141 matches found
Apache Atlas has a Code Injection Vulnerability
Description: Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Atlas. Apache Atlas exposes a DSL search endpoint that accepts user-supplied query strings. Attacker can alter Gremlin traversal logic within grammar-allowed characters to access unintended data. Affected...
GHSA-35XX-9XRG-GWHF Apache Atlas has a Code Injection Vulnerability
Description: Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Atlas. Apache Atlas exposes a DSL search endpoint that accepts user-supplied query strings. Attacker can alter Gremlin traversal logic within grammar-allowed characters to access unintended data. Affected...
Arbitrary Code Injection
Overview org.apache.atlas:atlas-repository is an Apache Atlas Repository Module Affected versions of this package are vulnerable to Arbitrary Code Injection in the DSL search endpoint. An attacker can execute arbitrary code by placing malicious Gremlin traversal logic within grammar-allowed...
CVE-2026-40563
Description: Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Atlas Apache Atlas exposes a DSL search endpoint that accepts user-supplied query strings. Attacker can alter Gremlin traversal logic within grammar-allowed characters to access unintended data Affect...
CVE-2026-40563
Description: Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Atlas Apache Atlas exposes a DSL search endpoint that accepts user-supplied query strings. Attacker can alter Gremlin traversal logic within grammar-allowed characters to access unintended data Affect...
EUVD-2026-26979
Description: Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Atlas Apache Atlas exposes a DSL search endpoint that accepts user-supplied query strings. Attacker can alter Gremlin traversal logic within grammar-allowed characters to access unintended data Affect...
CVE-2026-40563
CVE-2026-40563 concerns Apache Atlas where an exposed DSL search endpoint accepts user-supplied query strings, enabling a code injection that can alter Gremlin traversal logic and access unintended data. Affected versions range from 0.8 through 2.4.0. For Atlas deployments using non-default confi...
CVE-2026-40563 Apache Atlas: Script injection allows access to unintended data
Description: Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Atlas Apache Atlas exposes a DSL search endpoint that accepts user-supplied query strings. Attacker can alter Gremlin traversal logic within grammar-allowed characters to access unintended data Affect...
CVE-2026-40563 Apache Atlas: Script injection allows access to unintended data
Description: Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Atlas Apache Atlas exposes a DSL search endpoint that accepts user-supplied query strings. Attacker can alter Gremlin traversal logic within grammar-allowed characters to access unintended data Affect...
PT-2026-36788
Name of the Vulnerable Software and Affected Versions Apache Atlas versions 0.8 through 2.4.0 Description An improper control of code generation issue exists in the DSL search endpoint, which accepts user-supplied query strings. An attacker can alter Gremlin traversal logic using grammar-allowed...
Apache Atlas 代码注入漏洞
Apache Atlas is a scalable and extensible core feature governance service developed by the Apache Foundation in the United States. Version 0.8 to 2.4.0 of Apache Atlas contains a code injection vulnerability. This vulnerability stems from the DSL search endpoint accepting query strings provided b...
EUVD-2017-0008
Malware in sbrugna...
EUVD-2020-0277
Malware in sbrugna...
EUVD-2017-0011
Malware in sbrugna...
EUVD-2017-0006
Malware in sbrugna...
EUVD-2017-0010
Malware in sbrugna...
EUVD-2017-0005
Malware in sbrugna...
EUVD-2017-0007
Malware in sbrugna...
EUVD-2017-0009
Malware in sbrugna...
EUVD-2022-1037
Malicious code in bioql PyPI...