Nazerke Seidan created SOLR-15355:
-------------------------------------
Summary: CVE-2020-9492: Upgrade hadoop-hdfs-client to 3.2.2
Key: SOLR-15355
URL: https://issues.apache.org/jira/browse/SOLR-15355
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Components: hdfs, security
Affects Versions: 8.6.2, 8.6
Reporter: Nazerke Seidan
CVE-2020-9492 vuln. issue is found inÂ
*maven:org.apache.hadoop:hadoop-hdfs-client* (version-*3.2.0*) It seems with
the version 3.2.0 hdfs client might send authorization header to remote url
without verification.
(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9492)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
