CVE List


Critical 7.5

Prior to Spark 2.3.3, in certain situations Spark would write user data to local disk unencrypted, even if This includes cached blocks that are fetched to disk (controlled by spark.maxRemoteBlockSizeFetchToMem); in SparkR, using parallelize; in Pyspark, using broadcast and parallelize; and use of python udfs.

Published August 7, 2019.

Affected software

Apache Spark

Reference links

Sign Up for Alerts