21 matches found
Exploit for OS Command Injection in Apache Spark
CVE-2022-33891 - Apache Spark Command Injection Vulnerability...
Exploit for OS Command Injection in Apache Spark
CVE-2022-33891 - Apache Spark UI Remote Code Execution RCE 🔐...
Exploit for OS Command Injection in Apache Spark
EP3 - MAC0352 Redes deComputadores e Sistemas Distribuidos 202...
abi-ds-utils (>=0.1.2 <=0.1.9), abi-pyspark-utils (>=0.1.1 <=0.1.4) +74 more potentially affected by CVE-2022-33891 +1 more via pyspark (>=3.1.1 <=3.2.1)
pyspark PYPI version =3.1.1, =0.1.2, =0.1.1, =0.1.5, =0.0.2, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =0.2.1, =0.42.2 and more Source cves: CVE-2022-33891, CVE-2023-32007 Source advisory: OSV:GHSA-59HW-J9G6-MFG3...
Command injection
UNSUPPORTED WHEN ASSIGNED The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in...
Apache Spark <= 3.0.3 / 3.1.x > 3.1.1 / 3.2.x < 3.2.1 RCE (CVE-2022-33891)
A remote code execution vulnerability exists in Apache Spark. The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are...
Apache Spark <= 3.0.3 / 3.1.1 < 3.1.3 / 3.2.x < 3.2.1 RCE (CVE-2022-33891)
Binary data apachesparkcve-2022-33891.nbin...
CISA's KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems
The U.S. Cybersecurity and Infrastructure Security Agency CISA has added three security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The list of vulnerabilities is below - CVE-2022-35914 CVSS score: 9.8 - Teclib GLPI Remote Code Execution...
K33828251: Apache Spark vulnerability CVE-2022-33891
Security Advisory Description The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in...
Apache Spark UI Command Injection (CVE-2022-33891)
A command execution vulnerability exists in Apache Spark. The vulnerability is due to errors in parsing user requests when the ACL is enabled...
Exploit for OS Command Injection in Apache Spark
CVE-2022-33891 Apache Spark...
Exploit for OS Command Injection in Apache Spark
「💥」CVE-2022-33891 Description The Apache Spark UI offers...
Exploit for OS Command Injection in Apache Spark
CVE-2022-33891 Apache Spark Shell Command Injection Vulnerabil...
Exploit for OS Command Injection in Apache Spark
CVE-2022-33891 Apache Spark Shell Command Injection Vulnerabil...
abi-ds-utils (>=0.1.2 <=0.1.9), abi-pyspark-utils (>=0.1.1 <=0.1.4) +119 more potentially affected by CVE-2022-33891 via pyspark (>=2.1.2 <=3.1.2)
pyspark PYPI version =2.1.2, =0.1.2, =0.1.1, =0.5.1, =0.2.0, =1.0.0, =0.9.1, =0.1.57, =0.11.0, =0.14.0b20211027, =2.0.0, =2.5.0b20240324 and more Source cves: CVE-2022-33891 Source advisory: OSV:GHSA-4X9R-J582-CGR8...
Exploit for OS Command Injection in Apache Spark
cve-2022-33891 Usage: python pip3 install requests If yo...
CVE-2022-33891
creationtimestamp| type| source ---|---|--- 2022-07-18 12:34:21+00:00| seen| https://t.me/cibsecurity/46426 2022-07-19 10:27:13+00:00| published-proof-of-concept| https://t.me/proxybar/921 2022-07-19 12:06:25+00:00| published-proof-of-concept| https://t.me/MrVGunz/340 2022-07-19 12:12:47+00:00|...
anomalywatchdog (>=0.0.2 <=0.0.7), bigdl-dllib-spark321 (=2.1.0b202207291) +28 more potentially affected by CVE-2022-33891 via pyspark (>=3.2.0 <=3.2.1)
pyspark PYPI version =3.2.0, =0.0.2, =0.2.1, =1.0.1, =1.0.1, =0.0.6, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.3.0 and more Source cves: CVE-2022-33891 Source advisory: OSV:PYSEC-2022-236...
CVE-2022-33891 Apache Spark shell command injection vulnerability via Spark UI
The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can allow someone to...
CVE-2022-33891 Apache Spark shell command injection vulnerability via Spark UI
The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can allow someone to...