You are viewing a plain text version of this content. The canonical link for it is here.
Posted to hdfs-dev@hadoop.apache.org by "Jayabal Manoharan (Jira)" <ji...@apache.org> on 2022/07/29 10:51:00 UTC
[jira] [Created] (HDFS-16701) Vulnerable with OkhttpClient library of hadoop-client's transitive dependency
Jayabal Manoharan created HDFS-16701:
----------------------------------------
Summary: Vulnerable with OkhttpClient library of hadoop-client's transitive dependency
Key: HDFS-16701
URL: https://issues.apache.org/jira/browse/HDFS-16701
Project: Hadoop HDFS
Issue Type: Bug
Components: hadoop-client
Affects Versions: 3.3.3
Reporter: Jayabal Manoharan
Due to okhttp 2.7.5 dependency of HDFS client 3.3.3,receiving the vulnerabilities of
* OkHttp Cached HTTP / HTTP/2 Headers Non-ASCII Character Handling Remote Dos attack
* OkHttp Non-ASCII ETag Header Handling Remote Dos attack.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-dev-help@hadoop.apache.org