Apache Zeppelin Vulnerabilities

Apache Zeppelin: LDAP search filter query Injection Vulnerability

CVE-2024-31867

ApacheApache Zeppelin6.5MEDIUM

Apache Zeppelin: XSS vulnerability in the helium module

CVE-2024-31868

ApacheApache Zeppelin

Apache Zeppelin: Interpreter download command does not escape malicious code injection

CVE-2024-31866

ApacheApache Zeppelin9.8CRITICAL

Apache Zeppelin: Cron arbitrary user impersonation with improper privileges

CVE-2024-31865

ApacheApache Zeppelin6.5MEDIUM

Apache Zeppelin: Remote code execution by adding malicious JDBC connection string

CVE-2024-31864

ApacheApache Zeppelin9.8CRITICAL

Authentication Bypass by Spoofing vulnerability in Apache Zeppelin

CVE-2024-31863

ApacheApache Zeppelin5.3MEDIUM

Improper Input Validation vulnerability in Apache Zeppelin

CVE-2024-31862

ApacheApache Zeppelin5.3MEDIUM

Improper Input Validation Vulnerability Affects Apache Zeppelin SAP

CVE-2022-47894

ApacheApache Zeppelin SAP5.3MEDIUM

Apache Zeppelin CSRF Vulnerability Allows Malicious Request Submission

CVE-2021-28656

ApacheApache Zeppelin5.4MEDIUM

Attackers Can Access Contents of Files on Server with Improper Input Validation Vulnerability in Apache Zeppelin

CVE-2024-31860

ApacheApache Zeppelin6.5MEDIUM

Apache Zeppelin: Stored XSS in note permissions

CVE-2022-46870

ApacheApache Zeppelin5.4MEDIUM

Apache Zeppelin: Arbitrary file deletion vulnerability

CVE-2021-28655

ApacheApache Zeppelin6.5MEDIUM

Notebook permissions bypass

CVE-2020-13929

ApacheApache Zeppelin7.5HIGH

Cross Site Scripting in markdown interpreter

CVE-2021-27578

ApacheApache Zeppelin6.1MEDIUM

bash command injection in spark interpreter

CVE-2019-10095

ApacheApache Zeppelin9.8CRITICAL

Stored XSS Vulnerability in Apache Zeppelin Affecting Version Prior to 0.8.0

CVE-2018-1328

ApacheApache Zeppelin6.1MEDIUM

Remote Code Execution in Apache Zeppelin before 0.8.0

CVE-2018-1317

ApacheApache Zeppelin8.8HIGH

Session Fixation Vulnerability in Apache Zeppelin by Apache

CVE-2017-12619

ApacheApache Zeppelin8.1HIGH

Apache Zeppelin Vulnerabilities

Vulnerability Published:

Sort By:

9 April 2024

Apache Zeppelin: LDAP search filter query Injection Vulnerability

Apache Zeppelin: XSS vulnerability in the helium module

Apache Zeppelin: Interpreter download command does not escape malicious code injection

Apache Zeppelin: Cron arbitrary user impersonation with improper privileges

Apache Zeppelin: Remote code execution by adding malicious JDBC connection string

Authentication Bypass by Spoofing vulnerability in Apache Zeppelin

Improper Input Validation vulnerability in Apache Zeppelin

Improper Input Validation Vulnerability Affects Apache Zeppelin SAP

Apache Zeppelin CSRF Vulnerability Allows Malicious Request Submission

Attackers Can Access Contents of Files on Server with Improper Input Validation Vulnerability in Apache Zeppelin

16 December 2022

Apache Zeppelin: Stored XSS in note permissions

Apache Zeppelin: Arbitrary file deletion vulnerability

2 September 2021

Notebook permissions bypass

Cross Site Scripting in markdown interpreter

bash command injection in spark interpreter

23 April 2019

Stored XSS Vulnerability in Apache Zeppelin Affecting Version Prior to 0.8.0

Remote Code Execution in Apache Zeppelin before 0.8.0

Session Fixation Vulnerability in Apache Zeppelin by Apache