Improper Privilege Management
spark-core is vulnerable to Improper Privilege Management . The vulnerability exists because the library does not properly disallow arbitrary custom classpaths with the proxy user in cluster mode, which allows an attacker to provide malicious configuration-related classes in the classpath...