Lucene search
ApacheCVELIST:CVE-2019-10095HistorySep 02, 2021 - 12:00 a.m.
CVE-2019-10095 bash command injection in spark interpreter
2021-09-0200:00:00
apache
www.cve.org
0.02 Low
EPSS
Percentile
89.0%
bash command injection vulnerability in Apache Zeppelin allows an attacker to inject system commands into Spark interpreter settings. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.
CNA Affected
[
{
"vendor": "Apache Software Foundation",
"product": "Apache Zeppelin",
"versions": [
{
"version": "Apache Zeppelin",
"status": "affected",
"lessThanOrEqual": "0.9.0",
"versionType": "custom"
}
]
}
]References
www.openwall.com/lists/oss-security/2021/09/02/1
lists.apache.org/thread.html/rd56389ba9cab30a6c976b9a4a6df0f85cbe8fba6a60a3cf6e3ba716b%40%3Cusers.zeppelin.apache.org%3E
lists.apache.org/thread.html/rdf06e8423833b3daadc30c56a2ff47c48920864d5199476daa897208%40%3Cannounce.apache.org%3E
lists.apache.org/thread.html/rdf06e8423833b3daadc30c56a2ff47c48920864d5199476daa897208%40%3Cusers.zeppelin.apache.org%3E
security.gentoo.org/glsa/202311-04
Related
cnvd
cnvd
Apache Zeppelin Command Injection Vulnerability
2021-09-03 00:00:00
osv
osv
Bash command injection in Apache Zeppelin
2021-09-07 22:56:43
CVE-2019-10095
2021-09-02 17:15:07
cve
cve
CVE-2019-10095
2021-09-02 17:15:07
prion
prion
Command injection
2021-09-02 17:15:00
nvd
nvd
CVE-2019-10095
2021-09-02 17:15:07
veracode
veracode
OS Command Injection
2021-09-03 02:34:56
github
github
Bash command injection in Apache Zeppelin
2021-09-07 22:56:43
gentoo
gentoo
Zeppelin: Multiple Vulnerabilities
2023-11-24 00:00:00
nessus
nessus
GLSA-202311-04 : Zeppelin: Multiple Vulnerabilities
2023-11-24 00:00:00