| CVE-2017-12612 |
high |
7.8 |
7.8 |
|
|
|
9y ago |
Apache Spark Deserialization of Untrusted Data vulnerability |
| CVE-2022-33891 |
unknown |
— |
2.5 |
|
|
|
4y ago |
Apache Spark contains a command injection vulnerability via Spark User Interface (UI) when Access Control Lists (ACLs) are enabled. |
| CVE-2025-55039 |
unknown |
— |
— |
|
|
|
8mo ago |
Apache Spark has Inadequate Encryption Strength |
| CVE-2023-32007 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Spark UI vulnerable to Command Injection |
| CVE-2023-22946 |
unknown |
— |
— |
|
|
|
3y ago |
Apache Spark vulnerable to Improper Privilege Management |
| CVE-2022-31777 |
unknown |
— |
— |
|
|
|
4y ago |
Apache Spark vulnerable to Log Injection |
| CVE-2021-38296 |
unknown |
— |
— |
|
|
|
4y ago |
Authentication Bypass by Capture-replay in Apache Spark |
| CVE-2020-9480 |
unknown |
— |
— |
|
|
|
4y ago |
Improper Authentication in Apache Spark |
| CVE-2019-10099 |
unknown |
— |
— |
|
|
|
7y ago |
Sensitive data written to disk unencrypted in Spark |
| CVE-2018-1334 |
unknown |
— |
— |
|
|
|
7y ago |
Exposure of Sensitive Information to an Unauthorized Actor in Apache Spark |