CVE-2018-1334

Published: 2018-07-12T13:29Z

Last Modified: 2024-11-21T03:59Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using PySpark or SparkR, it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt