VYPR
High severityOSV Advisory· Published Jan 26, 2026· Updated Jan 26, 2026

HDFS native client: Out of bounds write in URI parser of native HDFS client

CVE-2025-27821

Description

Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client.

This issue affects Apache Hadoop: from 3.2.0 before 3.4.2.

Users are recommended to upgrade to version 3.4.2, which fixes the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.hadoop:hadoop-hdfs-native-clientMaven
>= 3.2.0, < 3.4.23.4.2

Affected products

2

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.