Description
Apache Ranger before 0.6.3 policy engine incorrectly matches paths in certain conditions when policy does not contain wildcards and has recursion flag set to true.
Remediation
References
http://www.securityfocus.com/bid/95998
https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger
Related Vulnerabilities
CVE-2019-10277 Vulnerability in maven package hudson.plugins:starteam
CVE-2019-6286 Vulnerability in npm package node-sass
CVE-2023-2138 Vulnerability in npm package @nuxtlabs/github-module
CVE-2021-21623 Vulnerability in maven package org.jenkins-ci.plugins:matrix-auth
CVE-2022-45921 Vulnerability in maven package io.fusionauth:fusionauth-java-client