You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@flink.apache.org by "Michael Bailey (Jira)" <ji...@apache.org> on 2022/01/22 00:08:00 UTC

[jira] [Commented] (FLINK-25757) Fix this security issue related to this exploit: https://www.exploit-db.com/exploits/48978

    [ https://issues.apache.org/jira/browse/FLINK-25757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17480302#comment-17480302 ] 

Michael Bailey commented on FLINK-25757:
----------------------------------------

[~MartijnVisser]  the exploit here claims to be able to run un-auth'd workloads with their specially crafted jar file:  [https://www.exploit-db.com/exploits/48978]  

> Fix this security issue related to this exploit: https://www.exploit-db.com/exploits/48978
> ------------------------------------------------------------------------------------------
>
>                 Key: FLINK-25757
>                 URL: https://issues.apache.org/jira/browse/FLINK-25757
>             Project: Flink
>          Issue Type: Bug
>            Reporter: Michael Bailey
>            Priority: Critical
>              Labels: security
>
> Fix this security issue related to this exploit: [https://www.exploit-db.com/exploits/48978]
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)