Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Who agreed with this topic

Security exposure and impacts of CVE-2017-7525

New Contributor

The CVE-2017-7525 was reported some time ago : https://github.com/FasterXML/jackson-databind/issues/1723.

The vulnerability is found in multiple versions of jackson-databind.

 

Since jackson-databind is a direct dependecy of Spark and other bigdata Apache projects, these projects are surely impacted by this vulnerability.

 

Did you evaluate the security exposure of this vulnerability on CDH ? Was it fixed in new minor versions ?

 

Thanks,

Who agreed with this topic