This article explains the vulnerability in Hadoop Yarn RPC and possible solutions.
Alibaba Cloud security team has detected a new attack method using the Solr dataimport RCE vulnerability (CVE-2019-0193) that implants mining programs into target hosts.