CVE-2018-11760
Description
When using PySpark , its possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. This affects versions 1.x, 2.0.x, 2.1.x, 2.2.0 to 2.2.2, and 2.3.0 to 2.3.1.
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.471
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2018-11760 are fixed in Python-pyspark 2.2.3 | Windows |
| Vulnerabilities CVE-2018-11760 are fixed in Python-pyspark 2.3.2 | Windows |
| Vulnerabilities CVE-2018-11760 are fixed in Python-pyspark for linux 2.2.3 | Linux |
| Vulnerabilities CVE-2018-11760 are fixed in Python-pyspark for linux 2.3.2 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234