Improper Input Validation vulnerability in Apache Zeppelin. The attackers can call updating cron API with invalid or improper privileges so that the notebook can run with the privileges. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes the issue.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2024-04-09T16:07:36.358Z

Updated: 2024-08-02T01:59:49.913Z

Reserved: 2024-04-06T11:50:47.384Z

Link: CVE-2024-31865

cve-icon Vulnrichment

Updated: 2024-04-22T18:48:29.121Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-04-09T16:15:08.213

Modified: 2024-11-21T09:14:02.953

Link: CVE-2024-31865

cve-icon Redhat

No data.