Skip to main content

Ranger

5 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-59060 Maven MEDIUM PATCH This Month

Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions <= 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue. [CVSS 5.3 MEDIUM]

Apache Ranger
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-59059 Maven CRITICAL PATCH Act Now

RCE in Apache Ranger <= 2.7.0 via NashornScriptEngineCreator. EPSS 0.42%.

RCE Apache Ranger
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-55532 Maven CRITICAL PATCH Act Now

Improper Neutralization of Formula Elements in Export CSV feature of Apache Ranger in Apache Ranger Version < 2.6.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Ranger
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-45479 Maven CRITICAL PATCH This Week

SSRF vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache SSRF Ranger
NVD
CVSS 3.1
9.1
EPSS
0.3%
CVE-2024-45478 Maven MEDIUM PATCH Monitor

Stored XSS vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Apache Ranger
NVD
CVSS 3.1
4.8
EPSS
0.7%
CVE-2025-59060 Maven
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions <= 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue. [CVSS 5.3 MEDIUM]

Apache Ranger
NVD
CVE-2025-59059 Maven
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

RCE in Apache Ranger <= 2.7.0 via NashornScriptEngineCreator. EPSS 0.42%.

RCE Apache Ranger
NVD
CVE-2024-55532 Maven
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Improper Neutralization of Formula Elements in Export CSV feature of Apache Ranger in Apache Ranger Version < 2.6.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Ranger
NVD
CVE-2024-45479 Maven
EPSS 0% CVSS 9.1
CRITICAL PATCH This Week

SSRF vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache SSRF Ranger
NVD
CVE-2024-45478 Maven
EPSS 1% CVSS 4.8
MEDIUM PATCH Monitor

Stored XSS vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Apache Ranger
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy