Google Git
Sign in
apache / shardingsphere-doc / 2d0b088a7ab31cf8233d83ad7ba20c97a3defaa5 / . / community / en / security / index.html
blob: 3039a2f8a4e81b0818b7ab1a3c7409d91019f3f1 [file] [log] [blame]
<!DOCTYPE html>
<html lang="en" class="js csstransforms3d">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
<meta name="generator" content="Hugo 0.70.0" />
<meta name="description" content="">
<meta name="buildDate" content="2023-06-08 18:34:29">
<link rel="shortcut icon" href="https://shardingsphere.apache.org/document/current/img/favicon.png" type="image/x-icon" />
<title>Security :: ShardingSphere</title>
<link href="https://shardingsphere.apache.org/community/css/nucleus.css?1686220469" rel="stylesheet">
<link href="https://shardingsphere.apache.org/community/css/font-awesome.min.css?1686220469" rel="stylesheet">
<link href="https://shardingsphere.apache.org/community/css/hybrid.css?1686220469" rel="stylesheet">
<link href="https://shardingsphere.apache.org/community/css/featherlight.min.css?1686220469" rel="stylesheet">
<link href="https://shardingsphere.apache.org/community/css/perfect-scrollbar.min.css?1686220469" rel="stylesheet">
<link href="https://shardingsphere.apache.org/community/css/auto-complete.css?1686220469" rel="stylesheet">
<link href="https://shardingsphere.apache.org/community/css/theme.css?1686220469" rel="stylesheet">
<link href="https://shardingsphere.apache.org/community/css/hugo-theme.css?1686220469" rel="stylesheet">
<link href="https://shardingsphere.apache.org/community/css/theme-white.css?1686220469" rel="stylesheet">
<script src="https://shardingsphere.apache.org/community/js/jquery-2.x.min.js?1686220469"></script>
<script>
var _hmt = _hmt || [];
(function() {
var hm = document.createElement("script");
hm.src = "https://hm.baidu.com/hm.js?d5a1dc8dcf63a64ee55b80de01c7fb1a";
var s = document.getElementsByTagName("script")[0];
s.parentNode.insertBefore(hm, s);
})();
</script>
<script async src="https://www.googletagmanager.com/gtag/js?id=G-HPVGEN405S"></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){window.dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'G-HPVGEN405S');
</script>
<style type="text/css">
:root #header + #content > #left > #rlblock_left{
display:none !important;
}
</style>
</head>
<body class="" data-url="/en/security/">
<div class="change-theme">
<div class="wrap">
<span data-item="retro">
<svg t="1649761460834" class="icon" viewBox="0 0 1243 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="2052" width="16" height="16"><path d="M755.093336 61.436797a511.973304 511.973304 0 1 0 207.495466 693.650688l-99.615377-53.757197a398.827204 398.827204 0 1 1-161.637286-540.351253l53.757197-99.615378z" fill="#ffffff" p-id="2053"></path><path d="M1204.971593 188.84501L534.652259 736.217612l-285.242269-364.086159 86.304071-67.653615 216.199012 275.953611 583.649567-476.574007 69.335813 84.987568z" fill="#ffffff" p-id="2054"></path></svg>
Retro
</span>
<span data-item="eyehelp">
<svg t="1649761460834" class="icon" viewBox="0 0 1243 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="2052" width="16" height="16"><path d="M755.093336 61.436797a511.973304 511.973304 0 1 0 207.495466 693.650688l-99.615377-53.757197a398.827204 398.827204 0 1 1-161.637286-540.351253l53.757197-99.615378z" fill="#ffffff" p-id="2053"></path><path d="M1204.971593 188.84501L534.652259 736.217612l-285.242269-364.086159 86.304071-67.653615 216.199012 275.953611 583.649567-476.574007 69.335813 84.987568z" fill="#ffffff" p-id="2054"></path></svg>
Eye care
</span>
<span data-item="haitian">
<svg t="1649761460834" class="icon" viewBox="0 0 1243 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="2052" width="16" height="16"><path d="M755.093336 61.436797a511.973304 511.973304 0 1 0 207.495466 693.650688l-99.615377-53.757197a398.827204 398.827204 0 1 1-161.637286-540.351253l53.757197-99.615378z" fill="#ffffff" p-id="2053"></path><path d="M1204.971593 188.84501L534.652259 736.217612l-285.242269-364.086159 86.304071-67.653615 216.199012 275.953611 583.649567-476.574007 69.335813 84.987568z" fill="#ffffff" p-id="2054"></path></svg>
Haitian
</span>
<span data-item="deep">
<svg t="1649761460834" class="icon" viewBox="0 0 1243 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="2052" width="16" height="16"><path d="M755.093336 61.436797a511.973304 511.973304 0 1 0 207.495466 693.650688l-99.615377-53.757197a398.827204 398.827204 0 1 1-161.637286-540.351253l53.757197-99.615378z" fill="#ffffff" p-id="2053"></path><path d="M1204.971593 188.84501L534.652259 736.217612l-285.242269-364.086159 86.304071-67.653615 216.199012 275.953611 583.649567-476.574007 69.335813 84.987568z" fill="#ffffff" p-id="2054"></path></svg>
Deep
</span>
<span data-item="dark">
<svg t="1649761460834" class="icon" viewBox="0 0 1243 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="2052" width="16" height="16"><path d="M755.093336 61.436797a511.973304 511.973304 0 1 0 207.495466 693.650688l-99.615377-53.757197a398.827204 398.827204 0 1 1-161.637286-540.351253l53.757197-99.615378z" fill="#ffffff" p-id="2053"></path><path d="M1204.971593 188.84501L534.652259 736.217612l-285.242269-364.086159 86.304071-67.653615 216.199012 275.953611 583.649567-476.574007 69.335813 84.987568z" fill="#ffffff" p-id="2054"></path></svg>
Dark
</span>
<span class="active">
<svg t="1649761460834" class="icon" viewBox="0 0 1243 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="2052" width="16" height="16"><path d="M755.093336 61.436797a511.973304 511.973304 0 1 0 207.495466 693.650688l-99.615377-53.757197a398.827204 398.827204 0 1 1-161.637286-540.351253l53.757197-99.615378z" fill="#ffffff" p-id="2053"></path><path d="M1204.971593 188.84501L534.652259 736.217612l-285.242269-364.086159 86.304071-67.653615 216.199012 275.953611 583.649567-476.574007 69.335813 84.987568z" fill="#ffffff" p-id="2054"></path></svg>
Default
</span>
</div>
</div>
<header>
<div class="wrap">
<a href="https://shardingsphere.apache.org/"><img src="https://shardingsphere.apache.org/document/current/img/logo_v3.png" /></a>
<section id="prefooter">
<ul>
<li>
<a class="padding">
<i class="fa fa-fw fa-language"></i>
<div class="select-style">
<select id="select-language" onchange="location = this.value;">
<option id="en" value="/community/en/security/" selected>English</option>
<option id="cn" value="/community/cn/security/">简体中文</option>
</select>
<svg t="1645437162166" class="icon" viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="2449" width="32" height="32"><path d="M483.072 714.496l30.165333 30.208 415.957334-415.829333a42.837333 42.837333 0 0 0 0-60.288 42.538667 42.538667 0 0 0-60.330667-0.042667l-355.541333 355.413333-355.242667-355.413333a42.496 42.496 0 0 0-60.288 0 42.837333 42.837333 0 0 0-0.085333 60.330667l383.701333 383.872 1.706667 1.749333z" fill="#3D3D3D" p-id="2450"></path></svg>
</div>
</a>
</li>
</ul>
</section>
</div>
</header>
<div class="wrap">
<nav id="sidebar" class="">
<div id="header-wrapper">
<div class="searchbox">
<label for="search-by"><i class="fa fa-search"></i></label>
<input data-search-input id="search-by" type="text" placeholder="Search...">
<span data-search-clear=""><i class="fa fa-close"></i></span>
</div>
<script type="text/javascript" src="https://shardingsphere.apache.org/community/js/lunr.min.js?1686220469"></script>
<script type="text/javascript" src="https://shardingsphere.apache.org/community/js/auto-complete.js?1686220469"></script>
<script type="text/javascript">
var baseurl = "\/en";
</script>
<script type="text/javascript" src="https://shardingsphere.apache.org/community/js/search.js?1686220469"></script>
</div>
<div class="highlightable">
<div class="leftMenu">
<ul class="topics">
<li data-nav-id="/en/involved/" title="Get Involved" class="dd-item
">
<a href="https://shardingsphere.apache.org/community/en/involved/">
<i class="collapse" style="display:inline; font-family:'courier';">
<svg class="icon icon-down"
style="display: none;"
viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="#777">
<path d="M500.8 604.778667L267.306667 371.392l-45.226667 45.269333 278.741333 278.613334 278.485334-278.613334-45.248-45.248z" p-id="5376" ></path>
</svg>
<svg class="icon icon-right"
style="display: inline-block;"
viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="#777">
<path d="M593.450667 512.128L360.064 278.613333l45.290667-45.226666 278.613333 278.762666L405.333333 790.613333l-45.226666-45.269333z" p-id="5605" ></path>
</svg>
</i>
<b>1. </b>Get Involved
</a>
<ul>
<li data-nav-id="/en/involved/subscribe/" title="Subscribe Guide" class="dd-item ">
<a href="https://shardingsphere.apache.org/community/en/involved/subscribe/">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
Subscribe Guide
</a>
</li>
<li data-nav-id="/en/involved/contribute/" title="Contribute Guide" class="dd-item
">
<a href="https://shardingsphere.apache.org/community/en/involved/contribute/">
<i class="collapse" style="display:inline; font-family:'courier';">
<svg class="icon icon-down"
style="display: none;"
viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="#777">
<path d="M500.8 604.778667L267.306667 371.392l-45.226667 45.269333 278.741333 278.613334 278.485334-278.613334-45.248-45.248z" p-id="5376" ></path>
</svg>
<svg class="icon icon-right"
style="display: inline-block;"
viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="#777">
<path d="M593.450667 512.128L360.064 278.613333l45.290667-45.226666 278.613333 278.762666L405.333333 790.613333l-45.226666-45.269333z" p-id="5605" ></path>
</svg>
</i>
Contribute Guide
</a>
<ul>
<li data-nav-id="/en/involved/contribute/contributor/" title="Contributor Guide" class="dd-item ">
<a href="https://shardingsphere.apache.org/community/en/involved/contribute/contributor/">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
Contributor Guide
</a>
</li>
<li data-nav-id="/en/involved/contribute/dev-env/" title="How to Set Up Your DEV Environment" class="dd-item ">
<a href="https://shardingsphere.apache.org/community/en/involved/contribute/dev-env/">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
How to Set Up Your DEV Environment
</a>
</li>
<li data-nav-id="/en/involved/contribute/document/" title="Documents Contribute Guide" class="dd-item ">
<a href="https://shardingsphere.apache.org/community/en/involved/contribute/document/">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
Documents Contribute Guide
</a>
</li>
</ul>
</li>
<li data-nav-id="/en/involved/conduct/" title="Contribution Conduct" class="dd-item
">
<a href="https://shardingsphere.apache.org/community/en/involved/conduct/">
<i class="collapse" style="display:inline; font-family:'courier';">
<svg class="icon icon-down"
style="display: none;"
viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="#777">
<path d="M500.8 604.778667L267.306667 371.392l-45.226667 45.269333 278.741333 278.613334 278.485334-278.613334-45.248-45.248z" p-id="5376" ></path>
</svg>
<svg class="icon icon-right"
style="display: inline-block;"
viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="#777">
<path d="M593.450667 512.128L360.064 278.613333l45.290667-45.226666 278.613333 278.762666L405.333333 790.613333l-45.226666-45.269333z" p-id="5605" ></path>
</svg>
</i>
Contribution Conduct
</a>
<ul>
<li data-nav-id="/en/involved/conduct/issue/" title="Issue of Conduct" class="dd-item ">
<a href="https://shardingsphere.apache.org/community/en/involved/conduct/issue/">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
Issue of Conduct
</a>
</li>
<li data-nav-id="/en/involved/conduct/code/" title="Code of Conduct" class="dd-item ">
<a href="https://shardingsphere.apache.org/community/en/involved/conduct/code/">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
Code of Conduct
</a>
</li>
<li data-nav-id="/en/involved/conduct/document/" title="Document of Conduct" class="dd-item ">
<a href="https://shardingsphere.apache.org/community/en/involved/conduct/document/">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
Document of Conduct
</a>
</li>
</ul>
</li>
<li data-nav-id="/en/involved/committer/" title="Committer Guide" class="dd-item
">
<a href="https://shardingsphere.apache.org/community/en/involved/committer/">
<i class="collapse" style="display:inline; font-family:'courier';">
<svg class="icon icon-down"
style="display: none;"
viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="#777">
<path d="M500.8 604.778667L267.306667 371.392l-45.226667 45.269333 278.741333 278.613334 278.485334-278.613334-45.248-45.248z" p-id="5376" ></path>
</svg>
<svg class="icon icon-right"
style="display: inline-block;"
viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="#777">
<path d="M593.450667 512.128L360.064 278.613333l45.290667-45.226666 278.613333 278.762666L405.333333 790.613333l-45.226666-45.269333z" p-id="5605" ></path>
</svg>
</i>
Committer Guide
</a>
<ul>
<li data-nav-id="/en/involved/committer/responsibilities/" title="Responsibilities &amp; Routine" class="dd-item ">
<a href="https://shardingsphere.apache.org/community/en/involved/committer/responsibilities/">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
Responsibilities &amp; Routine
</a>
</li>
<li data-nav-id="/en/involved/committer/vote/" title="New committer voting process" class="dd-item ">
<a href="https://shardingsphere.apache.org/community/en/involved/committer/vote/">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
New committer voting process
</a>
</li>
<li data-nav-id="/en/involved/committer/icla/" title="Sign ICLA Guide" class="dd-item ">
