pkg:maven/pyspark
Type
maven
Name
pyspark
Known advisories, vulnerabilities and fixes for pyspark package.
High
3
Moderate
1
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | < 3.2.2 |
CVE-2022-31777
|
 MAVEN:GHSA-43XG-8WMJ-CW8H
|
Apache Spark vulnerable to Log Injection | moderate |
2022-11-01T19:00:29
(22 months ago) |
|
| Fixed | = 3.2.2 |
CVE-2022-31777
|
MAVEN:GHSA-43XG-8WMJ-CW8H
|
Apache Spark vulnerable to Log Injection | moderate |
2022-11-01T19:00:29
(22 months ago) |
|
| Affected | >= 3.1.1, < 3.2.2 <= 3.0.3 |
CVE-2022-33891
|
MAVEN:GHSA-4X9R-J582-CGR8
|
Apache Spark UI can allow impersonation if ACLs enabled | high |
2022-07-19T00:00:29
(2 years ago) |
|
| Fixed | = 3.2.2 |
CVE-2022-33891
|
MAVEN:GHSA-4X9R-J582-CGR8
|
Apache Spark UI can allow impersonation if ACLs enabled | high |
2022-07-19T00:00:29
(2 years ago) |
|
| Affected | >= 3.1.1, < 3.2.2 |
CVE-2023-32007
|
MAVEN:GHSA-59HW-J9G6-MFG3
|
Apache Spark UI vulnerable to Command Injection | high |
2023-05-02T09:30:17
(16 months ago) |
|
| Fixed | = 3.2.2 |
CVE-2023-32007
|
MAVEN:GHSA-59HW-J9G6-MFG3
|
Apache Spark UI vulnerable to Command Injection | high |
2023-05-02T09:30:17
(16 months ago) |
|
| Affected | < 3.1.3 |
CVE-2021-38296
|
MAVEN:GHSA-9RR6-JPG7-9JG6
|
Authentication Bypass by Capture-replay in Apache Spark | high |
2022-03-11T00:02:36
(2 years ago) |
|
| Fixed | = 3.1.3 |
CVE-2021-38296
|
MAVEN:GHSA-9RR6-JPG7-9JG6
|
Authentication Bypass by Capture-replay in Apache Spark | high |
2022-03-11T00:02:36
(2 years ago) |