CVE-2018-1317

In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication.

Date published : 2019-04-23

http://www.securityfocus.com/bid/108047

https://zeppelin.apache.org/releases/zeppelin-release-0.8.0.html