CVE-2018-9159

MEDIUM

Spark < 2.7.2 - Path Traversal

Title source: rule

Description

In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.

Exploits (4)

nomisec WORKING POC

by dawetmaster · poc

https://github.com/dawetmaster/CVE-2018-9159-perwendel-spark-vulnerable

View Code ZIP pw:eip

nomisec WORKING POC

by andikahilmy · poc

https://github.com/andikahilmy/CVE-2018-9159-perwendel-spark-vulnerable

View Code ZIP pw:eip

nomisec WRITEUP

by shoucheng3 · poc

https://github.com/shoucheng3/perwendel__spark_CVE-2018-9159_2_7_2_fixed

View Code ZIP pw:eip

nomisec WRITEUP

by shoucheng3 · poc

https://github.com/shoucheng3/perwendel__spark_CVE-2018-9159_2-7-1

View Code ZIP pw:eip

References (7)

[Vendor Advisory] http://sparkjava.com/news#spark-272-released

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2018:2020

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2018:2405

[Patch, Third Party Advisory] https://github.com/perwendel/spark/commit/030e9d00125cbd1ad759668f85488aba1019c668

[Patch, Third Party Advisory] https://github.com/perwendel/spark/commit/a221a864db28eb736d36041df2fa6eb8839fc5cd

[Patch, Third Party Advisory] https://github.com/perwendel/spark/commit/ce9e11517eca69e58ed4378d1e47a02bd06863cc

[Issue Tracking, Third Party Advisory] https://github.com/perwendel/spark/issues/981

Scores

CVSS v3 5.3

EPSS 0.0106

EPSS Percentile 77.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-22

Status published

Products (2)

com.sparkjava/spark-core 0 - 2.7.2Maven

sparkjava/spark < 2.7.2

Published Mar 31, 2018

Tracked Since Feb 18, 2026