CVE-2021-28655: Improper Input Validation

December 16, 2022 (updated November 9, 2023)

The improper Input Validation vulnerability in “”Move folder to Trash” feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.

References

lists.apache.org/thread/bxs056g3xlsofz0jb3wny9dw4llwptd2
nvd.nist.gov/vuln/detail/CVE-2021-28655

Detect and mitigate CVE-2021-28655 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →