VDB
CVE-2025-55039
CVE-2025-55039
PUBLISHED
CVSS 4.599999904632568 MEDIUM
Apache Spark has Inadequate Encryption Strength
EPSS 0.10% · 27.1th percentile
Risk Scores
CVSS 4.0
4.599999904632568
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
EPSS Score
0.10%
27.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache Software Foundation | Apache Spark | 3.5.0, 0 |
| apache | spark | 0, 3.5.0 |
| Apache Software Foundation | Apache Spark | 0, 3.5.0 |
| Maven | org.apache.spark:spark-network-common_2.12 | 3.5.0, 0 |
| Maven | org.apache.spark:spark-network-common_2.13 | 3.5.0, 0 |
Timeline
- CVE Published
- Oct 14, 2025 PoC Published
- Oct 14, 2025 PoC Published
- Oct 15, 2025 EPSS Score
- Oct 21, 2025 EPSS Score
- Oct 27, 2025 EPSS Score
- Nov 2, 2025 EPSS Score
- Nov 8, 2025 EPSS Score
- Nov 15, 2025 EPSS Score
- Nov 21, 2025 EPSS Score
- Nov 27, 2025 EPSS Score
- Dec 3, 2025 EPSS Score