Lucene search
HistoryDec 16, 2022 - 1:15 p.m.
CVE-2021-28655
cve-2021-28655
input validation
apache zeppelin
arbitrary files
security vulnerability
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
EPSS
0.002
Percentile
53.1%
The improper Input Validation vulnerability in "”Move folder to Trash” feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.
Affected configurations
Node
apachezeppelinRange≤0.9.0
Related
osv
osv
Apache Zeppelin Improper Input Validation vulnerability
2023-07-06 19:24:05
CVE-2021-28655
2022-12-16 13:15:08
cvelist
cvelist
CVE-2021-28655 Apache Zeppelin: Arbitrary file deletion vulnerability
2022-12-16 12:51:51
prion
prion
Input validation
2022-12-16 13:15:00
github
github
Apache Zeppelin Improper Input Validation vulnerability
2023-07-06 19:24:05
veracode
veracode
Arbitrary File Deletion
2022-12-19 01:14:46
cnvd
cnvd
Apache Zeppelin input validation error vulnerability
2022-12-20 00:00:00
cve
cve
CVE-2021-28655
2022-12-16 13:15:08
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
EPSS
0.002
Percentile
53.1%
Related for NVD:CVE-2021-28655