Описание
Apache Ranger UI vulnerable to Server Side Request Forgery
SSRF vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue.
Пакеты
Наименование
org.apache.ranger:ranger
maven
Затронутые версииВерсия исправления
< 2.5.0
2.5.0
Связанные уязвимости
CVSS3: 9.1
nvd
около 1 года назад
SSRF vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue.