Skip to content

[Snyk] Upgrade org.apache.spark:spark-sql_2.12 from 3.3.0 to 3.5.0#2

Open
pingxieTG wants to merge 1 commit into
masterfrom
snyk-upgrade-0143356048d896fbed3ef1ce0f72391e
Open

[Snyk] Upgrade org.apache.spark:spark-sql_2.12 from 3.3.0 to 3.5.0#2
pingxieTG wants to merge 1 commit into
masterfrom
snyk-upgrade-0143356048d896fbed3ef1ce0f72391e

Conversation

@pingxieTG

Copy link
Copy Markdown
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade org.apache.spark:spark-sql_2.12 from 3.3.0 to 3.5.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 8 versions ahead of your current version.
  • The recommended version was released 4 months ago, on 2023-09-09.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Integer Overflow
SNYK-JAVA-COMGOOGLEPROTOBUF-173761
654/1000
Why? Has a fix available, CVSS 8.8
No Known Exploit
Denial of Service (DoS)
SNYK-JAVA-COMGOOGLEPROTOBUF-2331703
654/1000
Why? Has a fix available, CVSS 8.8
No Known Exploit
Denial of Service (DoS)
SNYK-JAVA-COMGOOGLEPROTOBUF-3167772
654/1000
Why? Has a fix available, CVSS 8.8
No Known Exploit
Denial of Service (DoS)
SNYK-JAVA-COMGOOGLEPROTOBUF-3040284
654/1000
Why? Has a fix available, CVSS 8.8
No Known Exploit
Improper Handling of Length Parameter Inconsistency
SNYK-JAVA-ORGECLIPSEJETTY-5902998
654/1000
Why? Has a fix available, CVSS 8.8
Proof of Concept
Denial of Service (DoS)
SNYK-JAVA-ORGECLIPSEJETTY-5426159
654/1000
Why? Has a fix available, CVSS 8.8
No Known Exploit
Improper Input Validation
SNYK-JAVA-ORGECLIPSEJETTY-2945452
654/1000
Why? Has a fix available, CVSS 8.8
No Known Exploit
Information Exposure
SNYK-JAVA-ORGECLIPSEJETTY-5426161
654/1000
Why? Has a fix available, CVSS 8.8
No Known Exploit
Information Exposure
SNYK-JAVA-ORGECLIPSEJETTY-5426160
654/1000
Why? Has a fix available, CVSS 8.8
No Known Exploit

(*) Note that the real score may have changed since the PR was raised.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants