Package impact
PyPI / pyspark
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2017-12612 | high | 7.8 | 7.8 | 9y ago | Apache Spark Deserialization of Untrusted Data vulnerability | |
| CVE-2022-33891 | unknown | — | 1.5 | 4y ago | Apache Spark UI can allow impersonation if ACLs enabled | |
| CVE-2025-55039 | unknown | — | — | 8mo ago | Apache Spark has Inadequate Encryption Strength | |
| CVE-2023-32007 | unknown | — | — | 3y ago | Apache Spark UI vulnerable to Command Injection | |
| CVE-2023-22946 | unknown | — | — | 3y ago | Apache Spark vulnerable to Improper Privilege Management | |
| CVE-2022-31777 | unknown | — | — | 4y ago | Apache Spark vulnerable to Log Injection | |
| CVE-2018-1334 | unknown | — | — | 7y ago | Exposure of Sensitive Information to an Unauthorized Actor in Apache Spark |