VYPR

apk package

chainguard/spark-3.5.0-compat-minimal

pkg:apk/chainguard/spark-3.5.0-compat-minimal

Vulnerabilities (4)

  • CVE-2024-24549Mar 13, 2024
    affected < 3.5.0-r4fixed 3.5.0-r4

    Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers ha

  • CVE-2023-46589Nov 28, 2023
    affected < 3.5.0-r4fixed 3.5.0-r4

    Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header si

  • CVE-2023-1370Mar 13, 2023
    affected < 0fixed 0

    [Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib. When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting o

  • CVE-2021-31684Jun 1, 2021
    affected < 0fixed 0

    A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4 which causes a denial of service (DOS) via a crafted web request.