Product:

Atlas

(Apache)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 10
Date Id Summary Products Score Patch Annotated
2017-08-29 CVE-2016-8752 Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and 0.7.1 (incubating) allow access to the webapp directory contents by pointing to URIs like /js and /img. Atlas 7.5
2017-08-29 CVE-2017-3150 Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating use cookies that could be accessible to client-side script. Atlas 6.1
2017-08-29 CVE-2017-3151 Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Stored Cross-Site Scripting in the edit-tag functionality. Atlas 6.1
2017-08-29 CVE-2017-3152 Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to DOM XSS in the edit-tag functionality. Atlas 6.1
2017-08-29 CVE-2017-3153 Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XSS in the search functionality. Atlas 6.1
2017-08-29 CVE-2017-3154 Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information. Atlas 7.5
2017-08-29 CVE-2017-3155 Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting. Atlas 6.1
2019-11-18 CVE-2019-10070 Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored Cross-Site Scripting in the search functionality Atlas 6.1
2020-12-07 CVE-2020-17521 Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some contexts. Users not using the extension methods mentioned in the advisory are not affected, but may wish to read the advisory for further details. Versions Affected: 2.0 to 2.4.20, 2.5.0 to 2.5.13, 3.0.0 to 3.0.6, and... Atlas, Groovy, Snapcenter, Agile_engineering_data_management, Agile_plm, Agile_plm_mcad_connector, Business_process_management_suite, Communications_brm_\-_elastic_charging_engine, Communications_diameter_signaling_router, Communications_evolved_communications_application_server, Communications_services_gatekeeper, Healthcare_data_repository, Hospitality_opera_5, Ilearning, Insurance_policy_administration, Jd_edwards_enterpriseone_orchestrator, Primavera_gateway, Primavera_unifier, Retail_bulk_data_integration, Retail_merchandising_system, Retail_store_inventory_management 5.5
2022-12-14 CVE-2022-34271 A vulnerability in import module of Apache Atlas allows an authenticated user to write to web server filesystem. This issue affects Apache Atlas versions from 0.8.4 to 2.2.0. Atlas 8.8