Lucene search
K

5 matches found

CVE
CVE
added 2026/03/03 10:44 a.m.370 views

CVE-2025-59059

Apache Ranger CVE-2025-59059 is a remote code execution issue affecting Ranger versions

9.8CVSS6AI score0.01244EPSS
CVE
CVE
added 2025/03/03 4:4 p.m.155 views

CVE-2024-55532

CVE-2024-55532 affects Apache Ranger prior to 2.6.0, in the Export CSV feature. The root cause is Improper Neutralization of Formula Elements, which can enable CSV injection when exporting data. Multiple connected sources (Red Hat, SNYK, OSV, GHSA, and CVE listings) corroborate that the remediati...

9.8CVSS6.5AI score0.00723EPSS
CVE
CVE
added 2017/06/14 5:0 p.m.72 views

CVE-2016-8751

CVE-2016-8751 affects Apache Ranger prior to 0.6.3. The vulnerability is a Stored Cross-Site Scripting in custom policy conditions, enabling admin users to store JavaScript executed when normal users log in and access policies. Exploitation details, affected versions beyond 0.6.3, and remediation...

4.8CVSS5AI score0.02133EPSS
CVE
CVE
added 2018/10/05 7:0 p.m.71 views

CVE-2018-11778

CVE-2018-11778 affects UnixAuthenticationService in Apache Ranger. Multiple connected sources confirm that UnixAuthenticationService handles user input and previously vulnerable versions could be susceptible to a stack-based buffer overflow, potentially allowing crash or arbitrary code execution....

8.8CVSS8.7AI score0.04011EPSS
CVE
CVE
added 2026/03/03 10:46 a.m.14 views

CVE-2025-59060

Summary: CVE-2025-59060 describes a hostname verification bypass in Apache Ranger’s NiFiRegistryClient/NiFiClient. The issue is reported for Apache Ranger versions ≤ 2.7.0 and is fixed by upgrading to version 2.8.0. Affected components: NiFiRegistryClient and NiFiClient within Apache Ranger. Root...

5.3CVSS5.9AI score0.00329EPSS