.4
8.8
CVSSv3
CVE-2018-11766
In Apache Hadoop 2.7.4 to 2.7.6, the security fix for CVE-2016-6811 is incomplete. A user who can escalate to yarn user can possibly run arbitrary commands as root user.
Apache Hadoop
8.8
CVSSv3
CVE-2016-6811
In Apache Hadoop 2.x prior to 2.7.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user.
Apache Hadoop
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
command injection
CVE-2021-47511
CVE-2024-26238
CVE-2024-4858
CVE-2024-21305
XXE
CVE-2021-47555
CVE-2021-47526
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started