VDB

CVE-2025-55039

CVE-2025-55039 PUBLISHED CVSS 4.599999904632568 MEDIUM

Apache Spark has Inadequate Encryption Strength

EPSS 0.10% · 27.1th percentile

Risk Scores

CVSS 4.0
4.599999904632568
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
EPSS Score
0.10%
27.1th percentile

Affected Products

VendorProductVersions
Apache Software FoundationApache Spark3.5.0, 0
apachespark0, 3.5.0
Apache Software FoundationApache Spark0, 3.5.0
Mavenorg.apache.spark:spark-network-common_2.123.5.0, 0
Mavenorg.apache.spark:spark-network-common_2.133.5.0, 0

Timeline

  • CVE Published
  • Oct 14, 2025 PoC Published
  • Oct 14, 2025 PoC Published
  • Oct 15, 2025 EPSS Score
  • Oct 21, 2025 EPSS Score
  • Oct 27, 2025 EPSS Score
  • Nov 2, 2025 EPSS Score
  • Nov 8, 2025 EPSS Score
  • Nov 15, 2025 EPSS Score
  • Nov 21, 2025 EPSS Score
  • Nov 27, 2025 EPSS Score
  • Dec 3, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›