org.apache.atlas:atlas-authorization (=0.7-incubating), org.apache.atlas:atlas-client (=0.7-incubating) +9 more potentially affected by CVE-2017-3151 via org.apache.atlas:atlas-common (=0.7-incubating)

org.apache.atlas:atlas-common MAVEN version =0.7-incubating is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.atlas:atlas-common and may be impacted: - org.apache.atlas:atlas-authorization =0.7-incubating - org.apache.atlas:atlas-client...

amundsen-metadata (>=3.5.0 <=3.13.0), amundsen-metadata-neo4j4 (>=3.9.0 <=3.9.0.post1) +1 more potentially affected by CVE-2017-3151 via apache-atlas (>=0.0.11 <=0.0.15)

apache-atlas PYPI version =0.0.11, =3.5.0, =3.9.0, =0.1.7, =0.1.9 Source cves: CVE-2017-3151 Source advisory: OSV:PYSEC-2017-107...

CVE-2017-3151

Apache Atlas CVE-2017-3151 affects versions 0.6.0-incubating and 0.7.0-incubating, with a Stored Cross-Site Scripting flaw in the edit-tag functionality. Root cause details are not elaborated beyond the XSS issue; no exploit specifics are provided in the connected documents. The impact is implied...