Lucene search
China National Vulnerability DatabaseCNVD-2022-74075HistoryNov 03, 2022 - 12:00 a.m.
Apache Spark Injection Vulnerability
2022-11-0300:00:00
China National Vulnerability Database
www.cnvd.org.cn
21
apache spark
injection vulnerability
arbitrary execution
javascript
data processing
acyclic streaming
in-memory computing
EPSS
0.001
Percentile
30.3%
Apache Spark, a large-scale data processing engine from the Apache Foundation that supports acyclic data streaming and in-memory computing, is vulnerable to injection. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in a user’s web browser.
Related
redhatcve
redhatcve
CVE-2022-31777
2022-11-23 16:56:13
prion
prion
Cross site scripting
2022-11-01 16:15:00
osv
osv
Apache Spark vulnerable to Log Injection
2022-11-01 19:00:29
BIT-spark-2022-31777
2024-03-06 11:05:38
CVE-2022-31777
2022-11-01 16:15:13
veracode
veracode
Cross-site Scripting (XSS)
2022-11-02 02:13:04
ibm
ibm
nessus
nessus
Apache Spark < 3.2.2 / 3.3.0 < 3.3.1 XSS (CVE-2022-31777)
2023-10-04 00:00:00
Oracle Business Intelligence Enterprise Edition (OAS) (July 2023 CPU)
2023-07-21 00:00:00
cve
cve
CVE-2022-31777
2022-11-01 16:15:13
github
github
Apache Spark vulnerable to Log Injection
2022-11-01 19:00:29
cvelist
cvelist
CVE-2022-31777 Apache Spark XSS vulnerability in log viewer UI Javascript
2022-11-01 00:00:00
nvd
nvd
CVE-2022-31777
2022-11-01 16:15:13
redhat
redhat
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00