4 matches found
com.expediagroup.apiary:apiary-ranger-metastore-plugin (>=7.2.1 <=8.1.15), com.witboost.provisioning:scala-mesh-ranger_2.13 (=1.0.0) +64 more potentially affected by CVE-2025-59059 via org.apache.ranger:ranger-plugins-common (>=2.0.0 <=2.7.0)
org.apache.ranger:ranger-plugins-common MAVEN version =2.0.0, =7.2.1, =0.8.44-4, =466, =0.6.0-incubating, =0.8.0-incubating, =1.6.0-incubating, =1.6.0-incubating, =0.7.0, =0.7.0, =1.11.0, =1.11.0, =2.0.0, =1.3.0, =1.3.0, =2.0.0 and more Source cves: CVE-2025-59059 Source advisory:...
com.expediagroup.apiary:apiary-ranger-metastore-plugin (>=7.2.1 <=8.1.15), com.witboost.provisioning:scala-mesh-ranger_2.13 (=1.0.0) +67 more potentially affected by CVE-2025-59059 via org.apache.ranger:ranger-plugins-common (>=0.6.0 <=2.7.0)
org.apache.ranger:ranger-plugins-common MAVEN version =0.6.0, =7.2.1, =0.8.44-4, =0.18.0, =466, =0.6.0-incubating, =0.8.0-incubating, =1.6.0-incubating, =1.6.0-incubating, =0.3.0, =0.3.0, =1.1.0, =1.1.0, =2.0.0, =1.3.0, =2.0.0 and more Source cves: CVE-2025-59059 Source advisory:...
org.apache.nifi:nifi-ranger-nar (>=1.1.0 <=1.3.0), org.apache.nifi:nifi-ranger-plugin (>=1.1.0 <=1.3.0) +23 more potentially affected by CVE-2016-8746 via org.apache.ranger:ranger-plugins-common (>=0.6.0 <=0.6.2)
org.apache.ranger:ranger-plugins-common MAVEN version =0.6.0, =1.1.0, =1.1.0, =0.6.0, =0.6.0, =0.6.0, =0.6.0, =0.6.0, =0.6.0, =0.6.0, =0.6.0, =0.6.0, =0.6.0, =0.6.0, =0.6.0, =0.6.0, =0.6.2 and more Source cves: CVE-2016-8746 Source advisory: OSV:GHSA-XV7X-X6WR-XX7G...
Unintended Behaviours
ranger-plugins-common is vulnerable to unintended behaviors. It is possible because the policy resource matcher does not properly handle the policies with characters after a wildcard character, leading to unintended behaviors...