9 matches found
ai.catboost:catboost-spark_2.3_2.11 (>=0.25 <=1.2.7), ai.h2o:sparkling-water-examples_2.11 (>=2.3.0 <=2.3.6) +165 more potentially affected by CVE-2018-1334 via org.apache.spark:spark-core_2.11 (=2.3.0)
org.apache.spark:spark-core2.11 MAVEN version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.spark:spark-core2.11 and may be impacted: - ai.catboost:catboost-spark2.32.11 =0.25, =2.3.0, =2.3.0, =0.0.3, =1.0, =0.1.0, =1.0, =0.4.0,...
ae.teletronics.nlp:entityextraction (=1.3), ae.teletronics.nlp:w2vec (=1.0) +635 more potentially affected by CVE-2018-1334 via org.apache.spark:spark-core_2.11 (>=1.2.0 <=2.1.2)
org.apache.spark:spark-core2.11 MAVEN version =1.2.0, =2.0.0, =2.0.0, =2.0.0, =2.0.18, =2.0.0, =1.0.0, =0.5.2, =1.0, =2.11-2.1.1-2.2.0, =4.2.0, =4.2.0, =5.0.0 and more Source cves: CVE-2018-1334 Source advisory: OSV:GHSA-6MQQ-8R44-VMJC...
sourced-ml (=0.4.5) potentially affected by CVE-2018-1334 via pyspark (=2.2.0.post0)
pyspark PYPI version =2.2.0.post0 is affected by a known vulnerability. The following packages have a transitive dependency on pyspark and may be impacted: - sourced-ml =0.4.5 Source cves: CVE-2018-1334 Source advisory: OSV:GHSA-6MQQ-8R44-VMJC...
ai.grakn:client-java (=1.3.0), ai.grakn:grakn-bootup (>=1.1.0 <=v1.1.0-226-g847ecff2d8e26f249422247d7665fe15f07b1744) +643 more potentially affected by CVE-2018-1334 via org.apache.spark:spark-core_2.10 (>=1.0.0 <=2.1.2)
org.apache.spark:spark-core2.10 MAVEN version =1.0.0, =1.1.0, =0.7.0, =0.12.0, =1.2.0, =0.12.0, =1.0.0, =1.0.0, =0.10.0, =0.15.0, =0.6.1, =0.17.0, =1.1.0 and more Source cves: CVE-2018-1334 Source advisory: OSV:GHSA-6MQQ-8R44-VMJChttps://vulners.com/osv/OSV:GHSA-6MQQ-8R44-VMJC...
eskapade-spark (>=0.8.0 <=0.8.2), pytispark (>=1.0.0rc2 <=1.0.1) potentially affected by CVE-2018-1334 via pyspark (=2.1.2)
pyspark PYPI version =2.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on pyspark and may be impacted: - eskapade-spark =0.8.0, =1.0.0rc2, =1.0.1 Source cves: CVE-2018-1334 Source advisory: OSV:GHSA-6MQQ-8R44-VMJC...
Security Bulletin: Vulnerabilities in Apache Spark affect IBM Operations Analytics Predictive Insights (CVE-2018-8024, CVE-2018-1334)
Summary Apache Spark is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs. Note that the usage of Apache Spark within IBM Operations Analytics Predictive Insights is limited to the REST Mediation utility. If you do...
CVE-2018-1334
In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using PySpark or SparkR, it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application...
CVE-2018-1334
In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using PySpark or SparkR, it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application...
CVE-2018-1334
Apache Spark up to version 2.3.0 (affected: 1.0.0–2.1.2, 2.2.0–2.2.1, 2.3.0) is vulnerable to an impersonation flaw when using PySpark or SparkR that lets a different local user connect to a Spark application and impersonate the Spark user. The issue is confirmed across multiple sources (e.g., SU...