Lucene search
China National Vulnerability DatabaseCNVD-2024-17934HistoryApr 11, 2024 - 12:00 a.m.
Apache Zeppelin Input Validation Error Vulnerability (CNVD-2024-17934)
2024-04-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
apache zeppelin
web-based
open source
apache foundation
interactive data analysis
collaborative documentation
input validation error
attacker
server account
file system
Apache Zeppelin is a Web-based open source laptop application from the Apache (USA) Foundation. The program supports interactive data analysis and collaborative documentation. Apache Zeppelin suffers from an input validation error vulnerability that can be exploited by an attacker to view a server account and access the contents of any file on the file system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache zeppelin >=0.9.0, | lt | 0.11.0 |
Related
cvelist
cvelist
CVE-2024-31860 Apache Zeppelin: Path traversal vulnerability
2024-04-09 09:08:28
github
github
Apache Zeppelin Path Traversal vulnerability
2024-04-09 09:31:12
veracode
veracode
Path Traversal
2024-04-10 05:24:09
cve
cve
CVE-2024-31860
2024-04-09 09:15:26
nvd
nvd
CVE-2024-31860
2024-04-09 09:15:26
osv
osv
Apache Zeppelin Path Traversal vulnerability
2024-04-09 09:31:12