Skip to main content

Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

© 2026 Mondoo, Inc.

Log in Get Assessment

Vulnerability IntelligenceSUSE-SU-2018:2689-1

SUSE-SU-2018:2689-1

MEDIUM5.3

Security update for spark

Published Sep 11, 2018

Modified 7 years ago

Fix available

Details

Description of the patch:

This update for spark fixes the following security issue:

CVE-2018-9159: Fix a security problem in the serving of static files. (bsc#1087837)

Affected Packages

spark

SUSE Manager Server 3.1

Fixed in:

2.3-3.3.1

References

https://bugzilla.suse.com/1087837

https://lists.suse.com/pipermail/sle-security-updates/2018-September/004554.html

https://www.suse.com/security/cve/CVE-2018-9159/

https://www.suse.com/support/security/rating/

https://www.suse.com/support/update/announcement/2018/suse-su-20182689-1/

CVSS Analysis

CVSS v3.0

5.3

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Privileges Required

NonePR:N

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

LowC:L

Integrity

NoneI:N

Availability

NoneA:N

5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Upstream

Ecosystems

SUSE Manager Server 3.1

Timeline

PublishedSep 11, 2018

ModifiedSep 11, 2018

SUSE-SU-2018:2689-1 | Mondoo Vulnerability Intelligence