AI description
CVE-2025-27821 describes an out-of-bounds write vulnerability found in the Apache Hadoop HDFS native client. This flaw specifically resides within the URI parser component of the client. It affects Apache Hadoop versions 3.2.0 through 3.4.1. The vulnerability allows for data to be written beyond the intended memory boundaries when the HDFS native client processes specially crafted Uniform Resource Identifiers (URIs). This memory corruption can lead to unpredictable system behavior, including application crashes or data corruption. The issue was reported by security researcher BUI Ngoc Tan, and Apache has addressed it in version 3.4.2.
- Description
- Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue.
- Source
- security@apache.org
- NVD status
- Analyzed
- Products
- hadoop
CVSS 3.1
- Type
- Secondary
- Base score
- 7.3
- Impact score
- 3.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
- Severity
- HIGH
- security@apache.org
- CWE-787
- Hype score
- Not currently trending
#VulnerabilityReport #ApacheHadoop CVE-2025-27821: Apache Patches Out-of-Bounds Write Flaw in Hadoop HDFS Client https://t.co/uqcdmIgbIJ
@Komodosec
2 Mar 2026
102 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache Hadoop HDFS の脆弱性 CVE-2025-27821 が FIX:システムクラッシュ/データ破損の可能性 https://t.co/0rDjTWFpiL 分散ストレージ・システムである Apache Hadoop のコンポーネント、HDFS ネイティブ・クライアントに深刻な
@iototsecnews
2 Feb 2026
159 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-27821 (CVSS:7.3, HIGH) is Analyzed. Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 bef..https://t.co/MjTu9rrwSp #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
31 Jan 2026
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-27821 (CVSS:7.3, HIGH) is Analyzed. Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 bef..https://t.co/MjTu9rrwSp #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
30 Jan 2026
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Alert: Critical #ApacheHadoop vulnerability (CVE-2025-27821) exposes systems to crashes and data corruption. Upgrade to version 3.4.2 immediately to secure your infrastructure. #Security #Technology Link: https://t.co/RanAfQU1V7 #Vulnerability #Hadoop #CVE #Upgrade https://t.co/g
@dailytechonx
27 Jan 2026
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔃 Apache Hadoop HDFS Native Client Vulnerability Allows Crashes and Data Corruption A vulnerability in the Apache Hadoop HDFS native client could cause crashes or data corruption when processing specially crafted URI input. Tracked as CVE-2025-27821, the issue is caused by a
@hackeraffairs
27 Jan 2026
63 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
CYBERDUDEBIVASH® PREMIUM INTEL: CVE-2025-27821 Hadoop HDFS Memory Corruption Read the full report on - https://t.co/dOT4dHTKKF https://t.co/y4TDTspkV7
@cyberbivash
26 Jan 2026
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Apache Hadoop HDFS Flaw Can Crash Clusters or Corrupt Data via Crafted URIs (CVE-2025-27821) A vulnerability in the HDFS native client URI parser (CVE-2025-27821) affects Hadoop 3.2.0–3.4.1 and can be triggered by maliciously crafted URIs to cause denial-of-service crashes
@ThreatSynop
26 Jan 2026
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-27821 Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade t… https://t.co/W17CY5DXh6
@CVEnew
26 Jan 2026
207 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Apache Hadoop HDFS Bug Lets Attackers Crash Services or Corrupt Data via Crafted URIs (CVE-2025-27821) A moderate-severity out-of-bounds write in the HDFS native client URI parser (Hadoop 3.2.0–3.4.1) can be triggered by maliciously crafted URIs to cause DoS crashes or cor
@ThreatSynop
26 Jan 2026
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ثغرة في Apache Hadoop HDFS Client إصدار تحديث أمني لـ Apache Hadoop لمعالجة مشكلة Out-of-Bounds Write في عميل HDFS. هذه الثغرة، CVE-2025-27821، قد تسمح بتنفيذ تعليمات برمجية عن بعد. التأث
@MisbarSec
26 Jan 2026
69 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-27821: Apache Patches Out-of-Bounds Write Flaw in Hadoop HDFS Client https://t.co/0Euvu6OoHo
@Karma_X_Inc
25 Jan 2026
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache Hadoop HDFS native client flaw CVE-2025-27821 allows out-of-bounds writes. Update to v3.4.2 to prevent crashes and ensure data stability. #ApacheHadoop #HDFS #BigData #CyberSecurity #CVE202527821 #InfoSec #DataLake https://t.co/d90ED36xqd
@the_yellow_fall
25 Jan 2026
291 Impressions
1 Retweet
4 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-27821: Apache Hadoop HDFS native client: Out of bounds write in URI parser https://t.co/PrtMEjVccy
@oss_security
25 Jan 2026
682 Impressions
0 Retweets
6 Likes
3 Bookmarks
0 Replies
0 Quotes
CVE-2025-27821 CVE-2025-27821 https://t.co/yalZOHbEmQ
@VulmonFeeds
23 Jan 2026
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:hadoop:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EED8AAC-78E8-4337-97C1-7C8AAB2E7376",
"versionEndExcluding": "3.4.2",
"versionStartIncluding": "3.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]