Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-36106: 假诗人/PowerJob

An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list.

CVE
#vulnerability#apache#git#java

README.md

English | 简体中文

PowerJob is an open-source distributed computing and job scheduling framework which allows developers to easily schedule tasks in their own application.

Refer to PowerJob Introduction for detailed information.

Introduction****Features

  • Friendly UI: Front-end page is provided and developers can manage their task, monitor the status, check the logs online, etc.

  • Abundant Timing Strategies: Four timing strategies are supported, including CRON expression, fixed rate, fixed delay and OpenAPI which allows you to define your own scheduling policies, such as delaying execution.

  • Multiple Execution Mode: Four execution modes are supported, including stand-alone, broadcast, Map and MapReduce. Distributed computing resource could be utilized in MapReduce mode, try the magic out here!

  • Workflow(DAG) Support: Both job dependency management and data communications between jobs are supported.

  • Extensive Processor Support: Developers can write their processors in Java, Shell, Python, and will subsequently support multilingual scheduling via HTTP.

  • Powerful Disaster Tolerance: As long as there are enough computing nodes, configurable retry policies make it possible for your task to be executed and finished successfully.

  • High Availability & High Performance: PowerJob supports unlimited horizontal expansion. It’s easy to achieve high availability and performance by deploying as many PowerJob server and worker nodes.

Applicable scenes

  • Timed tasks, for example, allocating e-coupons on 9 AM every morning.
  • Broadcast tasks, for example, broadcasting to the cluster to clear logs.
  • MapReduce tasks, for example, speeding up certain job like updating large amounts of data.
  • Delayed tasks, for example, processing overdue orders.
  • Customized tasks, triggered with OpenAPI.

Online trial

  • Address: try.powerjob.tech
  • Recommend reading the documentation first: here

Documents

Docs

中文文档

Known Users

Click to register as PowerJob user!
ღ( ´・ᴗ・` )ღ Many thanks to the following registered users. ღ( ´・ᴗ・` )ღ

Stargazers over time

License

PowerJob is released under Apache License 2.0. Please refer to License for details.

Others

  • Any developer interested in getting more involved in PowerJob may join our Reddit or Gitter community and make contributions!

  • Reach out to me through email [email protected]. Any issues or questions are welcomed on Issues.

  • Look forward to your opinions. Response may be late but not denied.

Related news

GHSA-443m-3fr6-w8wj: PowerJob incorrect access control vulnerability

An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via `appId` parameter to `/container/list`.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907