GHSA-49cc-xrjf-9qf7: SFTPGo allows administrators to restrict command execution from the EventManager

GHSA-rmxg-6qqf-x8mr: GeoNode Server Side Request forgery

GHSA-5cph-wvm9-45gj: Flowise OverrideConfig security vulnerability

GHSA-hj3w-wrh4-44vp: LLama Factory Remote OS Command Injection Vulnerability

GHSA-jh6x-7xfg-9cq2: Searching Opencast may cause a denial of service

Authenticated users with appropriate privileges can create policies having expressions that can exploit code execution vulnerability. This issue affects Apache Ranger: 2.3.0. Users are recommended to update to version 2.4.0.




**Apache Ranger code execution vulnerability in policy expressions**

High severity GitHub Reviewed Published Jul 6, 2023 to the GitHub Advisory Database • Updated Jul 6, 2023

Headline

GHSA-89gw-cffj-mqg9: Apache Ranger code execution vulnerability in policy expressions

Related news

ghsa: Latest News