CVE-2018-8029
30.05.2019, 16:29
In Apache Hadoop versions 3.0.0-alpha1 to 3.1.0, 2.9.0 to 2.9.1, and 2.2.0 to 2.8.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user.Enginsight
| Vendor | Product | Version |
|---|---|---|
| apache | hadoop | 2.2.0 ≤ 𝑥 ≤ 2.8.4 |
| apache | hadoop | 3.0.1 ≤ 𝑥 ≤ 3.1.0 |
| apache | hadoop | 2.9.0 |
| apache | hadoop | 2.9.1 |
| apache | hadoop | 3.0.0 |
| apache | hadoop | 3.0.0:alpha1 |
| apache | hadoop | 3.0.0:alpha2 |
| apache | hadoop | 3.0.0:alpha3 |
| apache | hadoop | 3.0.0:alpha4 |
| apache | hadoop | 3.0.0:beta1 |
𝑥
= Vulnerable software versions
References