spark-3.5-scala-2.13-python

Direct Vulnerabilities

Known vulnerabilities in the spark-3.5-scala-2.13-python package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L Information Exposure	*
H Deserialization of Untrusted Data	*
L Missing Authorization	*
L GHSA-xpw8-rcwv-8f8p	*
L Uncontrolled Recursion	*
L Incorrect Permission Assignment for Critical Resource	*
L Resource Exhaustion	*
C Authorization Bypass Through User-Controlled Key	*
H Deserialization of Untrusted Data	*
M CVE-2024-6763	*
H Out-of-bounds Write	*
H CVE-2023-52428	*
M Allocation of Resources Without Limits or Throttling	*
L Improper Input Validation	*
H Deserialization of Untrusted Data	*
L Out-of-bounds Write	*
H CVE-2022-3509	*
L Uncontrolled Recursion	*
M CVE-2021-22569	*
H Allocation of Resources Without Limits or Throttling	*
H Loop with Unreachable Exit Condition ('Infinite Loop')	*
L Deserialization of Untrusted Data	*
L CVE-2025-48734	*
L Improper Validation of Certificate with Host Mismatch	*
L Resource Exhaustion	*
H HTTP Request Smuggling	*
C HTTP Request Smuggling	*
L Integer Overflow or Wraparound	*
L Resource Exhaustion	*
C HTTP Request Smuggling	*
H HTTP Response Splitting	*
L CRLF Injection	*
L HTTP Request Smuggling	*
C HTTP Request Smuggling	*
M Improper Validation of Certificate with Host Mismatch	*
H Improper Encoding or Escaping of Output	*
H Improper Encoding or Escaping of Output	*
L GHSA-72hv-8253-57qq	<3.5.8-r3
L Arbitrary Code Injection	<3.5.8-r1
H Out-of-bounds Read	*
M Improper Certificate Validation	*
L CRLF Injection	*
L Creation of Temporary File With Insecure Permissions	*
M CVE-2023-42503	*
L Incorrect Permission Assignment for Critical Resource	*
L CVE-2024-29025	*
L Information Exposure	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
H CVE-2022-3171	*
L Stack-based Buffer Overflow	*
H CVE-2022-3510	*
L CVE-2025-24970	*
M Improper Handling of Length Parameter Inconsistency	*
M Improper Input Validation	*
M Allocation of Resources Without Limits or Throttling	*
H Files or Directories Accessible to External Parties	*
L GHSA-58qw-p7qm-5rvh	*
H Improper Handling of Highly Compressed Data (Data Amplification)	*
L Resource Exhaustion	*
L Out-of-bounds Write	*
H Uncontrolled Recursion	*
H HTTP Request Smuggling	*
H Improper Certificate Validation	*
H Out-of-bounds Write	*
L CVE-2024-25638	*
H Out-of-bounds Write	*
H Resource Exhaustion	*
M Resource Exhaustion	*

Vulnerability

Vulnerable Version

Information Exposure