VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.apache.ranger:ranger

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2017-7676 critical 9.8 9.8 9y ago Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '' wildcard character javaapache
CVE-2016-0733 critical 9.8 9.8 10y ago The Admin UI in Apache Ranger before 0.5.1 does not properly handle authentication requests that lack a password javaapache
CVE-2016-0735 high 8.8 8.8 10y ago Apache Ranger Access Restriction Bypass javaapache
CVE-2016-2174 high 7.2 7.2 10y ago SQL injection vulnerability in the policy admin tool in Apache Ranger javaapache
CVE-2015-0266 high 7.1 7.1 10y ago Apache Ranger allows users to bypass intended access restrictions via direct access to module URLs javaapache
CVE-2016-6815 medium 6.5 6.5 9y ago Moderate severity vulnerability that affects org.apache.ranger:ranger javaapache
CVE-2015-5167 medium 6.5 6.5 10y ago Apache Ranger allows users to bypass intended access restrictions via the REST API javaapache
CVE-2015-0265 medium 6.1 6.1 10y ago Apache Ranger Cross-site Scripting vulnerability javaapache
CVE-2017-7677 medium 5.9 5.9 9y ago Moderate severity vulnerability that affects org.apache.ranger:ranger javaapache
CVE-2016-8751 medium 4.8 4.8 9y ago Apache Ranger admin users can store some arbitrary javascript code to be executed when normal users login and access policies javaapache
CVE-2016-5395 medium 4.8 4.8 10y ago Apache Ranger allows remote authenticated administrators to inject arbitrary web script or HTML javaapache
CVE-2024-45479 unknown 1y ago Apache Ranger UI vulnerable to Server Side Request Forgery java
CVE-2024-45478 unknown 1y ago Apache Ranger has Stored Cross-site Scripting vulnerability in Edit Service Page java
CVE-2022-45048 unknown 3y ago Apache Ranger code execution vulnerability in policy expressions java
CVE-2019-12397 unknown 7y ago Cross-site scripting in Apache Ranger java
CVE-2018-11778 unknown 8y ago UnixAuthenticationService in Apache Ranger was updated to correctly handle user input to avoid Stack-based buffer overflow java