Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-18393

Hadoop 3.3.2 has CVEs coming from dependencies

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Duplicate
    • 3.3.2
    • None
    • build
    • None

    Description

      Hi Team,

       

      Hadoop version 3.3.1 which is compatible for our application have Vulnerebilities:

      Is there any plan to fix this

      CVE-2021-37404 hadoop versions < 3.3.2 Apache Hadoop potential heap buffer overflow in libhdfs.
      CVE-2020-10650 jackson < 2.9.10.4
      CVE-2021-33036 hadoop < 3.3.2
      CVE-2022-31159 aws xfer manager download < 1.12.262

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              suman.na.agrawal suman agrawal
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: