pkg:maven/pyspark
Type
maven
Name
pyspark
Known advisories, vulnerabilities and fixes for pyspark package.
High
3
Moderate
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 3.2.2 |
CVE-2022-31777
|
MAVEN:GHSA-43XG-8WMJ-CW8H | Apache Spark vulnerable to Log Injection | moderate |
2022-11-01T19:00:29
(22 months ago) |
|
Fixed | = 3.2.2 |
CVE-2022-31777
|
MAVEN:GHSA-43XG-8WMJ-CW8H | Apache Spark vulnerable to Log Injection | moderate |
2022-11-01T19:00:29
(22 months ago) |
|
Affected | >= 3.1.1, < 3.2.2 <= 3.0.3 |
CVE-2022-33891
|
MAVEN:GHSA-4X9R-J582-CGR8 | Apache Spark UI can allow impersonation if ACLs enabled | high |
2022-07-19T00:00:29
(2 years ago) |
|
Fixed | = 3.2.2 |
CVE-2022-33891
|
MAVEN:GHSA-4X9R-J582-CGR8 | Apache Spark UI can allow impersonation if ACLs enabled | high |
2022-07-19T00:00:29
(2 years ago) |
|
Affected | >= 3.1.1, < 3.2.2 |
CVE-2023-32007
|
MAVEN:GHSA-59HW-J9G6-MFG3 | Apache Spark UI vulnerable to Command Injection | high |
2023-05-02T09:30:17
(16 months ago) |
|
Fixed | = 3.2.2 |
CVE-2023-32007
|
MAVEN:GHSA-59HW-J9G6-MFG3 | Apache Spark UI vulnerable to Command Injection | high |
2023-05-02T09:30:17
(16 months ago) |
|
Affected | < 3.1.3 |
CVE-2021-38296
|
MAVEN:GHSA-9RR6-JPG7-9JG6 | Authentication Bypass by Capture-replay in Apache Spark | high |
2022-03-11T00:02:36
(2 years ago) |
|
Fixed | = 3.1.3 |
CVE-2021-38296
|
MAVEN:GHSA-9RR6-JPG7-9JG6 | Authentication Bypass by Capture-replay in Apache Spark | high |
2022-03-11T00:02:36
(2 years ago) |