[GitHub] [aurora] rdelval closed issue #62: Flag for enabling SLA Aware killing for non-prod tasks

rdelval closed issue #62: Flag for enabling SLA Aware killing for non-prod tasks URL: https://github.com/apache/aurora/issues/62 This is an automated message from the Apache Git Service. To respond to the message, please log

[GitHub] [aurora] rdelval merged pull request #67: Adding flag to enable SLA aware killing for non production workloads.

rdelval merged pull request #67: Adding flag to enable SLA aware killing for non production workloads. URL: https://github.com/apache/aurora/pull/67 This is an automated message from the Apache Git Service. To respond to

[GitHub] [aurora] larrycameron80 opened a new issue #82: Arbitrary Code Injection

larrycameron80 opened a new issue #82: Arbitrary Code Injection URL: https://github.com/apache/aurora/issues/82 Arbitrary Code Injection Vulnerable module: jline:jline Introduced through: org.apache.zookeeper:zookeeper@3.4.8, org.apache.curator:curator-client@2.12.0 and others

[GitHub] [aurora] larrycameron80 opened a new issue #81: Access Control Bypass

larrycameron80 opened a new issue #81: Access Control Bypass URL: https://github.com/apache/aurora/issues/81 Access Control Bypass Vulnerable module: org.apache.zookeeper:zookeeper Introduced through: org.apache.zookeeper:zookeeper@3.4.8, org.apache.curator:curator-client@2.12.0 and

[GitHub] [aurora] larrycameron80 opened a new issue #79: Timing Attack

larrycameron80 opened a new issue #79: Timing Attack URL: https://github.com/apache/aurora/issues/79 Timing Attack Vulnerable module: org.eclipse.jetty:jetty-util Introduced through: org.eclipse.jetty:jetty-servlets@9.3.11.v20160721, org.eclipse.jetty:jetty-server@9.3.11.v20160721

[GitHub] [aurora] larrycameron80 opened a new issue #80: XML External Entity (XXE) Injection

larrycameron80 opened a new issue #80: XML External Entity (XXE) Injection URL: https://github.com/apache/aurora/issues/80 XML External Entity (XXE) Injection Vulnerable module: c3p0:c3p0 Introduced through: org.quartz-scheduler:quartz@2.2.2 Detailed paths Introduced through:

[GitHub] [aurora] larrycameron80 opened a new issue #78: Deserialization of Untrusted Data

larrycameron80 opened a new issue #78: Deserialization of Untrusted Data URL: https://github.com/apache/aurora/issues/78 Deserialization of Untrusted Data Vulnerable module: com.fasterxml.jackson.core:jackson-databind Introduced through:

[GitHub] [aurora] larrycameron80 opened a new issue #76: Denial of Service (DoS)

larrycameron80 opened a new issue #76: Denial of Service (DoS) URL: https://github.com/apache/aurora/issues/76 Denial of Service (DoS) Vulnerable module: org.apache.zookeeper:zookeeper Introduced through: org.apache.zookeeper:zookeeper@3.4.8, org.apache.curator:curator-client@2.12.0

[GitHub] [aurora] larrycameron80 opened a new issue #75: Cache Poisoning

larrycameron80 opened a new issue #75: Cache Poisoning URL: https://github.com/apache/aurora/issues/75 Cache Poisoning Vulnerable module: org.eclipse.jetty:jetty-server Introduced through: org.eclipse.jetty:jetty-server@9.3.11.v20160721,

[GitHub] [aurora] larrycameron80 opened a new issue #77: Deserialization of Untrusted Data

larrycameron80 opened a new issue #77: Deserialization of Untrusted Data URL: https://github.com/apache/aurora/issues/77 Deserialization of Untrusted Data Vulnerable module: com.fasterxml.jackson.core:jackson-databind Introduced through:

[GitHub] [aurora] rdelval closed issue #79: Timing Attack

rdelval closed issue #79: Timing Attack URL: https://github.com/apache/aurora/issues/79 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go

[GitHub] [aurora] rdelval closed issue #84: Information Exposure

rdelval closed issue #84: Information Exposure URL: https://github.com/apache/aurora/issues/84 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL

[GitHub] [aurora] rdelval closed issue #71: Authentication Bypass

rdelval closed issue #71: Authentication Bypass URL: https://github.com/apache/aurora/issues/71 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL

[GitHub] [aurora] rdelval closed issue #77: Deserialization of Untrusted Data

rdelval closed issue #77: Deserialization of Untrusted Data URL: https://github.com/apache/aurora/issues/77 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use

[GitHub] [aurora] rdelval closed issue #85: Unsafe Dependancy Resolution

rdelval closed issue #85: Unsafe Dependancy Resolution URL: https://github.com/apache/aurora/issues/85 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the

[GitHub] [aurora] rdelval closed issue #81: Access Control Bypass

rdelval closed issue #81: Access Control Bypass URL: https://github.com/apache/aurora/issues/81 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL

[GitHub] [aurora] rdelval closed issue #76: Denial of Service (DoS)

rdelval closed issue #76: Denial of Service (DoS) URL: https://github.com/apache/aurora/issues/76 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL

[GitHub] [aurora] rdelval closed issue #83: Directory Traversal

rdelval closed issue #83: Directory Traversal URL: https://github.com/apache/aurora/issues/83 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above

