Hi Spark community,
I’m recently working on migrating Spark workloads from Yarn to K8s, and one
of the issue I found is that there is no out-of-box log solution for Spark
applications on K8s as Yarn has, and Spark even does not provide a way to
integrate w/ external log service.
Based on the
Severity: moderate
Description:
A stored cross-site scripting (XSS) vulnerability in Apache Spark 3.2.1 and
earlier, and 3.3.0, allows remote attackers to execute arbitrary JavaScript in
the web browser of a user, by including a malicious payload into the logs which
would be returned in logs
