CVE-2024-31863 | Apache Zeppelin 0.10.x Note authentication spoofing

Inserito da Angelo Barbosa | Apr 9, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Apache Zeppelin 0.10.x. Affected by this issue is some unknown functionality of the component Note Handler. The manipulation leads to authentication bypass by spoofing.

This vulnerability is handled as CVE-2024-31863. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-31863 | Apache Zeppelin 0.10.x Note authentication spoofing

Post correlati

CVE-2024-28917 | Microsoft unknown vulnerability

CVE-2024-27412 | Linux Kernel up to 6.7.8 power kernel/irq/manage.c bq27xxx_battery_i2c_probe use after free

CVE-2023-51697 | advplyr audiobookshelf up to 2.6.x podcastUtils.js server-side request forgery

CVE-2023-50725 | resque Gem prior 2.2.1 on Ruby cross site scripting