Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/14 12:40 p.m.20 views

CVE-2023-50380

XML External Entity injection in apache ambari versions = 2.7.7, Users are recommended to upgrade to version 2.7.8, which fixes this issue. More Details: Oozie Workflow Scheduler had a vulnerability that allowed for root-level file reading and privilege escalation from low-privilege users. The...

6.5CVSS7.5AI score0.00865EPSS
Exploits0References4
Circl
Circl
added 2024/02/27 6:31 p.m.13 views

CVE-2023-50380

creationtimestamp| type| source ---|---|--- 2024-02-27 18:31:29+00:00| seen| https://t.me/ctinow/194707 2024-02-27 18:36:50+00:00| seen| https://t.me/ctinow/194722...

6.5CVSS6.3AI score0.00865EPSS
Exploits0References2
NVD
NVD
added 2024/02/27 5:15 p.m.39 views

CVE-2023-50380

XML External Entity injection in apache ambari versions = 2.7.7, Users are recommended to upgrade to version 2.7.8, which fixes this issue. More Details: Oozie Workflow Scheduler had a vulnerability that allowed for root-level file reading and privilege escalation from low-privilege users. The...

6.5CVSS7.3AI score0.00865EPSS
Exploits0References2
CVE
CVE
added 2024/02/27 4:51 p.m.7690 views

CVE-2023-50380

CVE-2023-50380 describes an XML External Entity (XXE) injection in Apache Ambari (affecting versions ≤ 2.7.7) due to improper input validation in the Oozie Workflow Scheduler. The issue could allow reading arbitrary server files (root-level) and may enable privilege escalation from low-privilege ...

6.5CVSS7.2AI score0.00865EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder