Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.spark/spark-core_2.11@2.3.1
Typemaven
Namespaceorg.apache.spark
Namespark-core_2.11
Version2.3.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-4r6t-jf6t-hkfu
vulnerability_id VCID-4r6t-jf6t-hkfu
summary 
Improper Authentication
In all versions of Apache Spark, the standalone resource manager accepts code to execute on a `master` host, that then runs that code on `worker` hosts. The master itself does not, by design, execute user code. A specially-crafted request to the master can, however, cause the master to execute code too. Note that this does not affect standalone clusters with authentication enabled. While the master host typically has less outbound access to other resources than a worker, the execution of code on the master is nevertheless unexpected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-17190
reference_id
reference_type
scores
0
value 0.0121
scoring_system epss
scoring_elements 0.79312
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-17190
1
reference_url https://lists.apache.org/thread.html/341c3187f15cdb0d353261d2bfecf2324d56cb7db1339bfc7b30f6e5@%3Cdev.spark.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/341c3187f15cdb0d353261d2bfecf2324d56cb7db1339bfc7b30f6e5@%3Cdev.spark.apache.org%3E
2
reference_url https://security.gentoo.org/glsa/201903-21
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201903-21
3
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
4
reference_url http://www.securityfocus.com/bid/105976
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/105976
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-17190
reference_id CVE-2018-17190
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-17190
6
reference_url https://github.com/advisories/GHSA-phg2-9c5g-m4q7
reference_id GHSA-phg2-9c5g-m4q7
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-phg2-9c5g-m4q7
fixed_packages
aliases CVE-2018-17190, GHSA-phg2-9c5g-m4q7
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4r6t-jf6t-hkfu
1
url VCID-8fxy-5cvh-vfag
vulnerability_id VCID-8fxy-5cvh-vfag
summary 
Improper Authentication
Apache Spark standalone master exposes a REST API for job submission, in addition to the submission mechanism used by spark-submit. In standalone, the config property `spark.authenticate.secret` establishes a shared secret for authenticating requests to submit jobs via spark-submit. However, the REST API does not use this or any other authentication mechanism, and this is not adequately documented. In this case, a user would be able to run a driver program without authenticating, but not launch executors, using the REST API.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11770.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11770.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-11770
reference_id
reference_type
scores
0
value 0.88996
scoring_system epss
scoring_elements 0.99543
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-11770
2
reference_url https://lists.apache.org/thread.html/bd8e51314041451a2acd720e9223fc1c15a263ccacb396a75b1fc485@%3Cdev.spark.apache.org%3E
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/bd8e51314041451a2acd720e9223fc1c15a263ccacb396a75b1fc485@%3Cdev.spark.apache.org%3E
3
reference_url https://lists.apache.org/thread.html/bd8e51314041451a2acd720e9223fc1c15a263ccacb396a75b1fc485%40%3Cdev.spark.apache.org%3E
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/bd8e51314041451a2acd720e9223fc1c15a263ccacb396a75b1fc485%40%3Cdev.spark.apache.org%3E
4
reference_url https://spark.apache.org/security.html#CVE-2018-11770
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://spark.apache.org/security.html#CVE-2018-11770
5
reference_url https://web.archive.org/web/20200227114942/http://www.securityfocus.com/bid/105097
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227114942/http://www.securityfocus.com/bid/105097
6
reference_url http://www.securityfocus.com/bid/105097
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/105097
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1615652
reference_id 1615652
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1615652
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-11770
reference_id CVE-2018-11770
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-11770
9
reference_url https://github.com/advisories/GHSA-w4r4-65mg-45x2
reference_id GHSA-w4r4-65mg-45x2
reference_type
scores
url https://github.com/advisories/GHSA-w4r4-65mg-45x2
fixed_packages
0
url pkg:maven/org.apache.spark/spark-core_2.11@2.3.3
purl pkg:maven/org.apache.spark/spark-core_2.11@2.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4r6t-jf6t-hkfu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.3.3
aliases CVE-2018-11770, GHSA-w4r4-65mg-45x2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8fxy-5cvh-vfag
2
url VCID-ntyz-qt6e-vqf3
vulnerability_id VCID-ntyz-qt6e-vqf3
summary Prior to Spark 2.3.3, in certain situations Spark would write user data to local disk unencrypted, even if spark.io.encryption.enabled=true. This includes cached blocks that are fetched to disk (controlled by spark.maxRemoteBlockSizeFetchToMem); in SparkR, using parallelize; in Pyspark, using broadcast and parallelize; and use of python udfs.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10099
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.52112
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10099
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pyspark/PYSEC-2019-114.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pyspark/PYSEC-2019-114.yaml
2
reference_url https://lists.apache.org/thread.html/c2a39c207421797f82823a8aff488dcd332d9544038307bf69a2ba9e@%3Cuser.spark.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/c2a39c207421797f82823a8aff488dcd332d9544038307bf69a2ba9e@%3Cuser.spark.apache.org%3E
3
