Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
---|---|---|---|---|---|
CVE-2022-45855 | BDSA-2023-1767 | High | Jul 12, 2023 | SpringEL injection in the metrics source in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remote more... |
2.7.1, 2.7.0
|
CVE-2022-42009 | BDSA-2023-1766 | High | Jul 12, 2023 | SpringEL injection in the server agent in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely more... |
2.7.1, 2.7.0
|
CVE-2020-1936 | BDSA-2021-0506 | Medium | Mar 02, 2021 | A cross-site scripting issue was found in Apache Ambari Views. This was addressed in Apache Ambari 2.7.4. |
2.7.1, 2.7.0, 2.6.2, 2.6.1, 2.6.0, 2.5.2, 2.5.1, 2.4.3, 2.5.0, 2.4.2
|
BDSA-2021-0682 | Medium | Mar 17, 2021 | Apache Ambari contains a directory traversal vulnerability. This could allow a user to download files from directories they do not have permission to a more... |