CVE-2021-28655 Vulnerability in maven package org.apache.zeppelin:zeppelin

Description

The improper Input Validation vulnerability in "”Move folder to Trash” feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.

Remediation

References

https://lists.apache.org/thread/bxs056g3xlsofz0jb3wny9dw4llwptd2

Related Vulnerabilities

CVE-2019-1003056 Vulnerability in maven package org.jenkins-ci.plugins:websphere-deployer

CVE-2021-21689 Vulnerability in maven package org.jenkins-ci.main:jenkins-core

CVE-2023-50779 Vulnerability in maven package com.cloudtp.jenkins:paaslane-estimate

CVE-2020-1940 Vulnerability in maven package org.apache.jackrabbit:oak-core

CVE-2022-36898 Vulnerability in maven package com.compuware.jenkins:compuware-ispw-operations

Severity

High

Classification

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L