CVE-2024-31863

{"id": "CVE-2024-31863", "metrics": {}, "published": "2024-04-09T11:15:31.713", "references": [{"url": "http://www.openwall.com/lists/oss-security/2024/04/09/6", "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread/3od2gfpwllmtc9c5ggw04ohn8s7w3ct9", "source": "security@apache.org"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security@apache.org", "description": [{"lang": "en", "value": "CWE-290"}]}], "descriptions": [{"lang": "en", "value": "Authentication Bypass by Spoofing vulnerability by replacing to exsiting notes in Apache Zeppelin.This issue affects Apache Zeppelin: from 0.10.1 before 0.11.0.\n\nUsers are recommended to upgrade to version 0.11.0, which fixes the issue.\n\n"}], "lastModified": "2024-05-01T18:15:23.507", "sourceIdentifier": "security@apache.org"}