You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@seatunnel.apache.org by "prohk (via GitHub)" <gi...@apache.org> on 2023/09/11 14:35:22 UTC

[GitHub] [seatunnel] prohk opened a new issue, #5463: [Bug] [seatunnel-web] seatunnel-web security vulnerability

prohk opened a new issue, #5463:
URL: https://github.com/apache/seatunnel/issues/5463

   ### Search before asking
   
   - [X] I had searched in the [issues](https://github.com/apache/seatunnel/issues?q=is%3Aissue+label%3A%22bug%22) and found no similar issues.
   
   
   ### What happened
   
   I have reported two high-risk issue of **seatunnel-web permission bypass and remote code execution** to security@apache.org, but there has been no response from the team. 
   
   As a security researcher, I need to remind you that Some people have deployed websites on the Internet, which is very dangerous. And this is not for personal gain, it is for the community!
   
   So it's time to fix this problem, any updates can u reply me from email? thanks bro
   
   ### SeaTunnel Version
   
   2.3.3
   
   ### SeaTunnel Config
   
   ```conf
   none
   ```
   
   
   ### Running Command
   
   ```shell
   none
   ```
   
   
   ### Error Exception
   
   ```log
   none
   ```
   
   
   ### Zeta or Flink or Spark Version
   
   _No response_
   
   ### Java or Scala Version
   
   _No response_
   
   ### Screenshots
   
   _No response_
   
   ### Are you willing to submit PR?
   
   - [X] Yes I am willing to submit a PR!
   
   ### Code of Conduct
   
   - [X] I agree to follow this project's [Code of Conduct](https://www.apache.org/foundation/policies/conduct)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@seatunnel.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [seatunnel] EricJoy2048 commented on issue #5463: [Bug] [seatunnel-web] seatunnel-web security vulnerability

Posted by "EricJoy2048 (via GitHub)" <gi...@apache.org>.

EricJoy2048 commented on issue #5463:
URL: https://github.com/apache/seatunnel/issues/5463#issuecomment-1715232550

   Thanks for you report, The PMC members are verifying those issues. When the issue is verified, you will receive an email reply.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@seatunnel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [seatunnel] EricJoy2048 closed issue #5463: [Bug] [seatunnel-web] seatunnel-web security vulnerability

Posted by "EricJoy2048 (via GitHub)" <gi...@apache.org>.

EricJoy2048 closed issue #5463: [Bug] [seatunnel-web] seatunnel-web security vulnerability
URL: https://github.com/apache/seatunnel/issues/5463


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@seatunnel.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org