You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@flink.apache.org by "Michael Bailey (Jira)" <ji...@apache.org> on 2022/01/22 00:08:00 UTC
[jira] [Commented] (FLINK-25757) Fix this security issue related to this exploit: https://www.exploit-db.com/exploits/48978
[ https://issues.apache.org/jira/browse/FLINK-25757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17480302#comment-17480302 ]
Michael Bailey commented on FLINK-25757:
----------------------------------------
[~MartijnVisser] the exploit here claims to be able to run un-auth'd workloads with their specially crafted jar file: [https://www.exploit-db.com/exploits/48978]
> Fix this security issue related to this exploit: https://www.exploit-db.com/exploits/48978
> ------------------------------------------------------------------------------------------
>
> Key: FLINK-25757
> URL: https://issues.apache.org/jira/browse/FLINK-25757
> Project: Flink
> Issue Type: Bug
> Reporter: Michael Bailey
> Priority: Critical
> Labels: security
>
> Fix this security issue related to this exploit: [https://www.exploit-db.com/exploits/48978]
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)