Search for packages
Package details: pkg:maven/org.apache.spark/spark-core_2.11@2.3.3
purl pkg:maven/org.apache.spark/spark-core_2.11@2.3.3
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.5
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-d7qj-byug-aaan
Aliases:
CVE-2018-17190
GHSA-phg2-9c5g-m4q7
Low severity vulnerability that affects org.apache.spark:spark-core_2.10 and org.apache.spark:spark-core_2.11 There are no reported fixed by versions.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-6e2g-d1n5-aaam Prior to Spark 2.3.3, in certain situations Spark would write user data to local disk unencrypted, even if spark.io.encryption.enabled=true. This includes cached blocks that are fetched to disk (controlled by spark.maxRemoteBlockSizeFetchToMem); in SparkR, using parallelize; in Pyspark, using broadcast and parallelize; and use of python udfs. CVE-2019-10099
GHSA-fp5j-3fpf-mhj5
PYSEC-2019-114
PYSEC-2019-44
VCID-nhcd-qhgh-aaah Moderate severity vulnerability that affects org.apache.spark:spark-core_2.10 and org.apache.spark:spark-core_2.11 CVE-2018-11770
GHSA-w4r4-65mg-45x2

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T14:29:30.328751+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam None 36.1.3
2025-06-20T14:29:29.410581+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2019-10099.yml 36.1.3
2025-06-20T14:20:43.786833+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-17190.yml 36.1.3
2025-06-20T14:20:41.172941+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan None 36.1.3
2025-06-20T14:18:21.581905+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-11770.yml 36.1.3
2025-06-20T14:18:21.048600+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah None 36.1.3
2025-06-03T21:13:23.195896+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam None 36.1.0
2025-06-03T21:13:22.238992+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2019-10099.yml 36.1.0
2025-06-03T21:04:48.647514+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-17190.yml 36.1.0
2025-06-03T21:04:45.424351+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan None 36.1.0
2025-06-03T21:04:32.617637+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-11770.yml 36.1.0
2025-06-03T21:04:32.183258+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah None 36.1.0
2025-06-02T20:54:07.291901+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam None 36.1.2
2025-06-02T20:54:06.116327+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2019-10099.yml 36.1.2
2025-06-02T20:44:39.768731+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-17190.yml 36.1.2
2025-06-02T20:44:36.054574+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan None 36.1.2
2025-06-02T20:44:21.816604+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-11770.yml 36.1.2
2025-06-02T20:44:21.213860+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah None 36.1.2
2025-04-03T17:21:34.727533+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam None 36.0.0
2025-04-03T17:21:32.417064+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2019-10099.yml 36.0.0
2025-04-03T17:06:25.708464+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-17190.yml 36.0.0
2025-04-03T17:06:19.262143+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan None 36.0.0
2025-04-03T17:05:59.546158+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-11770.yml 36.0.0
2025-04-03T17:05:58.499948+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah None 36.0.0
2025-03-28T20:03:13.808282+00:00 GHSA Importer Fixing VCID-6e2g-d1n5-aaam None 36.0.0
2025-02-18T07:40:27.197906+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah None 35.1.0
2025-02-18T07:40:26.992569+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-11770.yml 35.1.0
2025-02-18T07:04:49.578052+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-17190.yml 35.1.0
2025-02-18T07:04:49.327540+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan None 35.1.0
2025-02-18T06:17:18.126917+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam None 35.1.0
2025-02-18T01:39:28.771104+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2019-10099.yml 35.1.0
2024-11-21T03:10:54.334440+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-11770.yml 35.0.0
2024-11-21T02:51:39.147426+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-17190.yml 35.0.0
2024-11-20T23:55:06.749330+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2019-10099.yml 35.0.0
2024-11-19T02:53:51.766774+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-11770.yml 34.3.2
2024-11-19T02:41:38.320621+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-17190.yml 34.3.2
2024-11-18T23:43:35.475066+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2019-10099.yml 34.3.2
2024-10-15T18:21:51.773725+00:00 GithubOSV Importer Fixing VCID-6e2g-d1n5-aaam https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/08/GHSA-fp5j-3fpf-mhj5/GHSA-fp5j-3fpf-mhj5.json 34.0.2
2024-10-08T03:29:45.345889+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-11770.yml 34.0.2
2024-10-08T03:09:58.474971+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-17190.yml 34.0.2
2024-10-08T02:44:53.369304+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2019-10099.yml 34.0.2
