14 lines
1.0 KiB
JSON
14 lines
1.0 KiB
JSON
{
|
|
"id": "openEuler-SA-2022-2016",
|
|
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2022-2016",
|
|
"title": "An update for hadoop is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS",
|
|
"severity": "Important",
|
|
"description": "Apache Hadoop is a framework that allows for the distributed processing of large data sets across clusters of computers using simple programming models. It is designed to scale up from single servers to thousands of machines, each offering local computation and storage.\r\n\r\nSecurity Fix(es):\r\n\r\nIn Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user. Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or higher.(CVE-2021-33036)",
|
|
"cves": [
|
|
{
|
|
"id": "CVE-2021-33036",
|
|
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33036",
|
|
"severity": "Important"
|
|
}
|
|
]
|
|
} |