CVE-2018-8009 is a vulnerability in Apache Hadoop
Published on November 13, 2018

Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2.8.4, 2.0.0-alpha to 2.7.6, 0.23.0 to 0.23.11 is exploitable via the zip slip vulnerability in places that accept a zip file.

Vendor Advisory NVD

Products Associated with CVE-2018-8009

Want to know whenever a new CVE is published for Apache Hadoop? stack.watch will email you.

Apache Hadoop

Affected Versions

Apache Software Foundation Apache Hadoop Version Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2.8.4, 2.0.0-alpha to 2.7.6, 0.23.0 to 0.23.11 is affected by CVE-2018-8009

Exploit Probability

EPSS

10.30%

Percentile

93.08%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-8009 is a vulnerability in Apache HadoopPublished on November 13, 2018

Products Associated with CVE-2018-8009

Affected Versions

Exploit Probability

CVE-2018-8009 is a vulnerability in Apache Hadoop
Published on November 13, 2018