pyspark is a fast and general cluster computing system for Big Data.
Affected versions of this package are vulnerable to User Impersonation. It is possible for a different local user to connect to the Spark application and impersonate the user running the Spark application.
pyspark to version 2.2.3, 2.3.2 or higher.
Do your applications use this vulnerable package?