Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2021-70120
HistorySep 03, 2021 - 12:00 a.m.

Apache Zeppelin Command Injection Vulnerability

2021-09-0300:00:00
China National Vulnerability Database
www.cnvd.org.cn
4

0.02 Low

EPSS

Percentile

89.0%

Apache Zeppelin is a Web-based open source notebook application from the Apache Foundation. The application supports interactive data analysis and collaborative documentation. Apache Zeppelin 0.9.0 and earlier versions contain a command injection vulnerability that could be exploited by an attacker to inject system commands into Spark interpreter settings.

CPENameOperatorVersion
apache apache zeppelinle0.9.0

0.02 Low

EPSS

Percentile

89.0%