CNNVD-202601-4406 Information
CNNVD ID
CNNVD-202601-4406
Related CVE
- CNNVD Published: 2026-01-26
Description (Chinese)
Apache Hadoop是美国Apache基金会的一套开源的分布式系统基础架构。该产品能够对大量数据进行分布式处理,并具有高可靠性、高扩展性、高容错性等特点。ch是ClickHouse开源的一个ClickHouse的低级Go客户端。 Apache Hadoop 3.2.0版本至3.4.2之前版本存在安全漏洞,该漏洞源于HDFS原生客户端存在越界写入,可能导致内存损坏。
Description (English)
Apache Hadoop is the foundation for an open source distributed system of the Apache Foundation in the United States. The product is capable of distributive processing of a large amount of data and is characterized by high reliability, expansiveness and tolerance. c is a low-level Go-go client of Crickhouse, an open source. There was a security loophole in the pre-Apache Hadoop version 3.2.0 to 3.4.2, which stemmed from the cross-border writing of the original HCFC client, which could cause memory damage.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
阿帕奇
Published
2026-01-26
Last Modified
2026-02-24
References
https://lists.apache.org/thread/kwjhyyx0wl2z9b0mw0styjk0hhdbyplh http://www.openwall.com/lists/oss-security/2026/01/23/7 https://access.redhat.com/security/cve/cve-2025-27821