<a href="https://shardingsphere.apache.org/community/en/involved/committer/icla/">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
Sign ICLA Guide
</a>
</li>
<li data-nav-id="/en/involved/committer/2fa/" title="2FA" class="dd-item ">
<a href="https://shardingsphere.apache.org/community/en/involved/committer/2fa/">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
2FA
</a>
</li>
</ul>
</li>
<li data-nav-id="/en/involved/release/" title="Release Guide" class="dd-item
">
<a href="https://shardingsphere.apache.org/community/en/involved/release/">
<i class="collapse" style="display:inline; font-family:'courier';">
<svg class="icon icon-down"
style="display: none;"
viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="#777">
<path d="M500.8 604.778667L267.306667 371.392l-45.226667 45.269333 278.741333 278.613334 278.485334-278.613334-45.248-45.248z" p-id="5376" ></path>
</svg>
<svg class="icon icon-right"
style="display: inline-block;"
viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="#777">
<path d="M593.450667 512.128L360.064 278.613333l45.290667-45.226666 278.613333 278.762666L405.333333 790.613333l-45.226666-45.269333z" p-id="5605" ></path>
</svg>
</i>
Release Guide
</a>
<ul>
<li data-nav-id="/en/involved/release/shardingsphere/" title="ShardingSphere Release Guide" class="dd-item ">
<a href="https://shardingsphere.apache.org/community/en/involved/release/shardingsphere/">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
ShardingSphere Release Guide
</a>
</li>
<li data-nav-id="/en/involved/release/shardingsphere-on-cloud/" title="ShardingSphere on Cloud Release Guide" class="dd-item ">
<a href="https://shardingsphere.apache.org/community/en/involved/release/shardingsphere-on-cloud/">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
ShardingSphere on Cloud Release Guide
</a>
</li>
<li data-nav-id="/en/involved/release/elasticjob/" title="ElasticJob Release Guide" class="dd-item ">
<a href="https://shardingsphere.apache.org/community/en/involved/release/elasticjob/">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
ElasticJob Release Guide
</a>
</li>
<li data-nav-id="/en/involved/release/elasticjob-ui/" title="ElasticJob UI Release Guide" class="dd-item ">
<a href="https://shardingsphere.apache.org/community/en/involved/release/elasticjob-ui/">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
ElasticJob UI Release Guide
</a>
</li>
</ul>
</li>
</ul>
</li>
<li data-nav-id="/en/powered-by/" title="Powered By ShardingSphere" class="dd-item
">
<a href="https://shardingsphere.apache.org/community/en/powered-by/">
<i class="collapse" style="display:inline; font-family:'courier';">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
</i>
<b>2. </b>Powered By ShardingSphere
</a>
</li>
<li data-nav-id="/en/team/" title="Team" class="dd-item
">
<a href="https://shardingsphere.apache.org/community/en/team/">
<i class="collapse" style="display:inline; font-family:'courier';">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
</i>
<b>3. </b>Team
</a>
</li>
<li data-nav-id="/en/security/" title="Security" class="dd-item
parent
active
">
<a href="https://shardingsphere.apache.org/community/en/security/">
<i class="collapse" style="display:inline; font-family:'courier';">
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="5375" width="20" height="20"></svg>
</i>
<b>4. </b>Security
</a>
</li>
</ul>
</div>
<a class="padding" href="https://shardingsphere.apache.org/pdf/shardingsphere_docs_en.pdf">
Download PDF
</a>
<section id="footer">
<p></p>
</section>
</div>
</nav>
<section id="body">
<div id="overlay"></div>
<div class="padding highlightable">
<div>
<div id="top-bar">
<div id="top-github-link">
<a class="github-link" title='Edit this page' href="https://github.com/apache/shardingsphere/tree/master/docs/community/content/security/_index.en.md" target="blank">
<i class="fa fa-code-fork"></i>
<span id="top-github-link-text">Edit this page</span>
</a>
</div>
<div id="breadcrumbs" itemscope="" itemtype="http://data-vocabulary.org/Breadcrumb">
<span id="sidebar-toggle-span">
<a href="#" id="sidebar-toggle" data-sidebar-toggle="">
<i class="fa fa-bars"></i>
</a>
</span>
<span class="links">
<a href='https://shardingsphere.apache.org/community/en/'>ShardingSphere</a> > Security
</span>
</div>
</div>
</div>
<div id="chapter">
<div id="body-inner">
<nav id="TableOfContents"></nav>
<p>The Apache Software Foundation takes a rigorous stance on eliminating security issues in its software projects.
