263 matches found
CVE-2017-12619
Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone"...
CVE-2017-12619
CVE-2017-12619 affects Apache Zeppelin prior to 0.7.3, where a session fixation flaw could allow an attacker to hijack a valid user session. The issue is documented across multiple sources (NVD entry for CVE-2017-12619 and OSV/GHSA advisories) and is commonly described as a session fixation vulne...
Information Leakage
Apache Zeppelin Zengine is vulnerable to sensitive information leakage. Sensitive information is logged or printed out from Authentication.java when the system data leaves the program through an output stream or logger...