Apache Spark is a multilingual engine for performing data engineering, data science, and machine learning on a single-node machine or cluster. Apache Spark is vulnerable to an encryption issue that stems from the program’s use of a custom mutual authentication protocol that allows fully encrypted key recovery, which can be exploited by an attacker to decrypt plaintext traffic offline.
CPE | Name | Operator | Version |
---|---|---|---|
apache spark | le | 3.1.2 |