Описание
Apache Ranger code execution vulnerability in policy expressions
Authenticated users with appropriate privileges can create policies having expressions that can exploit code execution vulnerability. This issue affects Apache Ranger: 2.3.0. Users are recommended to update to version 2.4.0.
Пакеты
Наименование
org.apache.ranger:ranger
maven
Затронутые версииВерсия исправления
= 2.3.0
2.4.0
Связанные уязвимости
CVSS3: 8.4
nvd
почти 3 года назад
Authenticated users with appropriate privileges can create policies having expressions that can exploit code execution vulnerability. This issue affects Apache Ranger: 2.3.0. Users are recommended to update to version 2.4.0.