CVE-2022-33891

Apache Spark Command Injection Vulnerability

Description

Apache Spark contains a command injection vulnerability via Spark User Interface (UI) when Access Control Lists (ACLs) are enabled.

Severity: HIGH

CVSS Score: 8.8

Vendor: Apache

Product: Spark