pkg:maven/org.apache.ranger/ranger
Type
maven
Namespace
org.apache.ranger
Name
ranger
Known advisories, vulnerabilities and fixes for org.apache.ranger/ranger package.
Critical
2
High
4
Moderate
5
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | >= 0.5.0, < 0.5.2 |
CVE-2016-0735
|
MAVEN:GHSA-22V7-W6C5-V4RR | Apache Ranger Access Restriction Bypass | high |
2022-05-17T03:56:54
(2 years ago) |
|
Fixed | = 0.5.2 |
CVE-2016-0735
|
MAVEN:GHSA-22V7-W6C5-V4RR | Apache Ranger Access Restriction Bypass | high |
2022-05-17T03:56:54
(2 years ago) |
|
Affected | < 0.5.3 |
CVE-2016-2174
|
MAVEN:GHSA-4RJF-MXFM-98H5 | SQL injection vulnerability in the policy admin tool in Apache Ranger | high |
2018-10-17T17:21:29
(6 years ago) |
|
Fixed | = 0.5.3 |
CVE-2016-2174
|
MAVEN:GHSA-4RJF-MXFM-98H5 | SQL injection vulnerability in the policy admin tool in Apache Ranger | high |
2018-10-17T17:21:29
(6 years ago) |
|
Affected | < 0.7.1 |
CVE-2017-7676
|
MAVEN:GHSA-758M-6G3Q-G3HH | Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '' wildcard character | critical |
2018-10-17T17:22:38
(6 years ago) |
|
Fixed | = 0.7.1 |
CVE-2017-7676
|
MAVEN:GHSA-758M-6G3Q-G3HH | Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '' wildcard character | critical |
2018-10-17T17:22:38
(6 years ago) |
|
Affected | = 2.3.0 |
CVE-2022-45048
|
MAVEN:GHSA-89GW-CFFJ-MQG9 | Apache Ranger code execution vulnerability in policy expressions | high |
2023-07-06T21:14:54
(14 months ago) |
|
Fixed | = 2.4.0 |
CVE-2022-45048
|
MAVEN:GHSA-89GW-CFFJ-MQG9 | Apache Ranger code execution vulnerability in policy expressions | high |
2023-07-06T21:14:54
(14 months ago) |
|
Affected | < 1.2.0 |
CVE-2018-11778
|
MAVEN:GHSA-C99H-FGQM-6679 | UnixAuthenticationService in Apache Ranger was updated to correctly handle user input to avoid Stack-based buffer overflow | high |
2018-10-17T17:22:23
(6 years ago) |
|
Fixed | = 1.2.0 |
CVE-2018-11778
|
MAVEN:GHSA-C99H-FGQM-6679 | UnixAuthenticationService in Apache Ranger was updated to correctly handle user input to avoid Stack-based buffer overflow | high |
2018-10-17T17:22:23
(6 years ago) |
|
Affected | < 0.7.1 |
CVE-2017-7677
|
MAVEN:GHSA-FFJH-FJGG-MFPQ | Moderate severity vulnerability that affects org.apache.ranger:ranger | moderate |
2018-10-17T17:22:49
(6 years ago) |
|
Fixed | = 0.7.1 |
CVE-2017-7677
|
MAVEN:GHSA-FFJH-FJGG-MFPQ | Moderate severity vulnerability that affects org.apache.ranger:ranger | moderate |
2018-10-17T17:22:49
(6 years ago) |
|
Affected | >= 0.7.0, <= 1.2.0 |
CVE-2019-12397
|
MAVEN:GHSA-FPQP-V323-44XV | Cross-site scripting in Apache Ranger | moderate |
2019-08-16T14:01:35
(5 years ago) |
|
Fixed | = 2.0.0 |
CVE-2019-12397
|
MAVEN:GHSA-FPQP-V323-44XV | Cross-site scripting in Apache Ranger | moderate |
2019-08-16T14:01:35
(5 years ago) |
|
Affected | < 0.5.1 |
CVE-2016-0733
|
MAVEN:GHSA-J84C-J8QM-G47R | The Admin UI in Apache Ranger before 0.5.1 does not properly handle authentication requests that lack a password | critical |
2018-10-17T17:21:11
(6 years ago) |
|
Fixed | = 0.5.1 |
CVE-2016-0733
|
MAVEN:GHSA-J84C-J8QM-G47R | The Admin UI in Apache Ranger before 0.5.1 does not properly handle authentication requests that lack a password | critical |
2018-10-17T17:21:11
(6 years ago) |
|
Affected | < 0.6.1 |
CVE-2016-5395
|
MAVEN:GHSA-RF7Q-XQM3-6923 | Apache Ranger allows remote authenticated administrators to inject arbitrary web script or HTML | moderate |
2018-10-17T17:21:37
(6 years ago) |
|
Fixed | = 0.6.1 |
CVE-2016-5395
|
MAVEN:GHSA-RF7Q-XQM3-6923 | Apache Ranger allows remote authenticated administrators to inject arbitrary web script or HTML | moderate |
2018-10-17T17:21:37
(6 years ago) |
|
Affected | < 0.6.3 |
CVE-2016-8751
|
MAVEN:GHSA-V7MF-QGXF-QMVF | Apache Ranger admin users can store some arbitrary javascript code to be executed when normal users login and access policies | moderate |
2018-10-17T17:21:54
(6 years ago) |
|
Fixed | = 0.6.3 |
CVE-2016-8751
|
MAVEN:GHSA-V7MF-QGXF-QMVF | Apache Ranger admin users can store some arbitrary javascript code to be executed when normal users login and access policies | moderate |
2018-10-17T17:21:54
(6 years ago) |
|
Affected | < 0.6.2 |
CVE-2016-6815
|
MAVEN:GHSA-VHXC-8JJQ-859J | Moderate severity vulnerability that affects org.apache.ranger:ranger | moderate |
2018-10-17T17:21:44
(6 years ago) |
|
Fixed | = 0.6.2 |
CVE-2016-6815
|
MAVEN:GHSA-VHXC-8JJQ-859J | Moderate severity vulnerability that affects org.apache.ranger:ranger | moderate |
2018-10-17T17:21:44
(6 years ago) |