CVE-2022-45048: Apache Ranger: code execution vulnerability in policy expressions

Madhan Neethiraj Fri, 05 May 2023 04:10:03 -0700

Affected versions:

- Apache Ranger 2.3.0


Description:

Authenticated users with appropriate privileges can create policies having 
expressions that can exploit code execution vulnerability. This issue affects 
Apache Ranger: 2.3.0.

Credit:

g1831767...@163.com (finder)

References:

https://ranger.apache.org/
https://www.cve.org/CVERecord?id=CVE-2022-45048

CVE-2022-45048: Apache Ranger: code execution vulnerability in policy expressions

Reply via email to