Apache Zeppelin: Shell Interpreter Vulnerability in Version 0.11.0 - Proactive Insights and Support For Open-Source Applications

In Apache Zeppelin versions from 0.10.1 before 0.11.1 a medium severity vulnerability CVE-2024-31861 was detected. It allows attackers to inject malicious code through the Shell interpreter, potentially leading to the unauthorized execution of commands. Users are recommended to upgrade to version 0.11.1, which doesn’t have Shell interpreter by default. For more information, visit https://avd.aquasec.com/nvd/2024/cve-2024-31861.