VYPR
← All advisories
Moderate severityNVD Advisory· Published Aug 3, 2025· Updated Nov 4, 2025

Apache Zeppelin: XSS in the Helium module

CVE-2024-41177

Description

Incomplete Blacklist to Cross-Site Scripting vulnerability in Apache Zeppelin.

This issue affects Apache Zeppelin: before 0.12.0.

Users are recommended to upgrade to version 0.12.0, which fixes the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Apache Zeppelin before 0.12.0 contains an incomplete blacklist allowing XSS via crafted input in the Helium module.

Vulnerability

Description Apache Zeppelin before version 0.12.0 is affected by an incomplete blacklist vulnerability in the Helium module, leading to a stored cross-site scripting (XSS) issue [1][3]. The root cause is insufficient sanitization of user-supplied input, specifically when rendering Helium descriptions as HTML in the frontend [2]. The blacklist intended to block malicious characters was incomplete, enabling attackers to inject arbitrary JavaScript.

Exploitation

Exploitation requires an authenticated user to craft a malicious Helium package description or similar input that bypasses the incomplete blacklist [4]. When the Zeppelin web interface renders this description (e.g., opening a modal dialog), the embedded script executes in the context of the victim's browser session. The vulnerability is accessible from the frontend, and no special network position is required beyond access to the Zeppelin notebook server.

Impact

An attacker can execute arbitrary JavaScript in the browser of any user viewing the maliciously crafted input, leading to session hijacking, theft of sensitive data, or defacement of the Zeppelin interface [1][4]. The impact is limited to the web application layer, but could compromise notebook credentials or API tokens stored in the browser.

Mitigation

Apache has fixed the issue in Zeppelin 0.12.0 by introducing proper escaping of vulnerable text before modal display [1] and removing dangerous HTML rendering from the Helium frontend [2]. Users are strongly recommended to upgrade to version 0.12.0 or later [3][4]. No workarounds have been published for earlier versions.

References
  1. [HOTFIX] Escaping vulnerable text when modal opens by Henry-Hong · Pull Request #4795 · apache/zeppelin
  2. [HOTFIX] Remove rendering helium description as HTML in Frontend by jongyoul · Pull Request #4755 · apache/zeppelin
  3. NVD - CVE-2024-41177
  4. security - CVE-2024-41177: Apache Zeppelin: XSS in the Helium module

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.zeppelin:zeppelin-webMaven
< 0.12.00.12.0

Affected products

2
  • Apache/Zeppelinllm-fuzzy
    Range: <0.12.0
  • Apache Software Foundation/Apache Zeppelinv5
    Range: 0

Patches

1
9e0fcc7b8ea4

[MINOR] Fix Dockerfile

https://github.com/apache/zeppelinJongyoul LeeFeb 8, 2025via osv
commit
3 files changed · +7 5
  • docs/development/contribution/how_to_contribute_code.md+2 2 modified
    @@ -54,10 +54,10 @@ Get the source code on your development machine using git.
 git clone git://gitbox.apache.org/repos/asf/zeppelin.git zeppelin
 ```
 
-You may also want to develop against a specific branch. For example, for branch-0.11.0
+You may also want to develop against a specific branch. For example, for branch-0.12
 
 ```bash
-git clone -b branch-0.11.0 git://gitbox.apache.org/repos/asf/zeppelin.git zeppelin
+git clone -b branch-0.12 git://gitbox.apache.org/repos/asf/zeppelin.git zeppelin
 ```
 
 Apache Zeppelin follows [Fork & Pull](https://github.com/sevntu-checkstyle/sevntu.checkstyle/wiki/Development-workflow-with-Git:-Fork,-Branching,-Commits,-and-Pull-Request) as a source control workflow.
  • scripts/docker/zeppelin/bin/Dockerfile+4 1 modified
    @@ -51,8 +51,11 @@ RUN set -ex && \
     export PATH=/opt/conda/bin:$PATH && \
     conda config --set always_yes yes --set changeps1 no && \
     conda info -a && \
+    conda config --remove channels defaults && \
+    conda config --add channels conda-forge && \
+    conda config --set channel_priority strict && \
     conda install mamba -c conda-forge && \
-    mamba env update -f /env_python_3_with_R.yml --prune && \
+    mamba env create -f /env_python_3_with_R.yml -c conda-forge && \
     # Cleanup
     rm -v miniconda.sh anaconda.sha256  && \
     # Cleanup based on https://github.com/ContinuumIO/docker-images/commit/cac3352bf21a26fa0b97925b578fb24a0fe8c383
  • scripts/docker/zeppelin/bin/env_python_3_with_R.yml+1 2 modified
    @@ -1,9 +1,8 @@
 name: python_3_with_R
 channels:
   - conda-forge
-  - defaults
 dependencies:
-  - python=3.7
+  - python=3.9
   - pycodestyle
   - scipy
   - numpy=1.19.5

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

6

News mentions

0

No linked articles in our index yet.