Lucene search
ApacheCVELIST:CVE-2017-3166HistoryNov 13, 2017 - 2:00 p.m.
CVE-2017-3166
2017-11-1314:00:00
apache
www.cve.org
7
In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1, if a file in an encryption zone with access permissions that make it world readable is localized via YARN’s localization mechanism, that file will be stored in a world-readable location and can be shared freely with any application that requests to localize that file.
CNA Affected
[
{
"product": "Apache Hadoop",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "2.6.1 to 2.6.5"
},
{
"status": "affected",
"version": "2.7.0 to 2.7.3"
},
{
"status": "affected",
"version": "3.0.0-alpha1 to 3.0.0-alpha3"
}
]
}
]Related
osv
osv
Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main
2018-12-21 17:50:03
CVE-2017-3166
2017-11-13 14:29:00
openvas
openvas
Apache Hadoop Insufficient Access Control Vulnerability
2017-11-21 00:00:00
Fedora Update for hadoop FEDORA-2018-e5a8b72d0d
2018-07-15 00:00:00
github
github
Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main
2018-12-21 17:50:03
ibm
ibm
nvd
nvd
CVE-2017-3166
2017-11-13 14:29:00
prion
prion
Design/Logic Flaw
2017-11-13 14:29:00
cve
cve
CVE-2017-3166
2017-11-13 14:29:00
fedora
fedora
[SECURITY] Fedora 28 Update: hadoop-2.7.6-4.fc28
2018-07-15 03:34:22
nessus
nessus
Fedora 28 : hadoop (2018-e5a8b72d0d)
2019-01-03 00:00:00