Maven package
org.apache.ranger/ranger-plugins-common
pkg:maven/org.apache.ranger/ranger-plugins-common
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-59059 | — | < 2.8.0 | 2.8.0 | Mar 3, 2026 | Remote Code Execution Vulnerability in NashornScriptEngineCreator is reported in Apache Ranger versions <= 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue. | ||
| CVE-2016-8746 | Med | 5.9 | < 0.6.3 | 0.6.3 | Jun 14, 2017 | Apache Ranger before 0.6.3 policy engine incorrectly matches paths in certain conditions when policy does not contain wildcards and has recursion flag set to true. |
- CVE-2025-59059Mar 3, 2026affected < 2.8.0fixed 2.8.0
Remote Code Execution Vulnerability in NashornScriptEngineCreator is reported in Apache Ranger versions <= 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue.
- affected < 0.6.3fixed 0.6.3
Apache Ranger before 0.6.3 policy engine incorrectly matches paths in certain conditions when policy does not contain wildcards and has recursion flag set to true.