Lucene search
K

12 matches found

vulnersOsv
vulnersOsv
added 2026/03/13 9:31 p.m.9 views

org.apache.livy:livy-assembly (>=0.4.0-incubating <=0.8.0-incubating), org.apache.livy:livy-coverage-report (>=0.4.0-incubating <=0.8.0-incubating) +3 more potentially affected by CVE-2025-66249 via org.apache.livy:livy-server (>=0.4.0-incubating <=0.8.0-incubating)

org.apache.livy:livy-server MAVEN version =0.4.0-incubating, =0.4.0-incubating, =0.4.0-incubating, =0.4.0-incubating, =0.6.0-incubating, =2.0.0, =2.8.2 Source cves: CVE-2025-66249 Source advisory: OSV:GHSA-H84F-4FF9-8HC3...

6.3CVSS5.8AI score0.00597EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/13 9:31 p.m.7 views

org.apache.livy:livy-assembly (>=0.7.0-incubating <=0.8.0-incubating), org.apache.livy:livy-coverage-report (>=0.7.0-incubating <=0.8.0-incubating) +3 more potentially affected by CVE-2025-60012 via org.apache.livy:livy-server (>=0.7.0-incubating <=0.8.0-incubating)

org.apache.livy:livy-server MAVEN version =0.7.0-incubating, =0.7.0-incubating, =0.7.0-incubating, =0.7.0-incubating, =0.7.0-incubating, =2.0.0, =2.8.2 Source cves: CVE-2025-60012 Source advisory: SNYK:JAVA-ORGAPACHELIVY-15674462...

6.3CVSS5.8AI score0.00488EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/03/13 9:31 p.m.8 views

org.apache.livy:livy-assembly (>=0.7.0-incubating <=0.8.0-incubating), org.apache.livy:livy-coverage-report (>=0.7.0-incubating <=0.8.0-incubating) +3 more potentially affected by CVE-2025-60012 via org.apache.livy:livy-server (>=0.7.0-incubating <=0.8.0-incubating)

org.apache.livy:livy-server MAVEN version =0.7.0-incubating, =0.7.0-incubating, =0.7.0-incubating, =0.7.0-incubating, =0.7.0-incubating, =2.0.0, =2.8.2 Source cves: CVE-2025-60012 Source advisory: OSV:GHSA-HM8X-RPGG-7855...

6.3CVSS5.8AI score0.00488EPSS
Exploits1
Snyk
Snyk
added 2026/03/13 9:31 p.m.4 views

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation when processing arbitrary Spark configuration values in requests. An attacker can gain unauthorized access to files by sending specially crafted requests to the REST or JDBC interface. Note: This is only...

6.3CVSS5.9AI score0.00488EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2026/03/13 4:47 p.m.7 views

org.apache.livy:livy-assembly (>=0.4.0-incubating <=0.8.0-incubating), org.apache.livy:livy-coverage-report (>=0.4.0-incubating <=0.8.0-incubating) +3 more potentially affected by CVE-2025-66249 via org.apache.livy:livy-server (>=0.4.0-incubating <=0.8.0-incubating)

org.apache.livy:livy-server MAVEN version =0.4.0-incubating, =0.4.0-incubating, =0.4.0-incubating, =0.4.0-incubating, =0.6.0-incubating, =2.0.0, =2.8.2 Source cves: CVE-2025-66249 Source advisory: SNYK:JAVA-ORGAPACHELIVY-15520260...

6.3CVSS5.8AI score0.00597EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/13 3:21 p.m.26 views

CVE-2025-66249 Apache Livy: Unauthorized directory access

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Livy. This issue affects Apache Livy: from 0.3.0 before 0.9.0. The vulnerability can only be exploited with non-default Apache Livy Server settings. If the configuration value...

0.00597EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.12 views

EUVD-2021-0984

Malware in sbrugna...

5.4CVSS5.5AI score0.02816EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2021/05/13 10:30 p.m.5 views

org.apache.livy:livy-assembly (=0.7.0-incubating), org.apache.livy:livy-coverage-report (=0.7.0-incubating) +2 more potentially affected by CVE-2021-26544 via org.apache.livy:livy-server (=0.7.0-incubating)

org.apache.livy:livy-server MAVEN version =0.7.0-incubating is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.livy:livy-server and may be impacted: - org.apache.livy:livy-assembly =0.7.0-incubating - org.apache.livy:livy-coverage-report...

5.4CVSS6AI score0.02816EPSS
Exploits0
NVD
NVD
added 2021/02/20 9:15 a.m.27 views

CVE-2021-26544

Livy server version 0.7.0-incubating only is vulnerable to a cross site scripting issue in the session name. A malicious user could use this flaw to access logs and results of other users' sessions and run jobs with their privileges. This issue is fixed in Livy 0.7.1-incubating...

5.4CVSS0.02816EPSS
Exploits0References3
OSV
OSV
added 2021/02/20 9:15 a.m.13 views

CVE-2021-26544

Livy server version 0.7.0-incubating only is vulnerable to a cross site scripting issue in the session name. A malicious user could use this flaw to access logs and results of other users' sessions and run jobs with their privileges. This issue is fixed in Livy 0.7.1-incubating...

5.4CVSS5.9AI score
Exploits0References3
Prion
Prion
added 2021/02/20 9:15 a.m.13 views

Cross site scripting

Livy server version 0.7.0-incubating only is vulnerable to a cross site scripting issue in the session name. A malicious user could use this flaw to access logs and results of other users' sessions and run jobs with their privileges. This issue is fixed in Livy 0.7.1-incubating...

3.5CVSS5AI score0.02816EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/02/20 9:0 a.m.30 views

CVE-2021-26544 Apache Livy (Incubating) is vulnerable to cross site scripting

Livy server version 0.7.0-incubating only is vulnerable to a cross site scripting issue in the session name. A malicious user could use this flaw to access logs and results of other users' sessions and run jobs with their privileges. This issue is fixed in Livy 0.7.1-incubating...

5.3AI score0.02816EPSS
Exploits0References3
Rows per page
Query Builder