Medium severity6.1NVD Advisory· Published Aug 29, 2017· Updated May 13, 2026
CVE-2017-3155
CVE-2017-3155
Description
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.atlas:atlas-commonMaven | >= 0.6.0-incubating, < 0.7.1-incubating | 0.7.1-incubating |
Affected products
7- Apache Software Foundation/Apache Atlasv5Range: 0.6.0-incubating
cpe:2.3:a:apache:atlas:0.6.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:apache:atlas:0.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:atlas:0.6.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:apache:atlas:0.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:atlas:0.7.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:apache:atlas:0.7.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:apache:atlas:0.6.0:rc1:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- github.com/advisories/GHSA-q586-7p8w-9pg8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-3155ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/apache-atlas/PYSEC-2017-111.yamlghsaWEB
- lists.apache.org/thread.html/4a4fef91e067fd0d9da569e30867c1fa65e2a0520acde71ddefee0ea%40%3Cdev.atlas.apache.org%3EnvdWEB
- lists.apache.org/thread.html/4a4fef91e067fd0d9da569e30867c1fa65e2a0520acde71ddefee0ea@%3Cdev.atlas.apache.org%3EghsaWEB
- web.archive.org/web/20200227151159/http://www.securityfocus.com/bid/100587ghsaWEB
- www.securityfocus.com/bid/100587nvd
News mentions
0No linked articles in our index yet.