Atlas Security Vulnerabilities and Issues — Atlas CVE List

Lucene search

ApacheAtlas

12 matches found

CVE•added 2020/12/07 8:15 p.m.•273 views

CVE-2020-17521

Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some contexts. Users not using the e...

5.5CVSS5.4AI score0.00357EPSS

CVE•added 2019/11/18 9:15 p.m.•118 views

CVE-2019-10070

Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored Cross-Site Scripting in the search functionality

6.1CVSS5.9AI score0.0144EPSS

CVE•added 2022/12/14 9:15 a.m.•82 views

CVE-2022-34271

A vulnerability in import module of Apache Atlas allows an authenticated user to write to web server filesystem. This issue affects Apache Atlas versions from 0.8.4 to 2.2.0.

8.8CVSS8.6AI score0.00213EPSS

CVE•added 2020/09/16 6:15 p.m.•80 views

CVE-2020-13928

Apache Atlas before 2.1.0 contain a XSS vulnerability. While saving search or rendering elements values are not sanitized correctly and because of that it triggers the XSS vulnerability.

6.1CVSS6AI score0.01889EPSS

CVE•added 2017/08/29 8:29 p.m.•69 views

CVE-2017-3150

Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating use cookies that could be accessible to client-side script.

6.1CVSS6.1AI score0.01019EPSS

CVE•added 2017/08/29 8:29 p.m.•68 views

CVE-2017-3154

Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information.

7.5CVSS6.7AI score0.00825EPSS

CVE•added 2017/08/29 8:29 p.m.•63 views

CVE-2017-3153

Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XSS in the search functionality.

6.1CVSS6AI score0.0144EPSS

CVE•added 2017/08/29 8:29 p.m.•61 views

CVE-2017-3155

Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting.

6.1CVSS6AI score0.01943EPSS

CVE•added 2017/08/29 8:29 p.m.•59 views

CVE-2017-3152

Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to DOM XSS in the edit-tag functionality.

6.1CVSS5.9AI score0.0144EPSS

CVE•added 2017/08/29 8:29 p.m.•58 views

CVE-2016-8752

Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and 0.7.1 (incubating) allow access to the webapp directory contents by pointing to URIs like /js and /img.

7.5CVSS7.4AI score0.0102EPSS

CVE•added 2017/08/29 8:29 p.m.•58 views

CVE-2017-3151

Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Stored Cross-Site Scripting in the edit-tag functionality.

6.1CVSS5.9AI score0.01019EPSS

CVE•added 2025/02/13 9:15 a.m.•44 views

CVE-2024-46910

An authenticated user can perform XSS and potentially impersonate another user. This issue affects Apache Atlas versions 2.3.0 and earlier. Users are recommended to upgrade to version 2.4.0, which fixes the issue.

7.1CVSS6.1AI score0.00048EPSS