Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Security exposure and impacts of CVE-2017-7525

Highlighted

Security exposure and impacts of CVE-2017-7525

New Contributor

The CVE-2017-7525 was reported some time ago : https://github.com/FasterXML/jackson-databind/issues/1723.

The vulnerability is found in multiple versions of jackson-databind.

 

Since jackson-databind is a direct dependecy of Spark and other bigdata Apache projects, these projects are surely impacted by this vulnerability.

 

Did you evaluate the security exposure of this vulnerability on CDH ? Was it fixed in new minor versions ?

 

Thanks,

Don't have an account?
Coming from Hortonworks? Activate your account here