CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45478 – Apache Ranger: Stored XSS in Edit Service page - Add logic to validate user input
https://notcve.org/view.php?id=CVE-2024-45478
21 Jan 2025 — Stored XSS vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue. Stored XSS vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue. • https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51941 – Apache Ambari: Remote Code Injection in Ambari Metrics and AMS Alerts
https://notcve.org/view.php?id=CVE-2024-51941
21 Jan 2025 — A remote code injection vulnerability exists in the Ambari Metrics and AMS Alerts feature, allowing authenticated users to inject and execute arbitrary code. The vulnerability occurs when processing alert definitions, where malicious input can be injected into the alert script execution path. An attacker with authenticated access can exploit this vulnerability to execute arbitrary commands on the server. The issue has been fixed in the latest versions of Ambari. • https://lists.apache.org/thread/xq50nlff7o7z1kq3y637clzzl6mjhl8j • CWE-75: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23196 – Apache Ambari: Code Injection Vulnerability in Ambari Alert Definition
https://notcve.org/view.php?id=CVE-2025-23196
21 Jan 2025 — A code injection vulnerability exists in the Ambari Alert Definition feature, allowing authenticated users to inject and execute arbitrary shell commands. The vulnerability arises when defining alert scripts, where the script filename field is executed using `sh -c`. An attacker with authenticated access can exploit this vulnerability to inject malicious commands, leading to remote code execution on the server. The issue has been fixed in the latest versions of Ambari. • https://lists.apache.org/thread/70g1l5lxvko7kvhyxmtmklhhfrlon837 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23195 – Apache Ambari: XML External Entity (XXE) Vulnerability in Ambari/Oozie
https://notcve.org/view.php?id=CVE-2025-23195
21 Jan 2025 — An XML External Entity (XXE) vulnerability exists in the Ambari/Oozie project, allowing an attacker to inject malicious XML entities. This vulnerability occurs due to insecure parsing of XML input using the `DocumentBuilderFactory` class without disabling external entity resolution. An attacker can exploit this vulnerability to read arbitrary files on the server or perform server-side request forgery (SSRF) attacks. The issue has been fixed in both Ambari 2.7.9 and the trunk branch. • https://lists.apache.org/thread/hsb6mvxd7g37dq1ygtd0pd88gs9tfcwq • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-23184 – Apache CXF: Denial of Service vulnerability with temporary files
https://notcve.org/view.php?id=CVE-2025-23184
21 Jan 2025 — A potential denial of service vulnerability is present in versions of Apache CXF before 3.5.10, 3.6.5 and 4.0.6. In some edge cases, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system (it applies to servers and clients). A potential denial of service vulnerability is present in versions of Apache CXF before 3.5.10, 3.6.5 and 4.0.6. In some edge cases, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill ... • https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45627 – Apache Linkis Metadata Query Service JDBC: JDBC Datasource Module with Mysql has file read vulnerability
https://notcve.org/view.php?id=CVE-2024-45627
14 Jan 2025 — In Apache Linkis <1.7.0, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will allow the attacker to read arbitrary files from the Linkis server. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. Versions of Apache Linkis < 1.7.0 will be affected. We recommend users upgrade the version of... • https://lists.apache.org/thread/0zzx8lldwoqgzq98mg61hojgpvn76xsh • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 4.3EPSS: 11%CPEs: 1EXPL: 1CVE-2025-22828 – Apache CloudStack: Unauthorised access to annotations
https://notcve.org/view.php?id=CVE-2025-22828
13 Jan 2025 — CloudStack users can add and read comments (annotations) on resources they are authorised to access. Due to an access validation issue that affects Apache CloudStack versions from 4.16.0, users who have access, prior access or knowledge of resource UUIDs can list and add comments (annotations) to such resources. An attacker with a user-account and access or prior knowledge of resource UUIDs may exploit this issue to read contents of the comments (annotations) or add malicious comments (annotations) to such ... • https://github.com/Stolichnayer/CVE-2025-22828 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45033 – Apache Airflow Fab Provider: Application does not invalidate session after password change via Airflow cli
https://notcve.org/view.php?id=CVE-2024-45033
08 Jan 2025 — Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider. This issue affects Apache Airflow Fab Provider: before 1.5.2. When user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged users could continue to be logged in even after the password was changed. This only happened when the password was changed with CLI. The problem does not happen in case change was done with webserver thus this is d... • https://github.com/apache/airflow/pull/45139 • CWE-613: Insufficient Session Expiration •
CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0CVE-2024-54676 – Apache OpenMeetings: Deserialisation of untrusted data in cluster mode
https://notcve.org/view.php?id=CVE-2024-54676
08 Jan 2025 — Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.1.0 before 8.0.0 Description: Default clustering instructions at https://openmeetings.apache.org/Clustering.html doesn't specify white/black lists for OpenJPA this leads to possible deserialisation of untrusted data. Users are recommended to upgrade to version 8.0.0 and update their startup scripts to include the relevant 'openjpa.serialization.class.blacklist' and 'openjpa.serialization.class.whitelist' configurations as s... • https://lists.apache.org/thread/o0k05jxrt5tp4nm45lj14yfjxmg67m95 • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.5EPSS: 22%CPEs: 1EXPL: 1CVE-2024-56512 – Apache NiFi: Missing Complete Authorization for Parameter and Service References
https://notcve.org/view.php?id=CVE-2024-56512
28 Dec 2024 — Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained authorization checking for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers, when creating new Process Groups. Creating a new Process Group can include binding to a Parameter Context, but in cases where the Process Group did not reference any Parameter values, the framework did not check user authorization for the bound Parameter Context. Missing authorization for a bound Parameter Context enabled clients to down... • https://github.com/absholi7ly/CVE-2024-56512-Apache-NiFi-Exploit • CWE-638: Not Using Complete Mediation •