OSV - Open Source Vulnerabilities

GHSA-59hw-j9g6-mfg3

Maven/org.apache.spark:spark-parent_2.12
PyPI/pyspark

Apache Spark UI vulnerable to Command Injection

02 May 2023

Fix available
Severity - 8.7 (High)

PYSEC-2023-72

PyPI/pyspark

See record for full details

02 May 2023

Fix available

GHSA-329j-jfvr-rhr6

Maven/org.apache.spark:spark-core_2.12
Maven/org.apache.spark:spark-core_2.13
PyPI/pyspark

Apache Spark vulnerable to Improper Privilege Management

17 Apr 2023

Fix available
Severity - 9.9 (Critical)

PYSEC-2023-44

PyPI/pyspark

See record for full details

17 Apr 2023

Fix available

GHSA-43xg-8wmj-cw8h

Maven/org.apache.spark:spark-core_2.10
Maven/org.apache.spark:spark-core_2.11
Maven/org.apache.spark:spark-core_2.12
Maven/org.apache.spark:spark-core_2.13
Maven/org.apache.spark:spark-core_2.9.3
... 1 more

Apache Spark vulnerable to Log Injection

01 Nov 2022

Fix available
Severity - 5.4 (Medium)

PYSEC-2022-42976

PyPI/pyspark

See record for full details

01 Nov 2022

Fix available

GHSA-4x9r-j582-cgr8

Maven/org.apache.spark:spark-parent_2.12
PyPI/pyspark

Apache Spark UI can allow impersonation if ACLs enabled

19 Jul 2022

Fix available
Severity - 8.7 (High)

PYSEC-2022-236

PyPI/pyspark

See record for full details

18 Jul 2022

Fix available

GHSA-9rr6-jpg7-9jg6

Maven/org.apache.spark:spark-core
PyPI/pyspark

Authentication Bypass by Capture-replay in Apache Spark

11 Mar 2022

Fix available
Severity - 8.7 (High)

PYSEC-2022-186

PyPI/pyspark

See record for full details

10 Mar 2022

Fix available

GHSA-wgx7-jwwm-cgjv

Maven/org.apache.spark:spark-parent_2.11
PyPI/pyspark

Improper Authentication in Apache Spark

10 Feb 2022

Fix available
Severity - 9.3 (Critical)

PYSEC-2020-95

PyPI/pyspark

See record for full details

23 Jun 2020

Fix available

GHSA-fp5j-3fpf-mhj5

Maven/org.apache.spark:spark-core_2.11
PyPI/pyspark

Sensitive data written to disk unencrypted in Spark

08 Aug 2019

Fix available
Severity - 8.7 (High)

PYSEC-2019-114

PyPI/pyspark

See record for full details

07 Aug 2019

Fix available

GHSA-6mqq-8r44-vmjc

Maven/org.apache.spark:spark-core_2.10
Maven/org.apache.spark:spark-core_2.11
PyPI/pyspark

Exposure of Sensitive Information to an Unauthorized Actor in Apache Spark

14 Mar 2019

Fix available
Severity - 6.0 (Medium)

GHSA-fvxv-9xxr-h7wj

PyPI/pyspark

Pyspark User Impersonation Vulnerability

07 Feb 2019

Fix available
Severity - 6.8 (Medium)

Load more...(1 page left)