Description

The improper Input Validation vulnerability in "”Move folder to Trash” feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.

Remediation

References

https://lists.apache.org/thread/bxs056g3xlsofz0jb3wny9dw4llwptd2

Related Vulnerabilities

CVE-2023-37462 Vulnerability in maven package org.xwiki.platform:xwiki-platform-skin-ui

CVE-2023-34442 Vulnerability in maven package org.apache.camel:camel-jira

CVE-2019-16542 Vulnerability in maven package org.jenkins-ci.plugins:anchore-container-scanner

CVE-2023-25767 Vulnerability in maven package org.jenkins-ci.plugins:azure-credentials

CVE-2022-45394 Vulnerability in maven package org.jenkins-ci.plugins:delete-log-plugin

Severity

High

Classification

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Tags

Mailing List Vendor Advisory NVD-CWE-noinfo