2024-10-07T17:55:25.390691+00:00 GHSA Importer Fixing VCID-6e2g-d1n5-aaam https://github.com/advisories/GHSA-fp5j-3fpf-mhj5 34.0.2
2024-10-07T17:42:04.325018+00:00 GHSA Importer Affected by VCID-d7qj-byug-aaan https://github.com/advisories/GHSA-phg2-9c5g-m4q7 34.0.2
2024-10-07T17:39:39.988669+00:00 GHSA Importer Fixing VCID-nhcd-qhgh-aaah https://github.com/advisories/GHSA-w4r4-65mg-45x2 34.0.2
2024-09-23T03:24:36.831532+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-11770.yml 34.0.1
2024-09-23T03:06:03.653050+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-17190.yml 34.0.1
2024-09-22T18:13:57.214893+00:00 GHSA Importer Affected by VCID-d7qj-byug-aaan https://github.com/advisories/GHSA-phg2-9c5g-m4q7 34.0.1
2024-09-22T18:11:22.967352+00:00 GHSA Importer Fixing VCID-nhcd-qhgh-aaah https://github.com/advisories/GHSA-w4r4-65mg-45x2 34.0.1
2024-09-18T09:17:59.728540+00:00 GithubOSV Importer Fixing VCID-6e2g-d1n5-aaam https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/08/GHSA-fp5j-3fpf-mhj5/GHSA-fp5j-3fpf-mhj5.json 34.0.1
2024-09-17T22:37:27.996841+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2019-10099.yml 34.0.1
2024-09-17T22:05:28.306136+00:00 GHSA Importer Fixing VCID-6e2g-d1n5-aaam https://github.com/advisories/GHSA-fp5j-3fpf-mhj5 34.0.1
2024-04-24T06:05:21.779549+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah None 34.0.0rc4
2024-04-24T06:05:21.539842+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-11770.yml 34.0.0rc4
2024-04-24T05:43:30.583805+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-17190.yml 34.0.0rc4
2024-04-24T05:43:30.307264+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan None 34.0.0rc4
2024-04-24T05:13:31.168201+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2019-10099.yml 34.0.0rc4
2024-04-24T05:13:30.921333+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam None 34.0.0rc4
2024-04-23T23:12:15.338200+00:00 GithubOSV Importer Fixing VCID-6e2g-d1n5-aaam https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/08/GHSA-fp5j-3fpf-mhj5/GHSA-fp5j-3fpf-mhj5.json 34.0.0rc4
2024-04-23T19:21:13.677250+00:00 GHSA Importer Fixing VCID-6e2g-d1n5-aaam None 34.0.0rc4
2024-04-23T19:21:13.437868+00:00 GHSA Importer Fixing VCID-6e2g-d1n5-aaam https://github.com/advisories/GHSA-fp5j-3fpf-mhj5 34.0.0rc4
2024-04-23T19:08:15.985380+00:00 GHSA Importer Affected by VCID-d7qj-byug-aaan None 34.0.0rc4
2024-04-23T19:08:15.706124+00:00 GHSA Importer Affected by VCID-d7qj-byug-aaan https://github.com/advisories/GHSA-phg2-9c5g-m4q7 34.0.0rc4
2024-04-23T18:59:31.921144+00:00 GHSA Importer Fixing VCID-nhcd-qhgh-aaah https://github.com/advisories/GHSA-w4r4-65mg-45x2 34.0.0rc4
2024-04-23T18:59:31.224834+00:00 GHSA Importer Fixing VCID-nhcd-qhgh-aaah None 34.0.0rc4
2024-01-10T08:36:32.107995+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah None 34.0.0rc2
2024-01-10T08:36:31.867624+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-11770.yml 34.0.0rc2
2024-01-10T08:15:11.514935+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-17190.yml 34.0.0rc2
2024-01-10T08:15:11.239209+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan None 34.0.0rc2
2024-01-10T07:45:08.579113+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2019-10099.yml 34.0.0rc2
2024-01-10T07:45:08.344890+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam None 34.0.0rc2
2024-01-09T21:12:40.577515+00:00 GHSA Importer Fixing VCID-6e2g-d1n5-aaam None 34.0.0rc2
2024-01-09T21:12:40.312516+00:00 GHSA Importer Fixing VCID-6e2g-d1n5-aaam https://github.com/advisories/GHSA-fp5j-3fpf-mhj5 34.0.0rc2
2024-01-09T20:57:33.011854+00:00 GHSA Importer Affected by VCID-d7qj-byug-aaan None 34.0.0rc2
2024-01-09T20:57:32.719451+00:00 GHSA Importer Affected by VCID-d7qj-byug-aaan https://github.com/advisories/GHSA-phg2-9c5g-m4q7 34.0.0rc2
2024-01-09T20:51:53.631405+00:00 GHSA Importer Fixing VCID-nhcd-qhgh-aaah https://github.com/advisories/GHSA-w4r4-65mg-45x2 34.0.0rc2
2024-01-09T20:51:52.934906+00:00 GHSA Importer Fixing VCID-nhcd-qhgh-aaah None 34.0.0rc2
2024-01-04T01:21:45.075048+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah None 34.0.0rc1
2024-01-04T01:21:44.830271+00:00 GitLab Importer Fixing VCID-nhcd-qhgh-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-11770.yml 34.0.0rc1
2024-01-04T01:00:31.128208+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2018-17190.yml 34.0.0rc1
2024-01-04T01:00:30.848211+00:00 GitLab Importer Affected by VCID-d7qj-byug-aaan None 34.0.0rc1
2024-01-04T00:30:23.637895+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam None 34.0.0rc1
2024-01-03T18:00:22.741458+00:00 GitLab Importer Fixing VCID-6e2g-d1n5-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.spark/spark-core_2.11/CVE-2019-10099.yml 34.0.0rc1
2024-01-03T17:40:23.257529+00:00 GHSA Importer Fixing VCID-6e2g-d1n5-aaam https://github.com/advisories/GHSA-fp5j-3fpf-mhj5 34.0.0rc1
2024-01-03T16:14:41.524462+00:00 GHSA Importer Fixing VCID-6e2g-d1n5-aaam None 34.0.0rc1
2024-01-03T16:06:16.943284+00:00 GHSA Importer Affected by VCID-d7qj-byug-aaan None 34.0.0rc1
2024-01-03T16:02:35.424803+00:00 GHSA Importer Fixing VCID-nhcd-qhgh-aaah None 34.0.0rc1