Total
22 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1317 | 1 Apache | 1 Zeppelin | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication. | |||||
| CVE-2017-12619 | 1 Apache | 1 Zeppelin | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone". | |||||