Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-41743

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00538EPSS
Exploits0References4
Veracode
Veracode
added 2025/07/28 4:40 a.m.4 views

Server-Side Request Forgery (SSRF)

Apache Ranger is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper input validation due to the Edit Service Page in the UI allowing crafted requests that can trigger unintended internal or external network calls...

9.1CVSS6.2AI score0.00617EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/01/22 12:33 a.m.9 views

GHSA-G9GF-G5JQ-9H3V Apache Ranger UI vulnerable to Server Side Request Forgery

SSRF vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue...

9.1CVSS9.3AI score0.00617EPSS
Exploits0References4
OSV
OSV
added 2025/01/22 12:33 a.m.3 views

GHSA-VRX2-MGR9-V67H Apache Ranger has Stored Cross-site Scripting vulnerability in Edit Service Page

Stored XSS vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue...

4.8CVSS5.9AI score0.00538EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/01/21 9:26 p.m.33 views

CVE-2024-45479 Apache Ranger: SSRF in Edit Service page - Add logic to filter requests to localhost

SSRF vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue...

0.00617EPSS
Exploits0References1
CVE
CVE
added 2025/01/21 9:26 p.m.75 views

CVE-2024-45479

Apache Ranger UI (v2.4.0) contains an SSRF vulnerability in the Edit Service Page. The root cause is improper input validation that allows crafted requests to trigger unintended internal or external network calls. This vulnerability is classified with high impact (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S...

9.1CVSS6.5AI score0.00617EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/21 9:26 p.m.11 views

CVE-2024-45479 Apache Ranger: SSRF in Edit Service page - Add logic to filter requests to localhost

SSRF vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue...

9.3AI score0.00617EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/21 9:25 p.m.34 views

CVE-2024-45478 Apache Ranger: Stored XSS in Edit Service page - Add logic to validate user input

Stored XSS vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue...

0.00538EPSS
Exploits0References1
CVE
CVE
added 2025/01/21 9:25 p.m.61 views

CVE-2024-45478

CVE-2024-45478 describes a stored cross-site scripting (XSS) vulnerability in the Edit Service Page of Apache Ranger UI, specifically affecting Apache Ranger UI version 2.4.0. The underlying issue is lack of proper input filtering/escaping on user-supplied data. The recommended remediation is to ...

4.8CVSS5.7AI score0.00538EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/21 9:25 p.m.17 views

CVE-2024-45478 Apache Ranger: Stored XSS in Edit Service page - Add logic to validate user input

Stored XSS vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue...

5.9AI score0.00538EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.4 views

Apache Ranger 输入验证错误漏洞

Apache Ranger is a set of architectures from the U.S.-based Apache Foundation for implementing comprehensive security measures for Hadoop clusters. The product provides centralized security policy management for core enterprise security requirements such as authorization, billing and data...

4.8CVSS6.2AI score0.00538EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.4 views

Apache Ranger 输入验证错误漏洞

Apache Ranger is a set of architectures from the Apache USA Foundation that implement comprehensive security measures for Hadoop clusters. The product provides centralized security policy management for core enterprise security requirements such as authorization, billing, and data protection. An...

9.1CVSS6.6AI score0.00617EPSS
Exploits0References3
Rows per page
Query Builder