CVE-2022-33891CISA KEV: Actively Exploited

Apache Spark Command Injection Vulnerability

Published Mar 7, 2023·Updated Mar 7, 2023

Description

Apache Spark contains a command injection vulnerability via Spark User Interface (UI) when Access Control Lists (ACLs) are enabled.

Public Exploits & PoCs11 found

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free