Two things come to mind, low hanging fruits - update to Spark 3.5 that
should reduce the CVEs. Alternatively consider using Spark connect - where
you can address the client side vulnerabilities yourself.
Best Regards
Soumasish Goswami
in: www.linkedin.com/in/soumasish
# (415) 530-0405
-
On
Hi Spark Community,
I am using the official Docker image `apache/spark-py:v3.4.0` and installing
`pyspark==3.4.0` on top of it. However, I have encountered multiple security
vulnerabilities related to outdated dependencies in the base image.
Issues:
1. Security Concerns:
- Prisma scan report
