Medium severity6.1NVD Advisory· Published Aug 29, 2017· Updated May 13, 2026
CVE-2017-3152
CVE-2017-3152
Description
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to DOM XSS in the edit-tag functionality.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.atlas:atlas-commonMaven | >= 0.6.0-incubating, < 0.7.1-incubating | 0.7.1-incubating |
Affected products
7cpe:2.3:a:apache:atlas:0.6.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:apache:atlas:0.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:atlas:0.6.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:apache:atlas:0.6.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:apache:atlas:0.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:atlas:0.7.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:apache:atlas:0.7.0:rc2:*:*:*:*:*:*
- Apache Software Foundation/Apache Atlasv5Range: 0.6.0-incubating
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- github.com/advisories/GHSA-9xwq-72vp-5j3cghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-3152ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/apache-atlas/PYSEC-2017-108.yamlghsaWEB
- lists.apache.org/thread.html/4a4fef91e067fd0d9da569e30867c1fa65e2a0520acde71ddefee0ea%40%3Cdev.atlas.apache.org%3EnvdWEB
- lists.apache.org/thread.html/4a4fef91e067fd0d9da569e30867c1fa65e2a0520acde71ddefee0ea@%3Cdev.atlas.apache.org%3EghsaWEB
- web.archive.org/web/20200227151159/http://www.securityfocus.com/bid/100547ghsaWEB
- www.securityfocus.com/bid/100577nvd
News mentions
0No linked articles in our index yet.