Lucene search

K
cvelistApacheCVELIST:CVE-2018-11760
HistoryJan 28, 2019 - 12:00 a.m.

CVE-2018-11760

2019-01-2800:00:00
apache
www.cve.org

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

When using PySpark , it’s possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. This affects versions 1.x, 2.0.x, 2.1.x, 2.2.0 to 2.2.2, and 2.3.0 to 2.3.1.

CNA Affected

[
  {
    "product": "Apache Spark",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "Apache Spark 1.x, 2.0.x, 2.1.x, 2.2.0 to 2.2.2, and 2.3.0 to 2.3.1"
      }
    ]
  }
]

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

Related for CVELIST:CVE-2018-11760