VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.apache.spark:spark-core_2.10

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2017-12612 high 7.8 7.8 9y ago In Apache Spark 1.6.0 until 2.1.1, the launcher API performs unsafe deserialization of data received by its socket. This makes applications launched programmatically using the launcher API potentiall… javapythonapache
CVE-2017-7678 medium 6.1 6.1 9y ago Moderate severity vulnerability that affects org.apache.spark:spark-core_2.10 and org.apache.spark:spark-core_2.11 javaapache
CVE-2025-54920 unknown 2mo ago Apache Spark: Spark History Server Code Execution Vulnerability java
CVE-2022-31777 unknown 4y ago A stored cross-site scripting (XSS) vulnerability in Apache Spark 3.2.1 and earlier, and 3.3.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a ma… javapython
CVE-2018-11804 unknown 4y ago Improper Input Validation in Apache Spark susejava
CVE-2018-1334 unknown 7y ago In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using PySpark or SparkR, it's possible for a different local user to connect to the Spark application and impersonate the user running … susejavapython
CVE-2018-8024 unknown 7y ago Exposure of Sensitive Information to an Unauthorized Actor in Apache Spark via crafted URL susejava
CVE-2018-17190 unknown 8y ago Remote Code Execution in spark-core java
CVE-2018-11770 unknown 8y ago org.apache.spark:spark-core_2.10 and org.apache.spark:spark-core_2.11 Improper Authentication vulnerability susejava