Hi, I am working with Spark 3.1.2 and getting several vulnerabilities popping up. I am wondering if the Spark distros are scanned etc. and how people resolve these.
For example. I am finding - https://nvd.nist.gov/vuln/detail/CVE-2020-25649 This looks like it is fixed in 2.11.0 - https://github.com/FasterXML/jackson-databind/issues/2589 - but Spark supplies 2.10.0. Thanks, Eric