Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:34613
HistoryMar 11, 2022 - 10:49 a.m.

Information Disclosure

2022-03-1110:49:07
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11

0.001 Low

EPSS

Percentile

19.1%

org.apache.spark:spark-hive-thriftserver_2.12 is vulnerable to information disclosure. The vulnerability allows someone to decrypt plaintext traffic offline because the library uses a bespoke mutual authentication protocol that allows for full encryption key recovery resulting in disclosure of sensitive information.

0.001 Low

EPSS

Percentile

19.1%