Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ApacheRanger

4 matches found

CVE
CVEadded 2017/06/14 5:29 p.m.66 views

CVE-2016-8746

Apache Ranger before 0.6.3 policy engine incorrectly matches paths in certain conditions when policy does not contain wildcards and has recursion flag set to true.

5.9CVSS5.6AI score0.00538EPSS
CVE
CVEadded 2017/06/14 5:29 p.m.66 views

CVE-2017-7676

Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '' wildcard character - like my test, test*.txt. This can result in unintended behavior.

9.8CVSS9.3AI score0.0089EPSS
CVE
CVEadded 2017/06/14 5:29 p.m.60 views

CVE-2016-8751

Apache Ranger before 0.6.3 is vulnerable to a Stored Cross-Site Scripting in when entering custom policy conditions. Admin users can store some arbitrary javascript code to be executed when normal users login and access policies.

4.8CVSS5AI score0.00214EPSS
CVE
CVEadded 2017/06/14 5:29 p.m.58 views

CVE-2017-7677

In environments that use external location for hive tables, Hive Authorizer in Apache Ranger before 0.7.1 should be checking RWX permission for create table.

5.9CVSS5.6AI score0.00325EPSS