Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue.
Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Tue, 10 Jun 2025 09:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-20 |
Wed, 28 May 2025 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apache
Apache ranger |
|
Weaknesses | CWE-918 | |
CPEs | cpe:2.3:a:apache:ranger:*:*:*:*:*:*:*:* | |
Vendors & Products |
Apache
Apache ranger |
Mon, 27 Jan 2025 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
Tue, 21 Jan 2025 22:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 21 Jan 2025 21:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | SSRF vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue. | |
Title | Apache Ranger: SSRF in Edit Service page - Add logic to filter requests to localhost | |
Weaknesses | CWE-20 | |
References |
|

Status: PUBLISHED
Assigner: apache
Published:
Updated: 2025-06-10T09:06:33.435Z
Reserved: 2024-08-29T14:51:06.723Z
Link: CVE-2024-45479

Updated: 2025-01-21T22:02:49.988Z

Status : Modified
Published: 2025-01-21T22:15:12.290
Modified: 2025-06-10T09:15:23.043
Link: CVE-2024-45479

No data.

No data.