2 matches found
OS Command Injection
zeppelin-zengine is vulnerable to OS command injection. An attacker is able to inject bash commands into Spark interpreter settings...
PT-2021-8864 · Apache · Apache Zeppelin
Name of the Vulnerable Software and Affected Versions: Apache Zeppelin versions 0.9.0 and prior versions Description: A bash command injection issue in Apache Zeppelin allows an attacker to inject system commands into Spark interpreter settings. Recommendations: For Apache Zeppelin versions 0.9.0...