Lucene search

K
cvelistApacheCVELIST:CVE-2019-10095
HistorySep 02, 2021 - 12:00 a.m.

CVE-2019-10095 bash command injection in spark interpreter

2021-09-0200:00:00
apache
www.cve.org

0.02 Low

EPSS

Percentile

89.0%

bash command injection vulnerability in Apache Zeppelin allows an attacker to inject system commands into Spark interpreter settings. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.

CNA Affected

[
  {
    "vendor": "Apache Software Foundation",
    "product": "Apache Zeppelin",
    "versions": [
      {
        "version": "Apache Zeppelin",
        "status": "affected",
        "lessThanOrEqual": "0.9.0",
        "versionType": "custom"
      }
    ]
  }
]

0.02 Low

EPSS

Percentile

89.0%