GHSA-QRP9-23P7-G5MF Apache Ambari XML External Entity injection

🗓️ 27 Feb 2024 18:02:31Reported by GoogleType

osv🔗 osv.dev👁 12 Views

Apache Ambari XML External Entity injection, upgrade to v2.7.

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
NVD	CVE-2023-50380	27 Feb 202417:15	–	nvd
Prion	Xxe	27 Feb 202417:15	–	prion
CVE	CVE-2023-50380	27 Feb 202417:15	–	cve
Veracode	XML External Entity	29 Feb 202405:34	–	veracode
RedhatCVE	CVE-2023-50380	14 Feb 202512:40	–	redhatcve
Github Security Blog	Apache Ambari XML External Entity injection	27 Feb 202418:31	–	github
OSV	CVE-2023-50380	27 Feb 202417:15	–	osv
Vulnrichment	CVE-2023-50380 Apache Ambari: authenticated users could perform XXE to read arbitrary files on the server	27 Feb 202416:51	–	vulnrichment
Cvelist	CVE-2023-50380 Apache Ambari: authenticated users could perform XXE to read arbitrary files on the server	27 Feb 202416:51	–	cvelist

Osv

Node

apache ambariRange2.7.0–2.7.8

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-50380
github	www.github.com/apache/ambari/commit/d9652e4611ea36208d5f748028b3a9cd980e6edb
github	www.github.com/apache/ambari
lists	www.lists.apache.org/thread/qrt7mq7v7zyrh1qsh1gkg1m7clysvy32
openwall	www.openwall.com/lists/oss-security/2024/02/27/6

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Feb 2024 18:31Current

7.2High risk

Vulners AI Score7.2

CVSS36.5

EPSS0.00059

SSVC