Description

The improper Input Validation vulnerability in "”Move folder to Trash” feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.

Remediation

References

https://lists.apache.org/thread/bxs056g3xlsofz0jb3wny9dw4llwptd2

Related Vulnerabilities

CVE-2023-29198 Vulnerability in npm package electron

CVE-2023-34464 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web-templates

CVE-2019-10459 Vulnerability in maven package org.jenkins-ci.plugins:mattermost

CVE-2022-41935 Vulnerability in maven package org.xwiki.platform:xwiki-platform-livetable-ui

CVE-2019-16571 Vulnerability in maven package org.jenkins-ci.plugins:rapiddeploy-jenkins

Severity

High

Classification

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Tags

Mailing List Vendor Advisory NVD-CWE-noinfo