Lucene search
China National Vulnerability DatabaseCNVD-2021-70120HistorySep 03, 2021 - 12:00 a.m.
Apache Zeppelin Command Injection Vulnerability
2021-09-0300:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
0.02 Low
EPSS
Percentile
89.0%
Apache Zeppelin is a Web-based open source notebook application from the Apache Foundation. The application supports interactive data analysis and collaborative documentation. Apache Zeppelin 0.9.0 and earlier versions contain a command injection vulnerability that could be exploited by an attacker to inject system commands into Spark interpreter settings.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache apache zeppelin | le | 0.9.0 |
Related
prion
prion
Command injection
2021-09-02 17:15:00
cve
cve
CVE-2019-10095
2021-09-02 17:15:07
cvelist
cvelist
CVE-2019-10095 bash command injection in spark interpreter
2021-09-02 00:00:00
osv
osv
Bash command injection in Apache Zeppelin
2021-09-07 22:56:43
CVE-2019-10095
2021-09-02 17:15:07
veracode
veracode
OS Command Injection
2021-09-03 02:34:56
github
github
Bash command injection in Apache Zeppelin
2021-09-07 22:56:43
nvd
nvd
CVE-2019-10095
2021-09-02 17:15:07
nessus
nessus
GLSA-202311-04 : Zeppelin: Multiple Vulnerabilities
2023-11-24 00:00:00
gentoo
gentoo
Zeppelin: Multiple Vulnerabilities
2023-11-24 00:00:00