Directory Security Advisories

Security Advisories

CGA-cxqm-hj3w-8px9

Published

Last updated

https://images.chainguard.dev/security/CGA-cxqm-hj3w-8px9

Package

hadoop-client-modules

Latest Update

Fixed

Fixed Version

3.3.6-r1

Aliases

GHSA-crjg-w57m-rqqf

Severity

6.5

Medium

CVSS V3

Summary

DNSJava vulnerable to KeyTrap - Denial-of-Service Algorithmic Complexity Attacks

Description

Impact

Users using the ValidatingResolver for DNSSEC validation can run into CPU exhaustion with specially crafted DNSSEC-signed zones.

Patches

Users should upgrade to dnsjava v3.6.0

Workarounds

Although not recommended, only using a non-validating resolver, will remove the vulnerability.

References

https://www.athene-center.de/en/keytrap

References

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

© 2024 Chainguard. All Rights Reserved.

Product

Chainguard Images

Why Chainguard

Container Image Security Vulnerability Remediation Compliance and Risk Mitigation Software Supply Chain Security AI/ML Security

Customers

Customer Stories Chainguard Love

Company

About Us Open Source Careers Newsroom Legal

Resources

Unchained Blog Research Events Trust Center Documentation