[jira] [Commented] (SPARK-31765) Upgrade HtmlUnit >= 2.37.0

Gengliang Wang (Jira) Thu, 21 May 2020 11:45:32 -0700


    [ 
https://issues.apache.org/jira/browse/SPARK-31765?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17113460#comment-17113460
 ]


Gengliang Wang commented on SPARK-31765:
----------------------------------------

This issue is resolved in https://github.com/apache/spark/pull/28585

> Upgrade HtmlUnit >= 2.37.0
> --------------------------
>
>                 Key: SPARK-31765
>                 URL: https://issues.apache.org/jira/browse/SPARK-31765
>             Project: Spark
>          Issue Type: Improvement
>          Components: Web UI
>    Affects Versions: 3.1.0
>            Reporter: Kousuke Saruta
>            Assignee: Kousuke Saruta
>            Priority: Major
>
> Recently, a security issue which affects HtmlUnit is reported.
> [https://nvd.nist.gov/vuln/detail/CVE-2020-5529]
> According to the report, arbitrary code can be run by malicious users.
> HtmlUnit is used for test so the impact might not be large but it's better to 
> upgrade it just in case.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org

[jira] [Commented] (SPARK-31765) Upgrade HtmlUnit >= 2.37.0

Reply via email to