VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.apache.spark:spark-core_2.12

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2025-54920 unknown 2mo ago Apache Spark: Spark History Server Code Execution Vulnerability java
CVE-2023-22946 unknown 3y ago In Apache Spark versions prior to 3.4.0, applications using spark-submit can specify a 'proxy-user' to run as, limiting privileges. The application can execute code with the privileges of the submitt… susejavapython
CVE-2022-31777 unknown 4y ago A stored cross-site scripting (XSS) vulnerability in Apache Spark 3.2.1 and earlier, and 3.3.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a ma… javapython