THREAT OPS › CVEs › CVE-2022-33891
CVE-2022-33891 — Apache Spark Command Injection Vulnerability
Apache Spark contains a command injection vulnerability via Spark User Interface (UI) when Access Control Lists (ACLs) are enabled.
Vulnerability details
- Affected productsSpark
- KEV remediation due2023-03-28