The Apache Software Foundation has released a security update to address a vulnerability in Apache Hadoop. An attacker could exploit this vulnerability to perform arbitrary commands.

For a complete description of the vulnerabilities and affected systems CVE-2022-25168: Apache Hadoop: Command injection in org.apache.hadoop.fs.FileUtil.unTarUsingTar.

IT Security

Read more about IT Security service offerings.