Max CVSS | 6.5 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-12619 | 5.8 |
Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone".
|
30-04-2019 - 14:54 | 23-04-2019 - 15:29 | |
CVE-2018-1317 | 6.5 |
In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication.
|
30-04-2019 - 14:48 | 23-04-2019 - 15:29 | |
CVE-2018-1328 | 4.3 |
Apache Zeppelin prior to 0.8.0 had a stored XSS issue via Note permissions. Issue reported by "Josna Joseph".
|
24-04-2019 - 13:49 | 23-04-2019 - 15:29 |