CVE-2024-23945 | Apache Spark up to 3.3.3/3.4.1/3.5.0 Signed Cookie information exposure

Inserito da Angelo Barbosa | Dic 23, 2024 | CVE

A vulnerability has been found in Apache Spark up to 3.3.3/3.4.1/3.5.0 and classified as problematic. This vulnerability affects unknown code of the component Signed Cookie Handler. The manipulation leads to information exposure through error message.

This vulnerability was named CVE-2024-23945. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23945 | Apache Spark up to 3.3.3/3.4.1/3.5.0 Signed Cookie information exposure

Post correlati

CVE-2024-38821 | Vmware Spring Security up to 6.3.3 WebFlux improper authorization

CVE-2023-36391 | Microsoft Windows 11 23H2 Local Security Authority Subsystem Service Local Privilege Escalation

CVE-2024-1680 | Premium Addons for Elementor Plugin up to 4.10.21 on WordPress cross site scripting

CVE-2021-47150 | Linux Kernel up to 4.19.192/5.4.123/5.10.41/5.12.8 fec_enet_init memory leak