Medium severity6.1NVD Advisory· Published Aug 29, 2017· Updated May 13, 2026
CVE-2017-3150
CVE-2017-3150
Description
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating use cookies that could be accessible to client-side script.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.atlas:atlas-commonMaven | >= 0.6.0-incubating, < 0.7.1-incubating | 0.7.1-incubating |
Affected products
7cpe:2.3:a:apache:atlas:0.6.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:apache:atlas:0.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:atlas:0.6.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:apache:atlas:0.6.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:apache:atlas:0.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:atlas:0.7.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:apache:atlas:0.7.0:rc2:*:*:*:*:*:*
- Apache Software Foundation/Apache Atlasv5Range: 0.6.0-incubating
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- www.securityfocus.com/bid/100536nvdThird Party AdvisoryVDB Entry
- github.com/advisories/GHSA-wvmq-w7m8-g9xmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-3150ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/apache-atlas/PYSEC-2017-106.yamlghsaWEB
- lists.apache.org/thread.html/4a4fef91e067fd0d9da569e30867c1fa65e2a0520acde71ddefee0ea%40%3Cdev.atlas.apache.org%3EnvdWEB
- lists.apache.org/thread.html/4a4fef91e067fd0d9da569e30867c1fa65e2a0520acde71ddefee0ea@%3Cdev.atlas.apache.org%3EghsaWEB
- web.archive.org/web/20200227152436/http://www.securityfocus.com/bid/100536ghsaWEB
News mentions
0No linked articles in our index yet.