CVE-2022-33891: Apache Spark Command Injection Vulnerability. Apache Spark
Apache Spark Command Injection Vulnerability. Apache Spark contains a command injection vulnerability via Spark User Interface (UI) when Access Control Lists (ACLs) are enabled.
- CISA KEV-listed (remediation due 2023-03-28)
- EPSS 93.5% (99.8% percentile)