High severity8.8NVD Advisory· Published Oct 5, 2018· Updated Jun 17, 2026
CVE-2018-11778
CVE-2018-11778
Description
UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle user input to avoid Stack-based buffer overflow. Versions prior to 1.2.0 should be upgraded to 1.2.0
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.ranger:rangerMaven | < 1.2.0 | 1.2.0 |
Affected products
2- Apache Software Foundation/Apache Rangerv5Range: prior to 1.2.0
Patches
Vulnerability mechanics
References
8- cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+RangernvdVendor AdvisoryWEB
- github.com/advisories/GHSA-c99h-fgqm-6679ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-11778ghsaADVISORY
- seclists.org/oss-sec/2018/q4/11nvdMailing ListThird Party AdvisoryWEB
- lists.apache.org/thread.html/r04bc435a92911de4b52d2b98f169bd7cf2e8bbeb53b03788df8f932c@%3Cdev.ranger.apache.org%3EghsaWEB
- lists.apache.org/thread.html/rd88077a781ef38f7687c100f93992f4dda8aa101925050c4af470998@%3Cdev.ranger.apache.org%3EghsaWEB
- lists.apache.org/thread.html/r04bc435a92911de4b52d2b98f169bd7cf2e8bbeb53b03788df8f932c%40%3Cdev.ranger.apache.org%3Envd
- lists.apache.org/thread.html/rd88077a781ef38f7687c100f93992f4dda8aa101925050c4af470998%40%3Cdev.ranger.apache.org%3Envd
News mentions
0No linked articles in our index yet.