[GitHub] [aurora] rdelval closed issue #73: Authorization Bypass

rdelval closed issue #73: Authorization Bypass URL: https://github.com/apache/aurora/issues/73 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL

[GitHub] [aurora] rdelval closed issue #82: Arbitrary Code Injection

rdelval closed issue #82: Arbitrary Code Injection URL: https://github.com/apache/aurora/issues/82 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL

[GitHub] [aurora] rdelval closed issue #75: Cache Poisoning

rdelval closed issue #75: Cache Poisoning URL: https://github.com/apache/aurora/issues/75 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to

[GitHub] [aurora] rdelval closed issue #74: Cache Poisoning

rdelval closed issue #74: Cache Poisoning URL: https://github.com/apache/aurora/issues/74 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to

[GitHub] [aurora] rdelval closed issue #78: Deserialization of Untrusted Data

rdelval closed issue #78: Deserialization of Untrusted Data URL: https://github.com/apache/aurora/issues/78 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use

[GitHub] [aurora] rdelval closed issue #70: Arbitrary Code Execution during Deserialization

rdelval closed issue #70: Arbitrary Code Execution during Deserialization URL: https://github.com/apache/aurora/issues/70 This is an automated message from the Apache Git Service. To respond to the message, please log on to

[GitHub] [aurora] rdelval closed issue #72: Authorization Bypass

rdelval closed issue #72: Authorization Bypass URL: https://github.com/apache/aurora/issues/72 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL

[GitHub] [aurora] rdelval closed issue #86: XML External Entity (XXE) Injection

rdelval closed issue #86: XML External Entity (XXE) Injection URL: https://github.com/apache/aurora/issues/86 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and

[GitHub] [aurora] rdelval closed issue #80: XML External Entity (XXE) Injection

rdelval closed issue #80: XML External Entity (XXE) Injection URL: https://github.com/apache/aurora/issues/80 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and

[GitHub] [aurora] larrycameron80 opened a new issue #72: Authorization Bypass

larrycameron80 opened a new issue #72: Authorization Bypass URL: https://github.com/apache/aurora/issues/72 Authorization Bypass Vulnerable module: org.eclipse.jetty:jetty-client Introduced through: org.eclipse.jetty:jetty-rewrite@9.3.11.v20160721 Detailed paths Introduced

[GitHub] [aurora] larrycameron80 opened a new issue #73: Authorization Bypass

larrycameron80 opened a new issue #73: Authorization Bypass URL: https://github.com/apache/aurora/issues/73 Authorization Bypass Vulnerable module: org.eclipse.jetty:jetty-server Introduced through: org.eclipse.jetty:jetty-server@9.3.11.v20160721,

[GitHub] [aurora] larrycameron80 opened a new issue #70: Arbitrary Code Execution during Deserialization

larrycameron80 opened a new issue #70: Arbitrary Code Execution during Deserialization URL: https://github.com/apache/aurora/issues/70 Arbitrary Code Execution during Deserialization Vulnerable module: org.beanshell:bsh Introduced through: org.asynchttpclient:async-http-client@2.0.37

[GitHub] [aurora] larrycameron80 opened a new issue #71: Authentication Bypass

larrycameron80 opened a new issue #71: Authentication Bypass URL: https://github.com/apache/aurora/issues/71 Authentication Bypass Vulnerable module: org.apache.zookeeper:zookeeper Introduced through: org.apache.zookeeper:zookeeper@3.4.8, org.apache.curator:curator-client@2.12.0 and

[GitHub] [aurora] rdelval commented on issue #69: Updating relese notes and scheduler documentation

rdelval commented on issue #69: Updating relese notes and scheduler documentation URL: https://github.com/apache/aurora/pull/69#issuecomment-532005374 thanks @mauri ! This is an automated message from the Apache Git Service.

[GitHub] [aurora] rdelval merged pull request #69: Updating relese notes and scheduler documentation

rdelval merged pull request #69: Updating relese notes and scheduler documentation URL: https://github.com/apache/aurora/pull/69 This is an automated message from the Apache Git Service. To respond to the message, please

[GitHub] [aurora] larrycameron80 opened a new issue #83: Directory Traversal

larrycameron80 opened a new issue #83: Directory Traversal URL: https://github.com/apache/aurora/issues/83 Directory Traversal Vulnerable module: org.apache.shiro:shiro-web Introduced through: org.apache.shiro:shiro-web@1.4.0 Detailed paths Introduced through:

[GitHub] [aurora] larrycameron80 opened a new issue #85: Unsafe Dependancy Resolution

larrycameron80 opened a new issue #85: Unsafe Dependancy Resolution URL: https://github.com/apache/aurora/issues/85 Unsafe Dependancy Resolution Vulnerable module: com.beust:jcommander Introduced through: com.beust:jcommander@1.72 and org.asynchttpclient:async-http-client@2.0.37

[GitHub] [aurora] larrycameron80 opened a new issue #86: XML External Entity (XXE) Injection

larrycameron80 opened a new issue #86: XML External Entity (XXE) Injection URL: https://github.com/apache/aurora/issues/86 XML External Entity (XXE) Injection Vulnerable module: org.quartz-scheduler:quartz Introduced through: org.quartz-scheduler:quartz@2.2.2 Detailed paths