Zip Slip Vulnerability in Apache Hadoop 3.1.0 and Earlier Versions

Zip Slip Vulnerability in Apache Hadoop 3.1.0 and Earlier Versions

CVE-2018-8009 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2.8.4, 2.0.0-alpha to 2.7.6, 0.23.0 to 0.23.11 is exploitable via the zip slip vulnerability in places that accept a zip file.

Learn more about our Web Application Penetration Testing UK.