Shell Command Injection Vulnerability found in Apache Spark
Shell Command Injection Vulnerability found in Apache Spark
Threat Level
Vulnerability Report
For a detailed advisory, download the pdf file here
Summary
Apache Spark recently disclosed a weakness, CVE-2022-33891, which would allow threat actors to execute arbitrary shell commands as a Spark.