Vulnerabilities > Apache > Ranger > 0.7.1

DATE CVE VULNERABILITY TITLE RISK
2019-08-08 CVE-2019-12397 Cross-site Scripting vulnerability in Apache Ranger
Policy import functionality in Apache Ranger 0.7.0 to 1.2.0 is vulnerable to a cross-site scripting issue.
network
low complexity
apache CWE-79
6.1
6.1
2018-10-05 CVE-2018-11778 Out-of-bounds Write vulnerability in Apache Ranger
UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle user input to avoid Stack-based buffer overflow.
network
low complexity
apache CWE-787
8.8
8.8