[
https://issues.apache.org/jira/browse/SPARK-38992?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17568661#comment-17568661
]
Wing Yew Poon commented on SPARK-38992:
---------------------------------------
Does this vulnerability not affect Spark 2.4?
> Avoid using bash -c in ShellBasedGroupsMappingProvider
> ------------------------------------------------------
>
> Key: SPARK-38992
> URL: https://issues.apache.org/jira/browse/SPARK-38992
> Project: Spark
> Issue Type: Bug
> Components: Spark Core
> Affects Versions: 3.0.3, 3.1.2, 3.2.1, 3.3.0
> Reporter: Hyukjin Kwon
> Assignee: Hyukjin Kwon
> Priority: Major
> Fix For: 3.1.3, 3.0.4, 3.3.0, 3.2.2
>
>
> Using bash -c can allow arbitrary shall execution from the end user.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
