Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/pyspark@1.0.2
Typepypi
Namespace
Namepyspark
Version1.0.2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.4.4
Latest_non_vulnerable_version3.5.2
Affected_by_vulnerabilities
0
url VCID-mmf5-ctmn-b3ep
vulnerability_id VCID-mmf5-ctmn-b3ep
summary When using PySpark , it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. This affects versions 1.x, 2.0.x, 2.1.x, 2.2.0 to 2.2.2, and 2.3.0 to 2.3.1.
references
0
reference_url https://github.com/advisories/GHSA-fvxv-9xxr-h7wj
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-fvxv-9xxr-h7wj
1
reference_url https://github.com/apache/spark
reference_id
reference_type
scores
url https://github.com/apache/spark
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pyspark/PYSEC-2019-169.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/pyspark/PYSEC-2019-169.yaml
3
reference_url https://lists.apache.org/thread.html/6d015e56b3a3da968f86e0b6acc69f17ecc16b499389e12d8255bf6e@%3Ccommits.spark.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/6d015e56b3a3da968f86e0b6acc69f17ecc16b499389e12d8255bf6e@%3Ccommits.spark.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/a86ee93d07b6f61b82b61a28049aed311f5cc9420d26cc95f1a9de7b@%3Cuser.spark.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/a86ee93d07b6f61b82b61a28049aed311f5cc9420d26cc95f1a9de7b@%3Cuser.spark.apache.org%3E
5
reference_url https://web.archive.org/web/20200227091119/http://www.securityfocus.com/bid/106786
reference_id
reference_type
scores
url https://web.archive.org/web/20200227091119/http://www.securityfocus.com/bid/106786
6
reference_url https://web.archive.org/web/20200925111106/https://issues.apache.org/jira/browse/SPARK-26802
reference_id
reference_type
scores
url https://web.archive.org/web/20200925111106/https://issues.apache.org/jira/browse/SPARK-26802
7
reference_url http://www.securityfocus.com/bid/106786
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/106786
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-11760
reference_id CVE-2018-11760
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-11760
fixed_packages
0
url pkg:pypi/pyspark@2.2.3
purl pkg:pypi/pyspark@2.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4rcx-smaw-c3an
1
vulnerability VCID-713x-tc78-rua3
2
vulnerability VCID-adsy-uby8-gkc9
3
vulnerability VCID-dwzq-skka-qkhj
4
vulnerability VCID-ntyz-qt6e-vqf3
5
vulnerability VCID-pue3-vp1e-xkat
6
vulnerability VCID-sr15-sfp8-vkfg
7
vulnerability VCID-xxtq-3ec6-m7hj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pyspark@2.2.3
1
url pkg:pypi/pyspark@2.3.2
purl pkg:pypi/pyspark@2.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4rcx-smaw-c3an
1
vulnerability VCID-713x-tc78-rua3
2
vulnerability VCID-adsy-uby8-gkc9
3
vulnerability VCID-dwzq-skka-qkhj
4
vulnerability VCID-ntyz-qt6e-vqf3
5
vulnerability VCID-pue3-vp1e-xkat
6
vulnerability VCID-sr15-sfp8-vkfg
7
vulnerability VCID-xxtq-3ec6-m7hj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pyspark@2.3.2
aliases CVE-2018-11760, GHSA-fvxv-9xxr-h7wj, PYSEC-2019-169
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mmf5-ctmn-b3ep
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/pyspark@1.0.2