Apache Hbase
5 CVEs affecting Apache Hbase. Latest disclosed: 2019-08-26. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-8025 | High | 8.1 | 2018-06-27 | CVE-2018-8025 describes an issue in Apache HBase that affects the optional "Thrift 1" API server when running over HTTP. There is a race-condition which could… |
CVE-2019-15544 | High | 7.5 | 2019-08-26 | An issue was discovered in the protobuf crate before 2.6.0 for Rust. Attackers can exhaust all memory via Vec::reserve calls. |
CVE-2019-0212 | High | 7.5 | 2019-03-28 | In all previously released Apache HBase 2.x versions (2.0.0-2.0.4, 2.1.0-2.1.3), authorization was incorrectly applied to users of the HBase REST server. Reque… |
CVE-2015-1836 | High | 7.3 | 2015-12-21 | Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other produ… |
CVE-2013-2193 | | 2014-05-29 | Apache HBase 0.92.x before 0.92.3 and 0.94.x before 0.94.9, when the Kerberos features are enabled, allows man-in-the-middle attackers to disable bidirectional… |