In Apache Zeppelin versions from 0.10.1 before 0.11.1 a medium severity vulnerability CVE-2024-31861 was detected. It allows attackers to inject malicious code through the Shell interpreter, potentially leading to the unauthorized execution of commands. Users are recommended to upgrade to version 0.11.1, which doesn’t have Shell interpreter by default. For more information, visit https://avd.aquasec.com/nvd/2024/cve-2024-31861.
Read more Graphic DesignIn Apache Zeppelin versions from 0.9.0 before 0.11.0 a low severity vulnerability CVE-2024-31860 was detected. Due to the issue, attackers can gain access to files on the server by using symbols that show the file’s location to other files. It’s recommended to upgrade to version 0.11.0 to fix the vulnerability. For more information, visit https://avd.aquasec.com/nvd/2024/cve-2024-31860.
Read more Graphic Design