/
DirectorySecurity AdvisoriesPricing
Sign inRequest a trial
Security Advisories

CVE-2017-7669

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2017-7669

Severity

7.5

High

CVSS CVSS_V3

Description

In Apache Hadoop 2.8.0, 3.0.0-alpha1, and 3.0.0-alpha2, the LinuxContainerExecutor runs docker commands as root with insufficient input validation. When the docker feature is enabled, authenticated users can run commands as root.

References

  • https://images.chainguard.dev/security/CGA-cwr2-q95m-c7q6
  • https://github.com/advisories/GHSA-h24p-qwf4-84q8
  • http://www.securityfocus.com/bid/98795
  • https://mail-archives.apache.org/mod_mbox/hadoop-user/201706.mbox/%3C4A2FDA56-491B-4C2A-915F-C9D4A4BDB92A%40apache.org%3E

Affected packages

Safe Source for Open Sourceâ„¢
Contact us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs

Why Chainguard

FedRAMPPCICVE RemediationGolden Images

Customers

Customer StoriesChainguard Love

Company

About UsPricingContact UsOpen SourceCareersNewsroomLegalScanner Partners

Resources

Unchained BlogEventsTrust CenterDocumentation