Skip to main content

Hbase

5 CVEs product

Monthly

CVE-2019-15544 Cargo HIGH PATCH This Week

An issue was discovered in the protobuf crate before 2.6.0 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Rust Protobuf Hbase
NVD
CVSS 3.1
7.5
EPSS
3.8%
CVE-2019-0212 Maven HIGH PATCH This Week

In all previously released Apache HBase 2.x versions (2.0.0-2.0.4, 2.1.0-2.1.3), authorization was incorrectly applied to users of the HBase REST server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Apache Hbase
NVD
CVSS 3.0
7.5
EPSS
3.9%
CVE-2018-8025 Maven HIGH PATCH This Week

CVE-2018-8025 describes an issue in Apache HBase that affects the optional "Thrift 1" API server when running over HTTP. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Atlassian Apache Information Disclosure Hbase
NVD
CVSS 3.0
8.1
EPSS
1.8%
CVE-2015-1836 Maven HIGH PATCH This Week

Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, uses incorrect ACLs for ZooKeeper. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Apache Denial Of Service Authentication Bypass Infosphere Biginsights +1
NVD
CVSS 3.0
7.3
EPSS
2.1%
CVE-2013-2193 MEDIUM This Month

Apache HBase 0.92.x before 0.92.3 and 0.94.x before 0.94.9, when the Kerberos features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive. Rated medium severity (CVSS 4.3). No vendor patch available.

Apache Authentication Bypass Hbase
NVD
CVSS 2.0
4.3
EPSS
0.2%
EPSS 4% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in the protobuf crate before 2.6.0 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Rust Protobuf Hbase
NVD
EPSS 4% CVSS 7.5
HIGH PATCH This Week

In all previously released Apache HBase 2.x versions (2.0.0-2.0.4, 2.1.0-2.1.3), authorization was incorrectly applied to users of the HBase REST server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Apache Hbase
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Week

CVE-2018-8025 describes an issue in Apache HBase that affects the optional "Thrift 1" API server when running over HTTP. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Atlassian Apache +2
NVD
EPSS 2% CVSS 7.3
HIGH PATCH This Week

Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, uses incorrect ACLs for ZooKeeper. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Apache Denial Of Service +3
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Apache HBase 0.92.x before 0.92.3 and 0.94.x before 0.94.9, when the Kerberos features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive. Rated medium severity (CVSS 4.3). No vendor patch available.

Apache Authentication Bypass Hbase
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy