Apache Ranger UI vulnerable to Server Side Request Forgery
Critical severity
GitHub Reviewed
Published
Jan 22, 2025
to the GitHub Advisory Database
•
Updated Jan 27, 2025
Description
Published by the National Vulnerability Database
Jan 21, 2025
Published to the GitHub Advisory Database
Jan 22, 2025
Reviewed
Jan 27, 2025
Last updated
Jan 27, 2025
SSRF vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0.
Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue.
References