FLAT-FUUQG (CVE-2025-54920)
Insecure deserialization In org.apache.spark:spark-core_2.10
5.8
Medium
Ecosystem: Maven
Package: org.apache.spark:spark-core_2.10
FLAT-8LP8I (CVE-2023-22946)
Excessive privileges In org.apache.spark:spark-core_2.12
7.7
High
Ecosystem: Maven
Package: org.apache.spark:spark-core_2.12
FLAT-LUJRS (CVE-2022-31777)
Lack of data validation In org.apache.spark:spark-core_2.12
2.3
Low
Ecosystem: Maven
Package: org.apache.spark:spark-core_2.12
FLAT-0317I (CVE-2018-11804)
Lack of data validation In org.apache.spark:spark-core
6.6
Medium
Ecosystem: Maven
Package: org.apache.spark:spark-core
FLAT-QTW3T (CVE-2019-10099)
Non-encrypted confidential information In org.apache.spark:spark-core_2.11
6.6
Medium
Ecosystem: Maven
Package: org.apache.spark:spark-core_2.11
FLAT-EE2MA (CVE-2018-1334)
Sensitive information sent insecurely In org.apache.spark:spark-core_2.11
2.3
Low
Ecosystem: Maven
Package: org.apache.spark:spark-core_2.11
FLAT-H4JIY (CVE-2018-8024)
Business information leak In org.apache.spark:spark-core_2.10
1.2
Low
Ecosystem: Maven
Package: org.apache.spark:spark-core_2.10
FLAT-0J5HG (CVE-2018-17190)
Server side template injection In org.apache.spark:spark-core_2.11
8.1
High
Ecosystem: Maven
Package: org.apache.spark:spark-core_2.11
FLAT-922H5 (CVE-2017-12612)
Insecure deserialization In org.apache.spark:spark-core_2.10
5.9
Medium
Ecosystem: Maven
Package: org.apache.spark:spark-core_2.10
FLAT-KLW5B (CVE-2017-7678)
Reflected cross-site scripting (XSS) In org.apache.spark:spark-core_2.10
1.3
Low
Ecosystem: Maven
Package: org.apache.spark:spark-core_2.10
FLAT-TYNBD (CVE-2018-11770)
Improper authorization control for web services In org.apache.spark:spark-core_2.10
0.6
Low
Ecosystem: Maven
Package: org.apache.spark:spark-core_2.10