org.apache.zeppelin:zeppelin-interpreter (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.apache.zeppelin:zeppelin-interpreter, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2024-31866 — CVSS 9.8 (critical): Improper Encoding or Escaping of Output vulnerability in Apache Zeppelin. The attackers can execute shell scripts or malicious code by…
CVE-2024-41169 — CVSS 7.5 (high): The attacker can use the raft server protocol in an unauthenticated way. The attacker can see the server's resources, including directories…
CVE-2024-31868 — CVSS 6.1 (medium): Improper Encoding or Escaping of Output vulnerability in Apache Zeppelin. The attackers can modify helium.json and exposure XSS attacks to…