879 matches found
PYSEC-2017-109
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XSS in the search functionality...
PYSEC-2017-107
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Stored Cross-Site Scripting in the edit-tag functionality...
CVE-2016-8752
Apache Atlas versions 0.6.0 incubating, 0.7.0 incubating, and 0.7.1 incubating allow access to the webapp directory contents by pointing to URIs like /js and /img...
CVE-2017-3150
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating use cookies that could be accessible to client-side script...
CVE-2017-3153
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XSS in the search functionality...
CVE-2016-8752
Apache Atlas versions 0.6.0 incubating, 0.7.0 incubating, and 0.7.1 incubating allow access to the webapp directory contents by pointing to URIs like /js and /img...
PYSEC-2017-110
Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information...
amundsen-metadata (>=3.5.0 <=3.13.0), amundsen-metadata-neo4j4 (>=3.9.0 <=3.9.0.post1) +1 more potentially affected by CVE-2017-3150 via apache-atlas (>=0.0.11 <=0.0.15)
apache-atlas PYPI version =0.0.11, =3.5.0, =3.9.0, =0.1.7, =0.1.9 Source cves: CVE-2017-3150 Source advisory: OSV:PYSEC-2017-106...
PYSEC-2017-105
Apache Atlas versions 0.6.0 incubating, 0.7.0 incubating, and 0.7.1 incubating allow access to the webapp directory contents by pointing to URIs like /js and /img...
PYSEC-2017-108
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to DOM XSS in the edit-tag functionality...
CVE-2017-3152
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to DOM XSS in the edit-tag functionality...
Cross site scripting
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XSS in the search functionality...
Code injection
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating use cookies that could be accessible to client-side script...
amundsen-metadata (>=3.5.0 <=3.13.0), amundsen-metadata-neo4j4 (>=3.9.0 <=3.9.0.post1) +1 more potentially affected by CVE-2017-3151 via apache-atlas (>=0.0.11 <=0.0.15)
apache-atlas PYPI version =0.0.11, =3.5.0, =3.9.0, =0.1.7, =0.1.9 Source cves: CVE-2017-3151 Source advisory: OSV:PYSEC-2017-107...
Cross site scripting
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Stored Cross-Site Scripting in the edit-tag functionality...
Design/Logic Flaw
Apache Atlas versions 0.6.0 incubating, 0.7.0 incubating, and 0.7.1 incubating allow access to the webapp directory contents by pointing to URIs like /js and /img...
amundsen-metadata (>=3.5.0 <=3.13.0), amundsen-metadata-neo4j4 (>=3.9.0 <=3.9.0.post1) +1 more potentially affected by CVE-2017-3152 via apache-atlas (>=0.0.11 <=0.0.15)
apache-atlas PYPI version =0.0.11, =3.5.0, =3.9.0, =0.1.7, =0.1.9 Source cves: CVE-2017-3152 Source advisory: OSV:PYSEC-2017-108...
amundsen-metadata (>=3.5.0 <=3.13.0), amundsen-metadata-neo4j4 (>=3.9.0 <=3.9.0.post1) +1 more potentially affected by CVE-2017-3154 via apache-atlas (>=0.0.11 <=0.0.15)
apache-atlas PYPI version =0.0.11, =3.5.0, =3.9.0, =0.1.7, =0.1.9 Source cves: CVE-2017-3154 Source advisory: OSV:PYSEC-2017-110...
amundsen-metadata (>=3.5.0 <=3.13.0), amundsen-metadata-neo4j4 (>=3.9.0 <=3.9.0.post1) +1 more potentially affected by CVE-2016-8752 via apache-atlas (>=0.0.11 <=0.0.15)
apache-atlas PYPI version =0.0.11, =3.5.0, =3.9.0, =0.1.7, =0.1.9 Source cves: CVE-2016-8752 Source advisory: OSV:PYSEC-2017-105...
PYSEC-2017-106
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating use cookies that could be accessible to client-side script...