org.apache.spark:spark-network-common_2.12@3.1.1 vulnerabilities
-
latest version
3.5.1
-
latest non vulnerable version
-
first published
6 years ago
-
latest version published
3 months ago
-
licenses detected
- [2.4.0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.spark:spark-network-common_2.12 package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.apache.spark:spark-network-common_2.12 is an open-source distributed general-purpose cluster-computing framework. Affected versions of this package are vulnerable to Information Exposure via a bespoke mutual authentication protocol that allows for full encryption key recovery. This would allow a malicious actor who has access to the machine to decrypt captured network traffic offline. How to fix Information Exposure? Upgrade |
[,3.1.3)
|