CVE-2019-10099

Prior to Spark 2.3.3, in certain situations Spark would write user data to local disk unencrypted, even if spark.io.encryption.enabled=true. This includes cached blocks that are fetched to disk controlled by spark.maxRemoteBlockSizeFetchToMem; in SparkR, using parallelize; in Pyspark, using...

Apache Spark Cluster 1.3.x Arbitrary Code Execution

Exploit Title: Arbitary Code Execution in Apache Spark Cluster Date: 23/03/2015 Exploit Author: AkhlD AkhilDas CodeBreach.in Vendor Homepage: https://spark.apache.org/ Software Link: https://spark.apache.org/downloads.html Version: All 0.0.x, 1.1.x, 1.2.x, 1.3.x Tested on: 1.2.1 Credits: Mayur...