Hadoop Map/Reduce
  1. Hadoop Map/Reduce
  2. MAPREDUCE-3804

yarn webapp interface vulnerable to cross scripting attacks

    Details

    • Target Version/s:
    • Hadoop Flags:
      Reviewed
    • Release Note:
      fix cross scripting attacks vulnerability through webapp interface.

      Description

      Yarn webapp interface may be vulnerable to certain cross scripting attacks, injected through URL request.

      1. MAPREDUCE-3804.patch
        2 kB
        Dave Thompson
      2. MAPREDUCE-3804.patch
        1 kB
        Dave Thompson
      3. MAPREDUCE_3804_br_0.23.0.patch
        1 kB
        Dave Thompson

        Activity

        Dave Thompson created issue -
        Dave Thompson made changes -
        Field Original Value New Value
        Attachment MAPREDUCE_3804_br_0.23.0.patch [ 12513188 ]
        Dave Thompson made changes -
        Status Open [ 1 ] Patch Available [ 10002 ]
        Hadoop Flags Reviewed [ 10343 ]
        Release Note fix cross scripting attacks vulnerability through webapp interface.
        Target Version/s 0.23.1 [ 12318883 ]
        Dave Thompson made changes -
        Attachment MAPREDUCE-3804.patch [ 12513191 ]
        Mahadev konar made changes -
        Component/s mrv2 [ 12314301 ]
        Mahadev konar made changes -
        Status Patch Available [ 10002 ] Open [ 1 ]
        Dave Thompson made changes -
        Attachment MAPREDUCE-3804.patch [ 12513499 ]
        Dave Thompson made changes -
        Status Open [ 1 ] Patch Available [ 10002 ]
        Robert Joseph Evans made changes -
        Status Patch Available [ 10002 ] Resolved [ 5 ]
        Resolution Fixed [ 1 ]
        Arun C Murthy made changes -
        Status Resolved [ 5 ] Closed [ 6 ]

          People

          • Assignee:
            Dave Thompson
            Reporter:
            Dave Thompson
          • Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development