Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 2:22 p.m.52 views

Security Bulletin: Multiple Vulnerabilities in Apache Spark affects IBM Watson Studio Local

Summary Security Bulletin: Multiple Vulnerabilities in Apache Spark affects IBM Watson Studio Local Vulnerability Details CVEID: CVE-2018-11804 DESCRIPTION: Spark's Apache Maven-based build includes a convenience script, 'build/mvn', that downloads and runs a zinc server to speed up compilation. ...

9.8CVSS1.1AI score0.08721EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/06/03 9:25 p.m.28 views

Security Bulletin: Vulnerability in PySpark affects IBM Analytics Engine (CVE-2018-11760)

Summary When using PySpark, it’s possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. This affects versions 1.x, 2.0.x, 2.1.x, 2.2.0 to 2.2.2, and 2.3.0 to 2.3.1. Vulnerability Details CVE-ID: CVE-2018-11760 DESCRIPTION:...

5.5CVSS1AI score0.00605EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2019/02/07 6:2 p.m.5 views

eskapade-spark (>=0.8.0 <=0.8.2), pytispark (>=1.0.0rc2 <=1.0.1) +1 more potentially affected by CVE-2018-11760 via pyspark (>=2.1.2 <=2.2.0.post0)

pyspark PYPI version =2.1.2, =0.8.0, =1.0.0rc2, =1.0.1 - sourced-ml =0.4.5 Source cves: CVE-2018-11760 Source advisory: OSV:GHSA-FVXV-9XXR-H7WJ...

5.5CVSS6.4AI score0.00605EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/02/04 5:29 p.m.7 views

azureml-webservice-schema (>=0.1.57 <=1.0.33), gnuper (=0.0.3) +4 more potentially affected by CVE-2018-11760 via pyspark (>=2.3.0 <=2.3.1)

pyspark PYPI version =2.3.0, =0.1.57, =2.0.3, =0.2.0, =0.2.4 Source cves: CVE-2018-11760 Source advisory: OSV:PYSEC-2019-169...

5.5CVSS6.4AI score0.00605EPSS
Exploits0
Cvelist
Cvelist
added 2019/02/04 5:0 p.m.29 views

CVE-2018-11760

When using PySpark , it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. This affects versions 1.x, 2.0.x, 2.1.x, 2.2.0 to 2.2.2, and 2.3.0 to 2.3.1...

5.3AI score0.00605EPSS
Exploits0References3
CVE
CVE
added 2019/02/04 5:0 p.m.96 views

CVE-2018-11760

CVE-2018-11760 describes a PySpark-related local privilege issue in Apache Spark: a local authenticated user can connect to a running Spark application and impersonate the user running it. Affected Spark versions include 1.x, 2.0.x, 2.1.x, 2.2.0–2.2.2, and 2.3.0–2.3.1. IBM and related advisories ...

5.5CVSS5.5AI score0.00605EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder