Description
The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3 can leak the password for credential store provider used by the NodeManager to YARN Applications.
Remediation
References
http://mail-archives.apache.org/mod_mbox/hadoop-general/201701.mbox/%3C0ed32746-5a53-9051-5877-2b1abd88beb6%40apache.org%3E
http://www.securityfocus.com/bid/95335
Related Vulnerabilities
CVE-2020-1947 Vulnerability in maven package org.apache.shardingsphere:shardingsphere
CVE-2023-37909 Vulnerability in maven package org.xwiki.platform:xwiki-platform-menu-ui
CVE-2023-37277 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web-war
CVE-2023-26488 Vulnerability in npm package @openzeppelin/contracts