CVE-2017-3151

Severity

6.1MEDIUM

EPSS

1.0%

top 22.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedAug 29

Latest updateMay 13

Description

Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Stored Cross-Site Scripting in the edit-tag functionality.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

▶CVEListV5apache_software_foundation/apache_atlas0.6.0-incubating, 0.7.0-incubating+1

▶Mavenorg.apache.atlas:atlas-common0.6.0-incubating — 0.7.1-incubating

▶NVDapache/atlas0.6.0, 0.7.0+1

OSV

Cross-site Scripting in Apache Atlas↗2022-05-13

▶

GHSA

Cross-site Scripting in Apache Atlas↗2022-05-13

▶

CVEList

CVE-2017-3151: Apache Atlas versions 0↗2017-08-29

▶

OSV

CVE-2017-3151: Apache Atlas versions 0↗2017-08-29

▶

Bugzilla

CVE-2017-15399 chromium-browser: use after free in v8↗2017-11-07

▶

Bugzilla

CVE-2017-15398 chromium-browser: stack buffer overflow in quic↗2017-11-07

▶