![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2021-25642 – Apache Hadoop Vulnerability
August 27, 2022![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Alert – LockBit 3.0 Ransomware – Active IOCs
August 27, 2022![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2021-25642 – Apache Hadoop Vulnerability
August 27, 2022![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Alert – LockBit 3.0 Ransomware – Active IOCs
August 27, 2022Severity
High
Analysis Summary
CVE-2022-22728
Apache libapreq2 is vulnerable to a denial of service, caused by a buffer overflow while processing multipart form uploads. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the process to crash, and results in a denial of service condition.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2022-22728
Affected Vendors
Apache
Affected Products
- Apache Hadoop 3.0.0-alpha
- Apache Hadoop 2.9.0
- Apache Hadoop 2.10.1
- Apache Hadoop 3.3.0
Remediation
Upgrade to the latest version of Apache Hadoop, available from the Apache Website.