Maven package
org.apache.zeppelin/zeppelin-interpreter
pkg:maven/org.apache.zeppelin/zeppelin-interpreter
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-41169 | — | >= 0.10.1, < 0.12.0 | 0.12.0 | Jul 12, 2025 | The attacker can use the raft server protocol in an unauthenticated way. The attacker can see the server's resources, including directories and files. This issue affects Apache Zeppelin: from 0.10.1 up to 0.12.0. Users are recommended to upgrade to version 0.12.0, which fixes t | ||
| CVE-2024-31868 | — | >= 0.8.2, < 0.11.1 | 0.11.1 | Apr 9, 2024 | Improper Encoding or Escaping of Output vulnerability in Apache Zeppelin. The attackers can modify helium.json and exposure XSS attacks to normal users. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes | ||
| CVE-2024-31866 | — | >= 0.8.2, < 0.11.1 | 0.11.1 | Apr 9, 2024 | Improper Encoding or Escaping of Output vulnerability in Apache Zeppelin. The attackers can execute shell scripts or malicious code by overriding configuration like ZEPPELIN_INTP_CLASSPATH_OVERRIDES. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recomm |
- CVE-2024-41169Jul 12, 2025affected >= 0.10.1, < 0.12.0fixed 0.12.0
The attacker can use the raft server protocol in an unauthenticated way. The attacker can see the server's resources, including directories and files. This issue affects Apache Zeppelin: from 0.10.1 up to 0.12.0. Users are recommended to upgrade to version 0.12.0, which fixes t
- CVE-2024-31868Apr 9, 2024affected >= 0.8.2, < 0.11.1fixed 0.11.1
Improper Encoding or Escaping of Output vulnerability in Apache Zeppelin. The attackers can modify helium.json and exposure XSS attacks to normal users. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes
- CVE-2024-31866Apr 9, 2024affected >= 0.8.2, < 0.11.1fixed 0.11.1
Improper Encoding or Escaping of Output vulnerability in Apache Zeppelin. The attackers can execute shell scripts or malicious code by overriding configuration like ZEPPELIN_INTP_CLASSPATH_OVERRIDES. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recomm