Apache Zeppelin: LDAP search filter query Injection Vulnerability
CVE-2024-31867
6.5MEDIUM
What is CVE-2024-31867?
Improper Input Validation vulnerability in Apache Zeppelin.
The attackers can execute malicious queries by setting improper configuration properties to LDAP search filter. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1.
Users are recommended to upgrade to version 0.11.1, which fixes the issue.
Affected Version(s)
Apache Zeppelin 0.8.2 < 0.11.1