Maven package
org.apache.hadoop/hadoop-yarn-project
pkg:maven/org.apache.hadoop/hadoop-yarn-project
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-26031 | — | >= 3.3.1, < 3.3.5 | 3.3.5 | Nov 16, 2023 | Relative library resolution in linux container-executor binary in Apache Hadoop 3.3.1-3.3.4 on Linux allows local user to gain root privileges. If the YARN cluster is accepting work from remote (authenticated) users, this MAY permit remote users to gain root privileges. Hadoop 3 |
- CVE-2023-26031Nov 16, 2023affected >= 3.3.1, < 3.3.5fixed 3.3.5
Relative library resolution in linux container-executor binary in Apache Hadoop 3.3.1-3.3.4 on Linux allows local user to gain root privileges. If the YARN cluster is accepting work from remote (authenticated) users, this MAY permit remote users to gain root privileges. Hadoop 3