VYPR

Maven package

org.apache.spark/spark-core

pkg:maven/org.apache.spark/spark-core

Vulnerabilities (1)

  • CVE-2021-38296Mar 10, 2022
    affected < 3.1.3fixed 3.1.3

    Apache Spark supports end-to-end encryption of RPC connections via "spark.authenticate" and "spark.network.crypto.enabled". In versions 3.1.2 and earlier, it uses a bespoke mutual authentication protocol that allows for full encryption key recovery. After an initial interactive a