org.apache.hbase:hbase-thrift@1.2.1 vulnerabilities
-
latest version
2.5.8-hadoop3
-
latest non vulnerable version
-
first published
10 years ago
-
latest version published
a month ago
-
licenses detected
- [0.96.0-hadoop1,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.hbase:hbase-thrift package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.apache.hbase:hbase-thrift is an open-source, distributed, versioned, column-oriented store modeled after Google' Bigtable. Affected versions of this package are vulnerable to Privilege Escalation. There is a race-condition which could lead to authenticated sessions being incorrectly applied to users, e.g. one authenticated user would be considered a different user or an unauthenticated user would be treated as an authenticated user. How to fix Privilege Escalation? Upgrade |
[1.2.0,1.2.6.1)
[1.3.0,1.3.2.1)
[1.4.0,1.4.5)
[2.0.0,2.0.1)
|