You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@datalab.apache.org by "Vira Vitanska (Jira)" <ji...@apache.org> on 2022/07/25 07:42:00 UTC
[jira] [Created] (DATALAB-2941) [GCP][AWS]Get rid of vulnerabilities with respect to the policy
Vira Vitanska created DATALAB-2941:
--------------------------------------
Summary: [GCP][AWS]Get rid of vulnerabilities with respect to the policy
Key: DATALAB-2941
URL: https://issues.apache.org/jira/browse/DATALAB-2941
Project: Apache DataLab
Issue Type: Task
Security Level: Public (Regular Issues)
Components: DataLab Main
Reporter: Vira Vitanska
Assignee: Leonid Frolov
AWS
Keycloak production:
Steps to reproduce:
1. Craft the link with payload replacing the value of \{hook} on IP-address of machine you control.
2. Paste crafted link in web browser.
3. On your controlled machine you can see that connection was successful as shown on the screenshot (in this case burp collaborator was used and you can see callback dns request for our payload).
----
GCP
Ensure that Google Cloud Storage objects are using a lifecycle configuration for cost management
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@datalab.apache.org
For additional commands, e-mail: dev-help@datalab.apache.org