VYPR

apk package

chainguard/spark-3.5-scala-2.13-compat

pkg:apk/chainguard/spark-3.5-scala-2.13-compat

Vulnerabilities (23)

  • CVE-2019-10172Nov 18, 2019
    affected < 0fixed 0

    A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.

  • CVE-2019-10202Oct 1, 2019
    affected < 3.5.5-r0fixed 3.5.5-r0

    A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by impleme

  • CVE-2018-1330HigSep 13, 2018
    affected < 3.5.7-r2fixed 3.5.7-r2

    When parsing a malformed JSON payload, libprocess in Apache Mesos versions 1.4.0 to 1.5.0 might crash due to an uncaught exception. Parsing chunked HTTP requests with trailers can lead to a libprocess crash too because of the mistakenly planted assertion. A malicious actor can th

Page 2 of 2