Description
The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3 can leak the password for credential store provider used by the NodeManager to YARN Applications.
Remediation
References
http://mail-archives.apache.org/mod_mbox/hadoop-general/201701.mbox/%3C0ed32746-5a53-9051-5877-2b1abd88beb6%40apache.org%3E
http://www.securityfocus.com/bid/95335
Related Vulnerabilities
CVE-2023-26140 Vulnerability in npm package @excalidraw/excalidraw
CVE-2023-27474 Vulnerability in npm package directus
CVE-2022-31183 Vulnerability in maven package co.fs2:fs2-io_sjs1_2.12
CVE-2023-22621 Vulnerability in npm package @strapi/plugin-users-permissions
CVE-2023-42277 Vulnerability in maven package cn.hutool:hutool-core