Primary

Context

Apache Hadoop HDFS Native Client Out-of-Bounds Write Vulnerability

Vulnerability

Patched

A vulnerability allowing out-of-bounds write has been identified in the Apache Hadoop HDFS native client, specifically in versions 3.2.0 prior to 3.4.2. This vulnerability arises in the URI parser of the native HDFS client.

Impact

Exploitation of this vulnerability leads to an out-of-bounds write, which can commonly result in memory corruption issues.

Remediation

Users are advised to upgrade to Apache Hadoop version 3.4.2, which addresses this vulnerability.

Added: Jan 26, 2026, 10:25 AM

Updated: Jan 26, 2026, 3:36 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

10.0

exploitability

7.0

remediation

7.7

relevance

2.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

10.0

exploitability

7.0

remediation

7.7

relevance

2.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apache Hadoop HDFS Native Client Out-of-Bounds Write Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Apache Hadoop HDFS native client

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating