Zeppelin@0.9.0 Security Vulnerabilities and Issues — Zeppelin@0.9.0 CVE List

Lucene search

ApacheZeppelin0.9.0

5 matches found

CVE•added 2021/09/02 5:15 p.m.•87 views

CVE-2019-10095

bash command injection vulnerability in Apache Zeppelin allows an attacker to inject system commands into Spark interpreter settings. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.

10CVSS9.7AI score0.03025EPSS

CVE•added 2021/09/02 5:15 p.m.•75 views

CVE-2020-13929

Authentication bypass vulnerability in Apache Zeppelin allows an attacker to bypass Zeppelin authentication mechanism to act as another user. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.

7.5CVSS7.7AI score0.001EPSS

CVE•added 2024/04/09 9:15 a.m.•71 views

CVE-2024-31860

Improper Input Validation vulnerability in Apache Zeppelin. By adding relative path indicators(E.g ..), attackers can see the contents for any files in the filesystem that the server account can access. This issue affects Apache Zeppelin: from 0.9.0 before 0.11.0. Users are recommended to upgrade t...

6.5CVSS6.4AI score0.00547EPSS

CVE•added 2024/04/09 10:15 a.m.•53 views

CVE-2021-28656

Cross-Site Request Forgery (CSRF) vulnerability in Credential page of Apache Zeppelin allows an attacker to submit malicious request. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.

5.4CVSS5.4AI score0.01268EPSS

CVE•added 2022/12/16 1:15 p.m.•44 views

CVE-2021-28655

The improper Input Validation vulnerability in "”Move folder to Trash” feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.

6.5CVSS6.4AI score0.00043EPSS