CVE-2019-10095

Summary

bash command injection vulnerability in Apache Zeppelin allows an attacker to inject system commands into Spark interpreter settings. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache ZeppelinApache Zeppelin <= 0.9.0affected

Weaknesses

  • bash command injection

ADP Enrichment

CVE Program Container

Additional References

References