VYPR

Maven package

org.apache.spark/spark-network-common_2.12

pkg:maven/org.apache.spark/spark-network-common_2.12

Vulnerabilities (1)

  • CVE-2025-55039Oct 15, 2025
    affected < 3.4.4fixed 3.4.4

    This issue affects Apache Spark versions before 3.4.4, 3.5.2 and 4.0.0. Apache Spark versions before 4.0.0, 3.5.2 and 3.4.4 use an insecure default network encryption cipher for RPC communication between nodes. When spark.network.crypto.enabled is set to true (it is set to f