Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache hadoop 2.5.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-1296
In Apache Hadoop 3.0.0-alpha1 to 3.0.0, 2.9.0, 2.8.0 to 2.8.3, and 2.5.0 to 2.7.5, HDFS exposes extended attribute key/value pairs during listXAttrs, verifying only path-level search access to the directory rather than path-level read permission to the referent.
Apache Hadoop 3.0.0
Apache Hadoop 2.8.0
Apache Hadoop
Apache Hadoop 2.8.1
Apache Hadoop 2.8.2
Apache Hadoop 2.8.3
Apache Hadoop 2.9.0
4.3
CVSSv2
CVE-2018-8042
Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari Agent informational log messages when the credential store feature is enabled for eligible services. For example, Hive and Oozie.
Apache Ambari
4.6
CVSSv2
CVE-2015-7430
The Hadoop connector 1.1.1, 2.4, 2.5, and 2.7.0-0 prior to 2.7.0-3 for IBM Spectrum Scale and General Parallel File System (GPFS) allows local users to read or write to arbitrary GPFS data via unspecified vectors.
Apache Hadoop 2.5.0
Apache Hadoop 1.1.1
Apache Hadoop 2.7.0
Apache Hadoop 2.4.0
5
CVSSv2
CVE-2014-3627
The YARN NodeManager daemon in Apache Hadoop 0.23.0 up to and including 0.23.11 and 2.x prior to 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which...
Apache Hadoop 2.0.4
Apache Hadoop 0.23.9
Apache Hadoop 0.23.3
Apache Hadoop 2.0.3
Apache Hadoop 2.0.6
Apache Hadoop 2.1.0
Apache Hadoop 2.5.1
Apache Hadoop 2.0.5
Apache Hadoop 2.2.0
Apache Hadoop 0.23.6
Apache Hadoop 2.5.0
Apache Hadoop 2.1.1
Apache Hadoop 2.0.0
Apache Hadoop 0.23.0
Apache Hadoop 0.23.4
Apache Hadoop 2.4.0
Apache Hadoop 0.23.5
Apache Hadoop 2.4.1
Apache Hadoop 0.23.10
Apache Hadoop 2.0.2
Apache Hadoop 0.23.8
Apache Hadoop 2.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started