Описание
Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop
The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3 can leak the password for credential store provider used by the NodeManager to YARN Applications.
Пакеты
Наименование
org.apache.hadoop:hadoop-yarn-server-nodemanager
maven
Затронутые версииВерсия исправления
>= 2.6.0, <= 2.6.4
2.6.5
Наименование
org.apache.hadoop:hadoop-yarn-server-nodemanager
maven
Затронутые версииВерсия исправления
>= 2.7.0, <= 2.7.2
2.7.3
Связанные уязвимости
CVSS3: 9.8
nvd
больше 8 лет назад
The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3 can leak the password for credential store provider used by the NodeManager to YARN Applications.
CVSS3: 9.8
debian
больше 8 лет назад
The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x bef ...