Apache Zeppelin vulnerabilities
22 known vulnerabilities affecting apache/zeppelin.
Total CVEs
22
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH4MEDIUM15
Vulnerabilities
Page 2 of 2
CVE-2018-1317HIGHCVSS 8.8fixed in 0.8.02019-04-23
CVE-2018-1317 [HIGH] CWE-287 CVE-2018-1317: In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to
In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication.
nvd
CVE-2018-1328MEDIUMCVSS 6.1fixed in 0.8.02019-04-23
CVE-2018-1328 [MEDIUM] CWE-79 CVE-2018-1328: Apache Zeppelin prior to 0.8.0 had a stored XSS issue via Note permissions. Issue reported by "Josna
Apache Zeppelin prior to 0.8.0 had a stored XSS issue via Note permissions. Issue reported by "Josna Joseph".
nvd
← Previous2 / 2