org.apache.zeppelin:zeppelin-zengine@0.6.2 vulnerabilities
-
latest version
0.11.1
-
latest non vulnerable version
-
first published
9 years ago
-
latest version published
6 months ago
-
licenses detected
- [0.5.0-incubating,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.zeppelin:zeppelin-zengine package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of the package are vulnerable to Insecure Random Number Generation due to the cryptographically insecure How to fix Insecure Randomness? Upgrade |
[,0.8.0)
|
Affected versions of the package are vulnerable to information disclosure when system data or debugging information leaves the program through an output stream or logging function.
These lines may print information which can reveal some important data to user making it vulnerable to attacks, we should not log this sensitive information. How to fix Information Exposure? Upgrade |
[,0.7.3)
|