CVE-2024-41169 Information
Jul 13, 2025
cve
Description
The attacker can use the raft server protocol in an unauthenticated way. The attacker can see the server’s resources including directories and files.
This issue affects Apache Zeppelin: from 0.10.1 up to 0.12.0.
Users are recommended to upgrade to version 0.12.0 which fixes the issue by removing the Cluster Interpreter.
Reference
https://github.com/apache/zeppelin/pull/4841 https://issues.apache.org/jira/browse/ZEPPELIN-6101 https://lists.apache.org/thread/moyym04993c8owh4h0qj98r43tbo8qdd
Related CNNVD
CNNVD-202507-1741 (Published: 2025-07-12)
Share on: