Improper Input Validation vulnerability in Apache Zeppelin.
The attackers can execute malicious queries by setting improper configuration properties to LDAP search filter. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1.
Users are recommended to upgrade to version 0.11.1, which fixes the issue.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/31xxx/CVE-2024-31867.json",
"cna_assigner": "apache",
"cwe_ids": [
"CWE-20"
]
}