CVE-2018-1317
CVE-2018-1317 affects Apache Zeppelin prior to 0.8.0, where the cron scheduler was enabled by default. This could allow users to run paragraphs as other users without authentication, constituting an authentication bypass. The documented remediation is to upgrade to Zeppelin 0.8.0 or later, which ...