You are viewing a plain text version of this content. The canonical link for it is here.

Posted to hdfs-dev@hadoop.apache.org by "Jayabal Manoharan (Jira)" <ji...@apache.org> on 2022/07/29 10:51:00 UTC

[jira] [Created] (HDFS-16701) Vulnerable with OkhttpClient library of hadoop-client's transitive dependency

Jayabal Manoharan created HDFS-16701:
----------------------------------------

             Summary: Vulnerable with OkhttpClient library of hadoop-client's transitive dependency
                 Key: HDFS-16701
                 URL: https://issues.apache.org/jira/browse/HDFS-16701
             Project: Hadoop HDFS
          Issue Type: Bug
          Components: hadoop-client
    Affects Versions: 3.3.3
            Reporter: Jayabal Manoharan


Due to okhttp 2.7.5 dependency of HDFS client 3.3.3,receiving the vulnerabilities of
 * OkHttp Cached HTTP / HTTP/2 Headers Non-ASCII Character Handling Remote Dos attack
 * OkHttp Non-ASCII ETag Header Handling Remote Dos attack. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-dev-help@hadoop.apache.org