VYPR

Maven package

org.apache.atlas/atlas-common

pkg:maven/org.apache.atlas/atlas-common

Vulnerabilities (7)

  • CVE-2017-3155MedAug 29, 2017
    affected >= 0.6.0-incubating, < 0.7.1-incubatingfixed 0.7.1-incubating

    Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting.

  • CVE-2017-3154HigAug 29, 2017
    affected >= 0.6.0-incubating, < 0.7.1-incubatingfixed 0.7.1-incubating

    Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information.

  • CVE-2017-3153MedAug 29, 2017
    affected >= 0.6.0-incubating, < 0.7.1-incubatingfixed 0.7.1-incubating

    Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XSS in the search functionality.

  • CVE-2017-3152MedAug 29, 2017
    affected >= 0.6.0-incubating, < 0.7.1-incubatingfixed 0.7.1-incubating

    Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to DOM XSS in the edit-tag functionality.

  • CVE-2017-3151MedAug 29, 2017
    affected >= 0.6.0-incubating, < 0.7.1-incubatingfixed 0.7.1-incubating

    Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Stored Cross-Site Scripting in the edit-tag functionality.

  • CVE-2017-3150MedAug 29, 2017
    affected >= 0.6.0-incubating, < 0.7.1-incubatingfixed 0.7.1-incubating

    Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating use cookies that could be accessible to client-side script.

  • CVE-2016-8752HigAug 29, 2017
    affected >= 0.6.0-incubating, < 0.8-incubatingfixed 0.8-incubating

    Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and 0.7.1 (incubating) allow access to the webapp directory contents by pointing to URIs like /js and /img.