Homepage

org.apache.hadoop:hadoop-hdds-server-framework@0.4.0-alpha vulnerabilities

  • latest version

    1.1.0

  • first published

    5 years ago

  • latest version published

    3 years ago

  • licenses detected

  • package manager

    View on Maven Repository
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the org.apache.hadoop:hadoop-hdds-server-framework package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Access Restriction Bypass

    Affected versions of this package are vulnerable to Access Restriction Bypass. Ozone Datanode does not check the access mode parameter of the block token. Authenticated users with valid READ block token can do any write operation on the same block.

    How to fix Access Restriction Bypass?

    Upgrade org.apache.hadoop:hadoop-hdds-server-framework to version 1.1.0 or higher.

    [,1.1.0)
    • H
    Access Restriction Bypass

    Affected versions of this package are vulnerable to Access Restriction Bypass. Container-related Datanode requests of Ozone Datanode were not properly authorized and can be called by any client.

    How to fix Access Restriction Bypass?

    Upgrade org.apache.hadoop:hadoop-hdds-server-framework to version 1.2.0 or higher.

    [,1.2.0)
    Go back to all versions of this package