hadoop-hdds-common is vulnerable to authorization bypass. The library does not properly perform authorization checks, allowing an authenticated attacker to execute admin block operations.
www.openwall.com/lists/oss-security/2021/11/19/4
github.com/apache/ozone/commit/355096b9c218a90d01307b7b8782c469300b94bf
github.com/apache/ozone/commit/842e6f6f1002a04eb3dd2c76ef108575f3a751af
github.com/apache/ozone/pull/2186
github.com/apache/ozone/pull/2254
issues.apache.org/jira/browse/HDDS-4729
issues.apache.org/jira/browse/HDDS-5236
mail-archives.apache.org/mod_mbox/ozone-dev/202111.mbox/%3C394a9a73-44dd-b5db-84d8-607c3226eb00%40apache.org%3E