THREATOPS
THREAT OPSCVEs › CVE-2022-33891

CVE-2022-33891 — Apache Spark Command Injection Vulnerability

CISA KEVExploited: confirmedApache

Apache Spark contains a command injection vulnerability via Spark User Interface (UI) when Access Control Lists (ACLs) are enabled.

Vulnerability details