{ "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2021-28655", "ASSIGNER": "security@apache.org", "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", "value": "The improper Input Validation vulnerability in \"\u201dMove folder to Trash\u201d feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20 Improper Input Validation", "cweId": "CWE-20" } ] } ] }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "Apache Software Foundation", "product": { "product_data": [ { "product_name": "Apache Zeppelin", "version": { "version_data": [ { "version_value": "0", "version_affected": "=" } ] } } ] } } ] } }, "references": { "reference_data": [ { "url": "https://lists.apache.org/thread/bxs056g3xlsofz0jb3wny9dw4llwptd2", "refsource": "MISC", "name": "https://lists.apache.org/thread/bxs056g3xlsofz0jb3wny9dw4llwptd2" } ] }, "generator": { "engine": "Vulnogram 0.1.0-dev" }, "source": { "discovery": "UNKNOWN" }, "credits": [ { "lang": "en", "value": "Kai Zhao" } ] }