Severity: important Versions affected:
2.9.0 to 2.10.1, 3.0.0 to 3.1.4, 3.2.0 to 3.2.2, 3.3.0 to 3.3.1 Description: There is a potential heap buffer overflow in libhdfs native code. Opening a file path provided by user without validation may result in a denial of service or arbitrary code execution. Mitigation: Users should upgrade to Apache Hadoop 2.10.2, 3.2.3, 3.3.2 or upper. Credit: This issue was discovered by Igor Chervatyuk.
