Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

helm

cloudnativeapp/zeppelin

helm

Web-based notebook that enables data-driven, interactive data analytics and collaborative documents with SQL, Scala and more.

View on github.com · View on artifacthub.io

Security Advisories for cloudnativeapp/zeppelin in helm

Potential
Moderate
7 months ago

Apache Zeppelin: XSS in the Helium module GSA_kwCzR0hTQS1wMjg4LTQ1OXctanhqNs4ABKvh

maven org.apache.zeppelin:zeppelin-web
Potential
Moderate
7 months ago

Apache Zeppelin: Missing Origin Validation in WebSockets vulnerability GSA_kwCzR0hTQS14ZzhqLWo2dnAtNmg1d84ABKvf

maven org.apache.zeppelin:zeppelin-shell
Potential
Moderate
7 months ago

Apache Zeppelin: Arbitrary file read by adding malicious JDBC connection string GSA_kwCzR0hTQS1qcjQzLXE5MnEtNXE4Ms4ABKvg

maven org.apache.zeppelin:zeppelin-jdbc
Potential
High
8 months ago

Apache Zeppelin exposes server resources to unauthenticated attackers GSA_kwCzR0hTQS03cGdmLXBweHctODYyNM4ABKE_

maven org.apache.zeppelin:zeppelin-server, org.apache.zeppelin:zeppelin-interpreter
Potential
Moderate
almost 2 years ago

Code injection in Apache Zeppelin Shell GSA_kwCzR0hTQS04cGZqLXc4OXctbTI0eM4AA67A

maven org.apache.zeppelin:zeppelin-shell
Potential
Moderate
almost 2 years ago

Apache Zeppelin: LDAP search filter query Injection Vulnerability GSA_kwCzR0hTQS1xbXIzLTUyeGYtd21oeM4AA6yr

maven org.apache.zeppelin:zeppelin-server
Potential
Moderate
almost 2 years ago

Apache Zeppelin vulnerable to cross-site scripting in the helium module GSA_kwCzR0hTQS1ycnZmLTV3NHItM3g3ds4AA6wc

maven org.apache.zeppelin:zeppelin-interpreter
Potential
Moderate
almost 2 years ago

Apache Zeppelin: Cron arbitrary user impersonation with improper privileges GSA_kwCzR0hTQS1nNDRtLXg1aDctZnI1cc4AA6wa

maven org.apache.zeppelin:zeppelin-server
Potential
Critical
almost 2 years ago

Apache Zeppelin remote code execution by adding malicious JDBC connection string GSA_kwCzR0hTQS02Nmo4LWM4M20tZ2o1Zs4AA6wb

maven org.apache.zeppelin:zeppelin-jdbc
Potential
Critical
almost 2 years ago

Improper escaping in Apache Zeppelin GSA_kwCzR0hTQS04Nmp4LXdyNzQteHI3NM4AA6wZ

maven org.apache.zeppelin:zeppelin-interpreter
Potential
Moderate
almost 2 years ago

Apache Zeppelin: Denial of service with invalid notebook name GSA_kwCzR0hTQS02NjIzLWM2bXItNjczN84AA6vz

maven org.apache.zeppelin:zeppelin-server
Potential
Moderate
almost 2 years ago

Apache Zeppelin: Replacing other users notebook, bypassing any permissions GSA_kwCzR0hTQS1tNjVjLXdtdzktdm1wcM4AA6v0

maven org.apache.zeppelin:zeppelin-server
Potential
Moderate
almost 2 years ago

Apache Zeppelin SAP: connecting to a malicious SAP server allowed it to perform XXE GSA_kwCzR0hTQS1ycjU5LWg2cmgtdjg0ds4AA6vw

maven org.apache.zeppelin:sap
Potential
Moderate
almost 2 years ago

Apache Zeppelin Path Traversal vulnerability GSA_kwCzR0hTQS1nNjRyLXhmMzktcTRwNc4AA6vv

maven org.apache.zeppelin:zeppelin-server

Filter by Severity

Moderate 11 Critical 2 High 1