Likewise, Apache ShardingSphere is also vigilant and takes security issues related to its features and functionality into the highest consideration.</p>
<p>If you have any concerns regarding ShardingSphere’s security, or you discover a vulnerability or potential threat, please don’t hesitate to get in touch with the <a href="http://www.apache.org/security/">Apache Security Team</a> by dropping an email at <a href="mailto:security@apache.org">security@apache.org</a>.</p>
<p>Please specify the project name as &ldquo;ShardingSphere&rdquo; and its product name &ldquo;ShardingSphere-JDBC&rdquo; or &ldquo;ShardingSphere-Proxy&rdquo; in the email, and provide a description of the relevant problem or potential threat.
You are also urged to recommend how to reproduce and replicate the issue.</p>
<p>The Apache Security Team and the ShardingSphere community will get back to you after assessing and analyzing the findings.</p>
<p><strong>Please note</strong> that the security issue should be reported on the security email first, before disclosing it on any public domain.</p>
<p>ShardingSphere-JDBC does not directly provide external services, and users need to write code to use it. Due to the complexity and variety of user scenarios, ShardingSphere cannot control how users write code that uses ShardingSphere-JDBC. Therefore, the ShardingSphere community <strong>does not accept any security issue reports that ShardingSphere-JDBC is exploited due to improper use</strong>.
For example, the user introduced MySQL Connector/J with security vulnerabilities in the project, and trusted the externally input JDBC URL as the data source configuration of ShardingSphere-JDBC.</p>
<p>ShardingSphere-Proxy provides external services through database protocol and provides authentication method based on user password. Users need to ensure the security of user passwords by themselves. Therefore, the ShardingSphere community <strong>does not accept any security issue report that presupposes that the attacker knows the ShardingSphere-Proxy user password</strong>.</p>
<p>ShardingSphere cluster mode relies on middleware such as ZooKeeper, and trusts the middleware provided by users. For the security protection of middleware such as ZooKeeper, users need to protect themselves. Therefore, the ShardingSphere community <strong>does not accept security issue reports that ShardingSphere is exploited due to middleware such as ZooKeeper being attacked</strong>.</p>
<p>Third-party dependency security advice:
For dependencies that are not included by default in the ShardingSphere release version, users are required to ensure the security of dependencies.
For example, the release version of ShardingSphere does not include MySQL Connector/J by default, so ShardingSphere does not accept any security issue report that ShardingSphere is exploited due to the vulnerability of MySQL Connector/J itself.
