4 matches found
SUSE CVE-2019-10099
Prior to Spark 2.3.3, in certain situations Spark would write user data to local disk unencrypted, even if spark.io.encryption.enabled=true. This includes cached blocks that are fetched to disk controlled by spark.maxRemoteBlockSizeFetchToMem; in SparkR, using parallelize; in Pyspark, using...
GHSA-FP5J-3FPF-MHJ5 Sensitive data written to disk unencrypted in Spark
Prior to Spark 2.3.3, in certain situations Spark would write user data to local disk unencrypted, even if spark.io.encryption.enabled=true. This includes cached blocks that are fetched to disk controlled by spark.maxRemoteBlockSizeFetchToMem; in SparkR, using parallelize; in Pyspark, using...
PYSEC-2019-114
Prior to Spark 2.3.3, in certain situations Spark would write user data to local disk unencrypted, even if spark.io.encryption.enabled=true. This includes cached blocks that are fetched to disk controlled by spark.maxRemoteBlockSizeFetchToMem; in SparkR, using parallelize; in Pyspark, using...
GHSA-6MQQ-8R44-VMJC Exposure of Sensitive Information to an Unauthorized Actor in Apache Spark
In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using PySpark or SparkR, it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application...