Vulnerabilities > Apache > Ranger > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-14 | CVE-2017-7676 | Improper Input Validation vulnerability in Apache Ranger Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '*' wildcard character - like my*test, test*.txt. | 9.8 |
| 2016-04-12 | CVE-2016-0733 | Improper Authentication vulnerability in Apache Ranger 0.4.0/0.4.1/0.5.0 The Admin UI in Apache Ranger before 0.5.1 does not properly handle authentication requests that lack a password, which allows remote attackers to bypass authentication by leveraging knowledge of a valid username. | 9.8 |