Proactive Insights and Support For Open-Source Applications
  • Applications
  • Platform
  • Support
  • Resources
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
Get Started
Book a demo
  • Applications
  • Platform
  • Support
  • Resources
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
  • Home
  • Knowledge Base
  • Newsflash
  • Specialized Software
  • Graphic Design

Graphic Design

All OSSpediaArticlesHow ToNewsflashCase Studies
Don't Miss out!
Join our newsletter for exclusive updates on open source innovations.

    Selected category
    • Communication
      • Communication
    • Communication and Collaboration
      • Communication
    • Specialized Software
      • Educational
      • Graphic Design
    • Business and Enterprise Solutions
      • Productivity
      • Supply Chain Management (SCM)
      • CRM
      • E-commerce
      • CMS
      • Marketing Automation
      • ERP
    • Project and Agile Management
      • Project Management
      • IT Business Management
    • Infrastructure and Network
      • Networking
      • Storage
      • Security
    • DevOps
      • Mobile App Development
      • Backup and Recovery
      • Data Analytics
      • Web Development
      • Developer Stacks
      • Cloud Computing
      • Monitoring
      • Application Development
      • Developer Tools
    • Data Management and Analytics
      • Communication
      • Application Development
      • Analytics
      • Machine Learning
      • Database
      • Data Analytics
    12 May 2024 Specialized Software
    Apache Zeppelin: Helium.json File Manipulation Vulnerability

    In Apache Zeppelin versions from 0.8.2 before 0.11.1 an Improper Encoding or Escaping of Output vulnerability CVE-2024-31868 was detected. This vulnerability resides in the improper handling of encoding or escaping output, which enables attackers to manipulate the helium.json file, thereby launching cross-site scripting (XSS) attacks against unsuspecting users. Users are recommended to upgrade to version 0.11.1, which fixes the issue. For more information, visit https://avd.aquasec.com/nvd/2024/cve-2024-31868/.

    Read more
    Graphic Design
    9 May 2024 Specialized Software
    Apache Zeppelin: Exploitable LDAP Search Filter Configuration

    In Apache Zeppelin versions from 0.8.2 before 0.11.1 an Improper Input Validation vulnerability CVE-2024-31867 was detected. Attackers can exploit the system by tampering with LDAP search filter settings, allowing them to run harmful queries. The issue is resolved in Apache Zeppelin version 0.11.1. For more information, visit https://avd.aquasec.com/nvd/2024/cve-2024-31867/.

    Read more
    Graphic Design
    5 May 2024 Specialized Software
    Apache Zeppelin: Vulnerability Leaves Systems at Risk

    In Apache Zeppelin versions ranging from 0.8.2 before 0.11.1 there exists a vulnerability CVE-2024-31866 related to Improper Encoding or Escaping of Output. The attackers can execute shell scripts or malicious code by manipulating configurations such as ZEPPELIN_INTP_CLASSPATH_OVERRIDES, thereby gaining unauthorized access to execute potentially harmful actions. Users are recommended to upgrade to version 0.11.1, which fixes the issue. For more information, visit https://avd.aquasec.com/nvd/2024/cve-2024-31866/.

    Read more
    Graphic Design
    4 May 2024 Specialized Software
    Apache Zeppelin: Authentication Bypass by Spoofing

    Authentication Bypass by Spoofing vulnerability CVE-2024-31863 was detected in Apache Zeppelin versions from 0.10.1 before 0.11. It allows attackers to replace existing notes. It is strongly advised that users upgrade to version 0.11.0 to fix this issue. For more information, visit https://avd.aquasec.com/nvd/2024/cve-2024-31863.

    Read more
    Graphic Design
    4 May 2024 Specialized Software
    Apache Zeppelin: Flaw Exposes Users to Unauthorized Access

    in Apache Zeppelin versions from 0.8.2 before 0.11.1 an Improper Input Validation vulnerability CVE-2024-31865 was detected. Attackers can call updating cron API with invalid or improper privileges so that the notebook can run with the privileges. Users are recommended to upgrade to version 0.11.1, which fixes the issue. For more information, visit https://avd.aquasec.com/nvd/2024/cve-2024-31865/.

    Read more
    Graphic Design
    3 May 2024 Specialized Software
    Apache Zeppelin: Injection of Sensitive Configuration or Malicious Code via MySQL JDBC Driver

    Improper Control of Code Generation (‘Code Injection’) vulnerability CVE-2024-31864 was detected in all versions of Apache Zeppelin before 0.11.1. This vulnerability allows attackers to inject sensitive configuration or malicious code when connecting MySQL database via Java Database Connectivity driver. The issue is resolved in version 0.11.1. For more information, visit https://avd.aquasec.com/nvd/2024/cve-2024-31864/.

    Read more
    Graphic Design
    2 May 2024 Specialized Software
    Apache Zeppelin: Improper Input Validation in Note Creation

    In Apache Zeppelin versions from 0.10.1 before 0.11.0 an Improper Input Validation vulnerability CVE-2024-31862 was detected, particularly when creating a new note through Zeppelin’s user interface. The issue is fixed in version 0.11.0. For more information, visit https://avd.aquasec.com/nvd/2024/cve-2024-31862.

    Read more
    Graphic Design
    1 May 2024 Specialized Software
    Apache Zeppelin: Shell Interpreter Vulnerability in Version 0.11.0

    In Apache Zeppelin versions from 0.10.1 before 0.11.1 an exploitable vulnerability CVE-2024-31861 known as “Improper Control of Generation of Code” (‘Code Injection’), was detected. It allows attackers to inject malicious code through the Shell interpreter, potentially leading to the unauthorized execution of commands. Users are recommended to upgrade to version 0.11.1, which doesn’t have Shell interpreter by default. For more information, visit https://avd.aquasec.com/nvd/2024/cve-2024-31861.

    Read more
    Graphic Design
    29 Apr 2024 Specialized Software
    Apache Zeppelin: File Access Exploitation via Relative Path Symbols

    In Apache Zeppelin versions from 0.9.0 before 0.11.0 a low severity vulnerability CVE-2024-31860 was detected. Due to the issue, attackers can gain access to files on the server by using symbols that show the file’s location to other files. It’s recommended to upgrade to version 0.11.0 to fix the vulnerability. For more information, visit https://avd.aquasec.com/nvd/2024/cve-2024-31860.

    Read more
    Graphic Design
    Proactive Insights and Support For Open-Source Applications
    Contact us: Whatsapp
    Company
    • About Hossted
    • Data Processing Addendum
    Solutions
    • Applications
    • Support Plans
    • About Solution
    Resources
    • FAQ
    • Knowledge Base
    © HOSSTED 2025 All rights reserved
    • Privacy Policy
    • Terms and Conditions
    • Cookies Policy