| CVE-2017-12612 |
high |
7.8 |
7.8 |
9y ago |
Apache Spark Deserialization of Untrusted Data vulnerability |
|
| CVE-2022-33891 |
unknown |
— |
1.5 |
4y ago |
Apache Spark UI can allow impersonation if ACLs enabled |
|
| CVE-2025-55039 |
unknown |
— |
— |
8mo ago |
Apache Spark has Inadequate Encryption Strength |
|
| CVE-2023-32007 |
unknown |
— |
— |
3y ago |
Apache Spark UI vulnerable to Command Injection |
|
| CVE-2023-22946 |
unknown |
— |
— |
3y ago |
Apache Spark vulnerable to Improper Privilege Management |
|
| CVE-2022-31777 |
unknown |
— |
— |
4y ago |
Apache Spark vulnerable to Log Injection |
|
| CVE-2021-38296 |
unknown |
— |
— |
4y ago |
Authentication Bypass by Capture-replay in Apache Spark |
|
| CVE-2019-10099 |
unknown |
— |
— |
7y ago |
Sensitive data written to disk unencrypted in Spark |
|
| CVE-2018-1334 |
unknown |
— |
— |
7y ago |
Exposure of Sensitive Information to an Unauthorized Actor in Apache Spark |
|