The flink job manager UI isn't meant to be accessed from outside a firewall
I think. Plus I dont think it was designed with security in mind and
honestly it doesn't need to in my opinion.
If you need security then address your network setup. And if it is still
a problem the just turn off the
Thanks for reporting this issue.
It is already discussed on Flink's dev mailing list in this thread:
->
https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731@%3Cdev.flink.apache.org%3E
Please continue the discussion there.
Thanks, Fabian
Am Di., 13. Aug.
Hello,
We are using Apache Flink 1.7.2 version. During our security scans following
issues are reported by our scan tool. Please let us know your comments on these
issues.
[1] 150085 Slow HTTP POST vulnerability
Severity Potential Vulnerability - Level 3
Group Information Disclosure
Threat
Hi!
Thank you for reporting this!
At the moment, the Flink REST endpoint is not secure in the way that you
can expose it publicly. After all, you can submit Flink jobs to it which by
definition support executing arbitrary code.
Given that access to the REST endpoint allows by design arbitrary
Hello,
We are using Apache Flink 1.7.2 version. During our security scans following
issues are reported by our scan tool. Please let us know your comments on these
issues.
[1] 150085 Slow HTTP POST vulnerability
Severity Potential Vulnerability - Level 3
Group Information Disclosure
Threat
