VYPR
Critical severityNVD Advisory· Published Jun 13, 2022· Updated Aug 4, 2024

Heap buffer overflow in libhdfs native library

CVE-2021-37404

Description

There is a potential heap buffer overflow in Apache Hadoop libhdfs native code. Opening a file path provided by user without validation may result in a denial of service or arbitrary code execution. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.hadoop:hadoop-commonMaven
>= 3.3.0, < 3.3.23.3.2
org.apache.hadoop:hadoop-commonMaven
>= 3.0.0, < 3.2.33.2.3
org.apache.hadoop:hadoop-commonMaven
< 2.10.22.10.2

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.