oss-sec mailing list archives
CVE-2022-45048: Apache Ranger: code execution vulnerability in policy expressions
From: Madhan Neethiraj <madhan () apache org>
Date: Thu, 04 May 2023 20:59:50 +0000
Affected versions: - Apache Ranger 2.3.0 Description: Authenticated users with appropriate privileges can create policies having expressions that can exploit code execution vulnerability. This issue affects Apache Ranger: 2.3.0. Credit: g1831767442 () 163 com (finder) References: https://ranger.apache.org/ https://www.cve.org/CVERecord?id=CVE-2022-45048
Current thread:
- CVE-2022-45048: Apache Ranger: code execution vulnerability in policy expressions Madhan Neethiraj (May 04)