In Apache Hadoop versions 3.0.0-alpha1 to 3.1.0, 2.9.0 to 2.9.1, and 2.2.0 to 2.8.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache hadoop 3.0.0 |
||
apache hadoop 2.9.0 |
||
apache hadoop |
||
apache hadoop 2.9.1 |