{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4572?format=json","vulnerability_id":"VCID-643h-28mc-j7ak","summary":"","aliases":[{"alias":"CVE-2018-11770"},{"alias":"GHSA-w4r4-65mg-45x2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/434041?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@2.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-hny6-pffj-effk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/15525?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@2.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-hny6-pffj-effk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.3.3"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/390708?format=json","purl":"pkg:maven/org.apache.spark/spark-core@1.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core@1.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/14449?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/433989?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/433990?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/433991?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/433992?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/433993?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/433994?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/433995?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/392710?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/433996?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/433997?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/433998?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/433999?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/434000?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/434001?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/434002?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/434003?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/434004?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.6.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/434005?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@1.6.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@1.6.3"},{"url":"http://public2.vulnerablecode.io/api/packages/434006?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/434007?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@2.0.0-preview","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.0.0-preview"},{"url":"http://public2.vulnerablecode.io/api/packages/434008?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/434009?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@2.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/15070?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@2.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2af6-5chu-13gu"},{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/434010?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@2.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2af6-5chu-13gu"},{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/14458?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@2.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2af6-5chu-13gu"},{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/15071?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@2.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/14456?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@2.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2af6-5chu-13gu"},{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/434040?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@2.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2af6-5chu-13gu"},{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/14450?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.10@2.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.10@2.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/14451?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@1.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/415421?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@1.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/415422?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@1.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/415423?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@1.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/392654?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@1.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/415424?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@1.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/415425?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@1.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/415426?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@1.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/415427?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@1.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/415428?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@1.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/415429?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@1.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/415430?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@1.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/415431?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@1.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/415432?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@1.6.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/415433?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@1.6.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@1.6.3"},{"url":"http://public2.vulnerablecode.io/api/packages/415434?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/415435?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@2.0.0-preview","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.0.0-preview"},{"url":"http://public2.vulnerablecode.io/api/packages/415436?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/415437?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@2.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/15074?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@2.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2af6-5chu-13gu"},{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/389235?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@2.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2af6-5chu-13gu"},{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-rkkz-4vc4-4bbb"},{"vulnerability":"VCID-s653-s8v5-vbdr"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/14457?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@2.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2af6-5chu-13gu"},{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/15075?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@2.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"},{"vulnerability":"VCID-yhhf-zmkx-6bah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/14455?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@2.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2af6-5chu-13gu"},{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/434038?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@2.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2af6-5chu-13gu"},{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/15076?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@2.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/434039?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@2.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/15072?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@2.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2af6-5chu-13gu"},{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-guwf-cxzd-gfh7"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/15073?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@2.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/14452?format=json","purl":"pkg:maven/org.apache.spark/spark-core_2.11@2.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59qu-716n-7qfu"},{"vulnerability":"VCID-643h-28mc-j7ak"},{"vulnerability":"VCID-hny6-pffj-effk"},{"vulnerability":"VCID-t7k1-q8x4-yqe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.spark/spark-core_2.11@2.3.2"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11770.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11770.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11770","reference_id":"","reference_type":"","scores":[{"value":"0.88996","scoring_system":"epss","scoring_elements":"0.99546","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11770"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.apache.org/thread.html/bd8e51314041451a2acd720e9223fc1c15a263ccacb396a75b1fc485@%3Cdev.spark.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/bd8e51314041451a2acd720e9223fc1c15a263ccacb396a75b1fc485@%3Cdev.spark.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/bd8e51314041451a2acd720e9223fc1c15a263ccacb396a75b1fc485%40%3Cdev.spark.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/bd8e51314041451a2acd720e9223fc1c15a263ccacb396a75b1fc485%40%3Cdev.spark.apache.org%3E"},{"reference_url":"https://spark.apache.org/security.html#CVE-2018-11770","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://spark.apache.org/security.html#CVE-2018-11770"},{"reference_url":"https://web.archive.org/web/20200227114942/http://www.securityfocus.com/bid/105097","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200227114942/http://www.securityfocus.com/bid/105097"},{"reference_url":"http://www.securityfocus.com/bid/105097","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/105097"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1615652","reference_id":"1615652","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1615652"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11770","reference_id":"CVE-2018-11770","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11770"},{"reference_url":"https://github.com/advisories/GHSA-w4r4-65mg-45x2","reference_id":"GHSA-w4r4-65mg-45x2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w4r4-65mg-45x2"}],"weaknesses":[{"cwe_id":287,"name":"Improper Authentication","description":"When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct."},{"cwe_id":306,"name":"Missing Authentication for Critical Function","description":"The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[{"date_added":null,"description":"This module exploits an unauthenticated command execution vulnerability in Apache Spark with standalone cluster mode through REST API.\n          It uses the function CreateSubmissionRequest to submit a malious java class and trigger it.","required_action":null,"due_date":null,"notes":"SideEffects:\n  - artifacts-on-disk\n  - ioc-in-logs\nStability:\n  - crash-safe\nReliability:\n  - repeatable-session\n","known_ransomware_campaign_use":false,"source_date_published":"2017-12-12","exploit_type":null,"platform":"Java","source_date_updated":null,"data_source":"Metasploit","source_url":"https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/linux/http/spark_unauth_rce.rb"}],"severity_range_score":"4.0 - 6.9","exploitability":"2.0","weighted_severity":"6.2","risk_score":10.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-643h-28mc-j7ak"}