6 matches found
Security Bulletin: Multiple Vulnerabilities in Apache Spark affects IBM Watson Studio Local
Summary Security Bulletin: Multiple Vulnerabilities in Apache Spark affects IBM Watson Studio Local Vulnerability Details CVEID: CVE-2018-11804 DESCRIPTION: Spark's Apache Maven-based build includes a convenience script, 'build/mvn', that downloads and runs a zinc server to speed up compilation. ...
Security Bulletin: Vulnerability in PySpark affects IBM Analytics Engine (CVE-2018-11760)
Summary When using PySpark, it’s possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. This affects versions 1.x, 2.0.x, 2.1.x, 2.2.0 to 2.2.2, and 2.3.0 to 2.3.1. Vulnerability Details CVE-ID: CVE-2018-11760 DESCRIPTION:...
eskapade-spark (>=0.8.0 <=0.8.2), pytispark (>=1.0.0rc2 <=1.0.1) +1 more potentially affected by CVE-2018-11760 via pyspark (>=2.1.2 <=2.2.0.post0)
pyspark PYPI version =2.1.2, =0.8.0, =1.0.0rc2, =1.0.1 - sourced-ml =0.4.5 Source cves: CVE-2018-11760 Source advisory: OSV:GHSA-FVXV-9XXR-H7WJ...
azureml-webservice-schema (>=0.1.57 <=1.0.33), gnuper (=0.0.3) +4 more potentially affected by CVE-2018-11760 via pyspark (>=2.3.0 <=2.3.1)
pyspark PYPI version =2.3.0, =0.1.57, =2.0.3, =0.2.0, =0.2.4 Source cves: CVE-2018-11760 Source advisory: OSV:PYSEC-2019-169...
CVE-2018-11760
When using PySpark , it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. This affects versions 1.x, 2.0.x, 2.1.x, 2.2.0 to 2.2.2, and 2.3.0 to 2.3.1...
CVE-2018-11760
CVE-2018-11760 describes a PySpark-related local privilege issue in Apache Spark: a local authenticated user can connect to a running Spark application and impersonate the user running it. Affected Spark versions include 1.x, 2.0.x, 2.1.x, 2.2.0–2.2.2, and 2.3.0–2.3.1. IBM and related advisories ...