hadoop-yarn-server-nodemanager is vulnerable to a privilege escalation. The library does not properly sanitize input from the LinuxContainerExecutor
when running in a docker container, allowing authenticated user to run commands in the container as a root user.
github.com/apache/hadoop/commit/46940d92e2b17c627eb17a9d8fc6cec9c3715592
github.com/apache/hadoop/commit/b46cd315f7c81cfd89be40f1edacaf9a11282e15
github.com/apache/hadoop/compare/394589f38515655b55f9c4fbeaf03f41c0dd1355...b46cd315f7c81cfd89be40f1edacaf9a11282e15
mail-archives.apache.org/mod_mbox/hadoop-user/201706.mbox/%3C4A2FDA56-491B-4C2A-915F-C9D4A4BDB92A%40apache.org%3E