CVE-2016-0735

Apache Ranger 0.5.x before 0.5.2 is affected by a vulnerability where remote authenticated users can bypass parent resource-level access restrictions by mishandling a resource-level exclude policy. Affected versions include 0.5.0 and 0.5.1; the issue enables unintended access control bypass at th...