ГлавнаяУязвимости → CVE-2024-45479
9.1критическая

CVE-2024-45479

Описание

SSRF vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue.

Затрагиваемое ПО
Apache Ranger
CVSS
Балл9.1 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Источники
https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Rangerhttp://www.openwall.com/lists/oss-security/2025/01/21/4