VYPR

Maven package

org.apache.ambari.contrib.views/wfmanager

pkg:maven/org.apache.ambari.contrib.views/wfmanager

Vulnerabilities (1)

  • CVE-2023-50380Feb 27, 2024
    affected >= 2.7.0, < 2.7.8fixed 2.7.8

    XML External Entity injection in apache ambari versions <= 2.7.7, Users are recommended to upgrade to version 2.7.8, which fixes this issue. More Details: Oozie Workflow Scheduler had a vulnerability that allowed for root-level file reading and privilege escalation from low-pri