Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/08/05 10:25 a.m.11 views

CVE-2024-52279

Improper Input Validation vulnerability in Apache Zeppelin. The fix for JDBC URL validation in CVE-2024-31864 did not account for URL encoded input. This issue affects Apache Zeppelin: from 0.11.1 before 0.12.0. Users are recommended to upgrade to version 0.12.0, which fixes the issue...

9.8CVSS9.3AI score0.01257EPSS
Exploits0References1
Circl
Circl
added 2025/08/03 2:3 p.m.15 views

CVE-2024-52279

creationtimestamp| type| source ---|---|--- 2025-08-03 14:03:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvittswm732d 2025-08-03 15:52:05+00:00| seen| https://seclists.org/oss-sec/2025/q3/72 2025-08-03 18:22:49+00:00| seen|...

7.5CVSS5.3AI score0.00921EPSS
Exploits0References3
NVD
NVD
added 2025/08/03 10:15 a.m.5 views

CVE-2024-52279

Improper Input Validation vulnerability in Apache Zeppelin. The fix for JDBC URL validation in CVE-2024-31864 did not account for URL encoded input. This issue affects Apache Zeppelin: from 0.11.1 before 0.12.0. Users are recommended to upgrade to version 0.12.0, which fixes the issue...

7.5CVSS0.01257EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/08/03 10:2 a.m.12 views

CVE-2024-52279 Apache Zeppelin: Arbitrary file read by adding malicious JDBC connection string

Improper Input Validation vulnerability in Apache Zeppelin. The fix for JDBC URL validation in CVE-2024-31864 did not account for URL encoded input. This issue affects Apache Zeppelin: from 0.11.1 before 0.12.0. Users are recommended to upgrade to version 0.12.0, which fixes the issue...

0.00921EPSS
Exploits0References4
OSV
OSV
added 2025/08/03 10:2 a.m.4 views

CVE-2024-52279 Apache Zeppelin: Arbitrary file read by adding malicious JDBC connection string

Improper Input Validation vulnerability in Apache Zeppelin. The fix for JDBC URL validation in CVE-2024-31864 did not account for URL encoded input. This issue affects Apache Zeppelin: from 0.11.1 before 0.12.0. Users are recommended to upgrade to version 0.12.0, which fixes the issue...

7.5CVSS7.2AI score0.01257EPSS
Exploits0References8
CVE
CVE
added 2025/08/03 10:2 a.m.26 views

CVE-2024-52279

CVE-2024-52279 affects Apache Zeppelin (0.11.1 before 0.12.0). The issue is an improper input validation in the JDBC URL handling that did not account for URL-encoded input, enabling an attack via a malicious JDBC connection string and potentially leading to arbitrary file read. The evidence link...

7.5CVSS9.4AI score0.01257EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder