Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
SparkjavaSpark

2 matches found

CVE
CVEadded 2016/11/04 10:0 a.m.106 views

CVE-2016-9177

CVE-2016-9177 affects Spark 2.5 (path traversal vulnerability in static file serving). The root cause is directory traversal protection not preventing a .. in the URI, allowing an attacker to read arbitrary server files. Documented impact includes potential exposure of sensitive data. Mitigation ...

7.5CVSS7.5AI score0.0551EPSS
CVE
CVEadded 2018/03/31 9:0 p.m.91 views

CVE-2018-9159

CVE-2018-9159 affects Spark before 2.7.2, allowing a remote attacker to disclose unintended static files via absolute/relative path representations (including file: URLs and directory traversal). The issue is addressed by Spark 2.7.2 and upstream fixes cited by Red Hat and SUSE OSV/RH advisories;...

5.3CVSS5.1AI score0.00787EPSS