The same is true for dependencies that are not included by default in other ShardingSphere releases.</p>
<p>Security recommendations for the ShardingSphere subproject:
Since ShardingSphere-UI is no longer maintained, the ShardingSphere community <strong>will no longer accept any security issue reports related to ShardingSphere-UI</strong>.</p>
<p>ElasticJob relies on ZooKeeper and trusts the ZooKeeper provided by the user. For the security protection of middleware such as ZooKeeper, users need to protect themselves. Therefore, the ShardingSphere community <strong>does not accept the security issue report of ElasticJob being exploited due to ZooKeeper attack</strong>.</p>
<p>ElasticJob-UI aims to provide users with a convenient job management and control platform. The platform provides services to developers and operation and maintenance personnel, not directly to Internet users. It is recommended that users deploy only on the intranet and avoid leakage of user passwords. The ShardingSphere community <strong>does not accept any security issue reports that presuppose that the attacker knows the user&rsquo;s password</strong>.</p>
<p>Before submitting a security issue report, please refer to the CVEs released by ShardingSphere and its sub-projects in the past to avoid repeated submissions.</p>
<p>ShardingSphere:
<a href="https://www.cve.org/CVERecord?id=CVE-2020-1947">CVE-2020-1947</a></p>
<p>ShardingSphere-UI:
<a href="https://www.cve.org/CVERecord?id=CVE-2021-26558">CVE-2021-26558</a></p>
<p>ElasticJob-UI
<a href="https://www.cve.org/CVERecord?id=CVE-2022-22733">CVE-2022-22733</a>
<a href="https://www.cve.org/CVERecord?id=CVE-2022-31764">CVE-2022-31764</a></p>
<footer class=" footline" >
</footer>
</div>
</div>
</div>
<div id="navigation" >
<a class="nav nav-prev" href="https://shardingsphere.apache.org/community/en/team/" title="Team"> <i class="fa fa-long-arrow-left fa-lg"></i> Previous</a>
<a class="nav nav-next" href="https://shardingsphere.apache.org/community/en/involved/" title="Get Involved" style="margin-right: 0px;">Next<i class="fa fa-long-arrow-right fa-lg"></i></a>
</div>
</section>
</div>
<div style="left: -1000px; overflow: scroll; position: absolute; top: -1000px; border: none; box-sizing: content-box; height: 200px; margin: 0px; padding: 0px; width: 200px;">
<div style="border: none; box-sizing: content-box; height: 200px; margin: 0px; padding: 0px; width: 200px;"></div>
</div>
<script src="https://shardingsphere.apache.org/community/js/clipboard.min.js?1686220469"></script>
<script src="https://shardingsphere.apache.org/community/js/perfect-scrollbar.min.js?1686220469"></script>
<script src="https://shardingsphere.apache.org/community/js/perfect-scrollbar.jquery.min.js?1686220469"></script>
<script src="https://shardingsphere.apache.org/community/js/jquery.sticky.js?1686220469"></script>
<script src="https://shardingsphere.apache.org/community/js/featherlight.min.js?1686220469"></script>
<script src="https://shardingsphere.apache.org/community/js/html5shiv-printshiv.min.js?1686220469"></script>
<script src="https://shardingsphere.apache.org/community/js/highlight.pack.js?1686220469"></script>
<script>hljs.initHighlightingOnLoad();</script>
<script src="https://shardingsphere.apache.org/community/js/modernizr.custom.71422.js?1686220469"></script>
<script src="https://shardingsphere.apache.org/community/js/learn.js?1686220469"></script>
<script src="https://shardingsphere.apache.org/community/js/hugo-learn.js?1686220469"></script>
<script>
try{
function log(fileName, category, locale){
window._hmt.push(['_trackEvent', 'document', 'download', locale ? 'PDF_'+locale : fileName]);
gtag('event', 'Downloads', {
'event_category' : locale ? 'PDF' : category,
'event_label' : locale ? locale+'.pdf' : fileName
});
}
$('.padding[href*=shardingsphere]').on('click', function(){
var locale = /cn/.test(location.pathname) ?'cn':'en';
log('','', locale)
})
function getFileName(str){
var strs = str.split('/');
return strs[strs.length - 1]
}
$('a[href$="src.zip"]').on('click', function(){
log(getFileName($(this).attr('href')), "SRC")
})
$('a[href$="zip.asc"]').on('click', function(){
log(getFileName($(this).attr('href')), "ASC")
})
$('a[href$="zip.sha512"]').on('click', function(){
log(getFileName($(this).attr('href')), "SHA512")
})
$('a[href$="tar.gz.asc"]').on('click', function(){
log(getFileName($(this).attr('href')), "ASC")
})
$('a[href$="tar.gz.sha512"]').on('click', function(){
log(getFileName($(this).attr('href')), "SHA512")
})
$('a[href$="tar.gz"]').on('click', function(){
log(getFileName($(this).attr('href')), "TAR")
})
}catch(ex){}
</script>
</body>
</html>