CVE-2022-47894

Improper Input Validation vulnerability in Apache Zeppelin SAP.This issue affects Apache Zeppelin SAP: from 0.8.0 before 0.11.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. For more information, the fix already was merged in the source code but Zeppelin decided to retire the SAP component NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVSS

No CVSS.

References

Link	Resource
http://www.openwall.com/lists/oss-security/2024/04/09/4	Mailing List
http://www.openwall.com/lists/oss-security/2024/04/09/4	Mailing List
https://github.com/apache/zeppelin/pull/4302	Issue Tracking
https://github.com/apache/zeppelin/pull/4302	Issue Tracking
https://lists.apache.org/thread/csf4k73kkn3nx58pm0p2qrylbox4fvyy	Mailing List Vendor Advisory
https://lists.apache.org/thread/csf4k73kkn3nx58pm0p2qrylbox4fvyy	Mailing List Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:zeppelin:*:*:*:*:*:*:*:*

History

05 May 2025, 20:48

Type	Values Removed	Values Added
CPE		cpe:2.3:a:apache:zeppelin::::::::
CWE		NVD-CWE-noinfo
First Time		Apache Apache zeppelin
References	~~() https://lists.apache.org/thread/csf4k73kkn3nx58pm0p2qrylbox4fvyy -~~	() https://lists.apache.org/thread/csf4k73kkn3nx58pm0p2qrylbox4fvyy - Mailing List, Vendor Advisory
References	~~() http://www.openwall.com/lists/oss-security/2024/04/09/4 -~~	() http://www.openwall.com/lists/oss-security/2024/04/09/4 - Mailing List
References	~~() https://github.com/apache/zeppelin/pull/4302 -~~	() https://github.com/apache/zeppelin/pull/4302 - Issue Tracking

13 Feb 2025, 17:15

Type	Values Removed	Values Added
Summary	Improper Input Validation vulnerability in Apache Zeppelin SAP.This issue affects Apache Zeppelin SAP: from 0.8.0 before 0.11.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. For more information, the fix already was merged in the source code but Zeppelin decided to retire the SAP component NOTE: This vulnerability only affects products that are no longer supported by the maintainer.	Improper Input Validation vulnerability in Apache Zeppelin SAP.This issue affects Apache Zeppelin SAP: from 0.8.0 before 0.11.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. For more information, the fix already was merged in the source code but Zeppelin decided to retire the SAP component NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CWE	~~CWE-20~~

01 May 2024, 17:15

Type	Values Removed	Values Added
References		() http://www.openwall.com/lists/oss-security/2024/04/09/4 -

09 Apr 2024, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-04-09 10:15

Updated : 2025-05-05 20:48

NVD link : CVE-2022-47894

Mitre link : CVE-2022-47894

JSON object : View

Products Affected

apache

zeppelin

CWE

NVD-CWE-noinfo

JSON object

Attach tags to CVE-2022-47894

Attach tags to `CVE-2022-47894`