7.3

CVE-2025-27821

Medienbericht

HDFS native client: Out of bounds write in URI parser of native HDFS client

Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client.

This issue affects Apache Hadoop: from 3.2.0 before 3.4.2.

Users are recommended to upgrade to version 3.4.2, which fixes the issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheHadoop Version >= 3.2.0 < 3.4.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.86% 0.538
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.3 3.9 3.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
27.01.2026 10:35
https://lists.apache.org/thread/kwjhyyx0wl2z9b0mw0styjk0hhdbyplh
Vendor Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2026/01/23/7
Third Party Advisory
Mailing List