Apache » Zeppelin : Security Vulnerabilities, CVEs, Published In 2019

CVE-2018-1328

Apache Zeppelin prior to 0.8.0 had a stored XSS issue via Note permissions. Issue reported by "Josna Joseph".
Max CVSS
6.1
EPSS Score
0.31%
Published
2019-04-23
Updated
2019-04-24

CVE-2018-1317

In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication.
Max CVSS
8.8
EPSS Score
0.25%
Published
2019-04-23
Updated
2019-04-30

CVE-2017-12619

Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone".
Max CVSS
8.1
EPSS Score
0.28%
Published
2019-04-23
Updated
2019-04-30
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close