Search for packages
| purl | pkg:maven/com.sparkjava/spark-core@2.5.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-jt5z-2bjf-rye2
Aliases: CVE-2018-9159 GHSA-76qr-mmh8-cp8f |
Path Traversal In Spark, a remote attacker can read unintended static files via various representations of absolute or relative pathnames. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-hbp1-4yaj-nyhq | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Directory traversal vulnerability in Spark 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. |
CVE-2016-9177
GHSA-89gc-6cw6-4vch |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-05T21:06:16.218857+00:00 | GHSA Importer | Fixing | VCID-hbp1-4yaj-nyhq | https://github.com/advisories/GHSA-89gc-6cw6-4vch | 38.6.0 |
| 2026-06-04T20:11:44.891025+00:00 | GitLab Importer | Affected by | VCID-jt5z-2bjf-rye2 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sparkjava/spark-core/CVE-2018-9159.yml | 38.6.0 |
| 2026-06-04T18:23:54.470567+00:00 | GHSA Importer | Affected by | VCID-jt5z-2bjf-rye2 | https://github.com/advisories/GHSA-76qr-mmh8-cp8f | 38.6.0 |
| 2026-06-04T17:37:59.044224+00:00 | GithubOSV Importer | Fixing | VCID-hbp1-4yaj-nyhq | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-89gc-6cw6-4vch/GHSA-89gc-6cw6-4vch.json | 38.6.0 |
| 2026-06-02T04:38:16.760454+00:00 | GitLab Importer | Fixing | VCID-hbp1-4yaj-nyhq | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sparkjava/spark-core/CVE-2016-9177.yml | 38.6.0 |