CVE-2018-8009

Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2.8.4, 2.0.0-alpha to 2.7.6, 0.23.0 to 0.23.11 is exploitable via the zip slip vulnerability in places that accept a zip file.
Configurations

Configuration 1

cpe:2.3:a:apache:hadoop:2.0.0:alpha:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:3.0.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:3.0.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:3.0.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:3.0.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:3.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:hadoop:3.1.0:*:*:*:*:*:*:*

Information

Published : 2018-11-13 09:29

Updated : 2020-10-08 10:15


NVD link : CVE-2018-8009

Mitre link : CVE-2018-8009

Products Affected
No products.
CWE