reference_url https://lists.apache.org/thread.html/ra216b7b0dd82a2c12c2df9d6095e689eb3f3d28164e6b6587da69fae@%3Ccommits.spark.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra216b7b0dd82a2c12c2df9d6095e689eb3f3d28164e6b6587da69fae@%3Ccommits.spark.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/rabe1d47e2bf8b8f6d9f3068c8d2679731d57fa73b3a7ed1fa82406d2@%3Cissues.spark.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rabe1d47e2bf8b8f6d9f3068c8d2679731d57fa73b3a7ed1fa82406d2@%3Cissues.spark.apache.org%3E
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10099
reference_id CVE-2019-10099
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10099
6
reference_url https://github.com/advisories/GHSA-fp5j-3fpf-mhj5
reference_id GHSA-fp5j-3fpf-mhj5
reference_type
scores
url https://github.com/advisories/GHSA-fp5j-3fpf-mhj5
fixed_packages
0
url pkg:maven/org.apache.spark/spark-core_2.11@2.3.3
purl pkg:maven/org.apache.spark/spark-core_2.11@2.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4r6t-jf6t-hkfu
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.3.3
aliases CVE-2019-10099, GHSA-fp5j-3fpf-mhj5, PYSEC-2019-114
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ntyz-qt6e-vqf3
Fixing_vulnerabilities
0
url VCID-3gwu-myk4-ufdj
vulnerability_id VCID-3gwu-myk4-ufdj
summary In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using PySpark or SparkR, it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1334
reference_id
reference_type
scores
0
value 0.00114
scoring_system epss
scoring_elements 0.2962
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1334
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pyspark/PYSEC-2018-25.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pyspark/PYSEC-2018-25.yaml
2
reference_url https://lists.apache.org/thread.html/4d6d210e319a501b740293daaeeeadb51927111fb8261a3e4cd60060@%3Cdev.spark.apache.org%3E
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/4d6d210e319a501b740293daaeeeadb51927111fb8261a3e4cd60060@%3Cdev.spark.apache.org%3E
3
reference_url https://spark.apache.org/security.html#CVE-2018-1334
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://spark.apache.org/security.html#CVE-2018-1334
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1334
reference_id CVE-2018-1334
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1334
5
reference_url https://github.com/advisories/GHSA-6mqq-8r44-vmjc
reference_id GHSA-6mqq-8r44-vmjc
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-6mqq-8r44-vmjc
fixed_packages
0
url pkg:maven/org.apache.spark/spark-core_2.11@2.1.3
purl pkg:maven/org.apache.spark/spark-core_2.11@2.1.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4r6t-jf6t-hkfu
1
vulnerability VCID-8fxy-5cvh-vfag
2
vulnerability VCID-k96c-fsnj-sfbq
3
vulnerability VCID-ntyz-qt6e-vqf3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.1.3
1
url pkg:maven/org.apache.spark/spark-core_2.11@2.2.2
purl pkg:maven/org.apache.spark/spark-core_2.11@2.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4r6t-jf6t-hkfu
1
vulnerability VCID-8fxy-5cvh-vfag
2
vulnerability VCID-ntyz-qt6e-vqf3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.2.2
2
url pkg:maven/org.apache.spark/spark-core_2.11@2.3.1
purl pkg:maven/org.apache.spark/spark-core_2.11@2.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4r6t-jf6t-hkfu
1
vulnerability VCID-8fxy-5cvh-vfag
2
vulnerability VCID-ntyz-qt6e-vqf3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.3.1
aliases CVE-2018-1334, GHSA-6mqq-8r44-vmjc, PYSEC-2018-25
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3gwu-myk4-ufdj
1
url VCID-hx6d-5966-dbgx
vulnerability_id VCID-hx6d-5966-dbgx
summary 
Information Exposure
In Apache Spark it is possible for a malicious user to construct a URL pointing to a Spark cluster UI job and stage info pages, and if a user can be tricked into accessing the URL, can be used to cause script to execute and expose information from the user view of the Spark UI. While some browsers like recent versions of Chrome and Safari are able to block this type of attack, current versions of Firefox (and possibly others) do not.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8024
reference_id
reference_type
scores
0
value 0.61137
scoring_system epss
scoring_elements 0.98338
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8024
1
reference_url https://lists.apache.org/thread.html/5f241d2cda21cbcb3b63e46e474cf5f50cce66927f08399f4fab0aba@%3Cdev.spark.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/5f241d2cda21cbcb3b63e46e474cf5f50cce66927f08399f4fab0aba@%3Cdev.spark.apache.org%3E
2
reference_url https://spark.apache.org/security.html#CVE-2018-8024
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://spark.apache.org/security.html#CVE-2018-8024
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-8024
reference_id CVE-2018-8024
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-8024
4
reference_url https://github.com/advisories/GHSA-8cw6-5qvp-q3wj
reference_id GHSA-8cw6-5qvp-q3wj
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-8cw6-5qvp-q3wj
fixed_packages
0
url pkg:maven/org.apache.spark/spark-core_2.11@2.1.3
purl pkg:maven/org.apache.spark/spark-core_2.11@2.1.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4r6t-jf6t-hkfu
1
vulnerability VCID-8fxy-5cvh-vfag
2
vulnerability VCID-k96c-fsnj-sfbq
3
vulnerability VCID-ntyz-qt6e-vqf3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.1.3
1
url pkg:maven/org.apache.spark/spark-core_2.11@2.2.2
purl pkg:maven/org.apache.spark/spark-core_2.11@2.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4r6t-jf6t-hkfu
1
vulnerability VCID-8fxy-5cvh-vfag
2
vulnerability VCID-ntyz-qt6e-vqf3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.2.2
2
url pkg:maven/org.apache.spark/spark-core_2.11@2.3.1
purl pkg:maven/org.apache.spark/spark-core_2.11@2.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4r6t-jf6t-hkfu
1
vulnerability VCID-8fxy-5cvh-vfag
2
vulnerability VCID-ntyz-qt6e-vqf3
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.3.1
aliases CVE-2018-8024, GHSA-8cw6-5qvp-q3wj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hx6d-5966-dbgx
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.3.1