CVE-2023-32007 Apache Spark: Shell command injection via Spark UI

UNSUPPORTED WHEN ASSIGNED The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in...

elog incorrect authentication vulnerability

elog is a logging library written in the Erlang language that supports log hierarchies. A security vulnerability exists in elog version 3.1.1. A remote attacker can exploit the vulnerability to publish data on the logbook under an arbitrary user name...