CVE-2016-8752

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-8752

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-8752.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-8752

Aliases

Published

2017-08-29T20:29:00Z

Modified

2024-09-03T01:29:02.927429Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and 0.7.1 (incubating) allow access to the webapp directory contents by pointing to URIs like /js and /img.

References

https://lists.apache.org/thread.html/f7435d66b840daa2a38ad1329d639b70f5a9476e7580ae885d422e86%40%3Cdev.atlas.apache.org%3E

Affected packages

Git / github.com/apache/atlas

Affected ranges

Type: GIT
Repo: https://github.com/apache/atlas
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

8f3eb0c29e99db7b59dbd85054333f796bc1edfa

Last affected

e48bd3558a81e0d4c104f315e623ed0f6200d169

Affected versions

release-0.*

release-0.7-rc2

release-0.7.1-rc0

release-0.7.1-rc2