Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I used safetycli to scan and found some vulnerabilities.
16 vulnerabilities were found in 7 packages
....
-> Vulnerability found in pyspark version 3.0.0
Vulnerability ID: 54370
Affected spec: >=0,<3.1.3
ADVISORY: Apache Spark supports end-to-end encryption of RPC
connections via "spark.authenticate" and "spark.network.crypto.enabled"....
CVE-2021-38296
For more information, please visit
https://data.safetycli.com/v/54370/f17
-> Vulnerability found in pyspark version 3.0.0
Vulnerability ID: 54576
Affected spec: >=0,<3.2.2
ADVISORY: A stored cross-site scripting (XSS) vulnerability in Apache
Spark 3.2.1 and earlier, and 3.3.0, allows remote attackers to execute...
CVE-2022-31777
For more information, please visit
https://data.safetycli.com/v/54576/f17
-> Vulnerability found in pyspark version 3.0.0
Vulnerability ID: 54694
Affected spec: <=3.0.3
ADVISORY: The Apache Spark UI offers the possibility to enable ACLs
via the configuration option spark.acls.enable. With an authentication...
CVE-2022-33891
For more information, please visit
https://data.safetycli.com/v/54694/f17