| CVE-2017-7676 |
critical |
9.8 |
9.8 |
9y ago |
Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '' wildcard character |
|
| CVE-2016-0733 |
critical |
9.8 |
9.8 |
10y ago |
The Admin UI in Apache Ranger before 0.5.1 does not properly handle authentication requests that lack a password |
|
| CVE-2016-0735 |
high |
8.8 |
8.8 |
10y ago |
Apache Ranger Access Restriction Bypass |
|
| CVE-2016-2174 |
high |
7.2 |
7.2 |
10y ago |
SQL injection vulnerability in the policy admin tool in Apache Ranger |
|
| CVE-2015-0266 |
high |
7.1 |
7.1 |
10y ago |
Apache Ranger allows users to bypass intended access restrictions via direct access to module URLs |
|
| CVE-2016-6815 |
medium |
6.5 |
6.5 |
9y ago |
Moderate severity vulnerability that affects org.apache.ranger:ranger |
|
| CVE-2015-5167 |
medium |
6.5 |
6.5 |
10y ago |
Apache Ranger allows users to bypass intended access restrictions via the REST API |
|
| CVE-2015-0265 |
medium |
6.1 |
6.1 |
10y ago |
Apache Ranger Cross-site Scripting vulnerability |
|
| CVE-2017-7677 |
medium |
5.9 |
5.9 |
9y ago |
Moderate severity vulnerability that affects org.apache.ranger:ranger |
|
| CVE-2016-8751 |
medium |
4.8 |
4.8 |
9y ago |
Apache Ranger admin users can store some arbitrary javascript code to be executed when normal users login and access policies |
|
| CVE-2016-5395 |
medium |
4.8 |
4.8 |
10y ago |
Apache Ranger allows remote authenticated administrators to inject arbitrary web script or HTML |
|
| CVE-2022-45048 |
unknown |
— |
— |
3y ago |
Apache Ranger code execution vulnerability in policy expressions |
|