claytonvantol.us

SESSION: secure TLS: 1.3 PID: 1337

clayton@site:~/news$ cat cve-2022-33891-apache-spark.log

CVE-2022-33891 — Apache Spark Command Injection Vulnerability

2023-03-07 • CISA Known Exploited Vulnerability

[event] Apache Spark contains a command injection vulnerability via Spark User Interface (UI) when Access Control Lists (ACLs) are enabled.

> AFFECTED SOFTWARE

Field	Value
Vendor	Apache
Product	Spark
CWE	CWE-78
CVE ID	CVE-2022-33891
Date Added	2023-03-07
Due Date	2023-03-28
Ransomware Campaign	Unknown

> MITIGATION

Apply updates per vendor instructions.

Due Date: 2023-03-28

> REFERENCES

← back to terminal

UPTIME: 1337d v2.0.1 privacy LAST LOGIN: 2026-05-30 20:36:11 UTC