Description
Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '*' wildcard character - like my*test, test*.txt. This can result in unintended behavior.
Remediation
References
http://www.securityfocus.com/bid/98958
https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger
Related Vulnerabilities
CVE-2016-10531 Vulnerability in maven package org.webjars.npm:marked
CVE-2020-2118 Vulnerability in maven package org.jenkins-ci.plugins:pipeline-githubnotify-step
CVE-2020-2135 Vulnerability in maven package org.jenkins-ci.plugins:script-security
CVE-2023-26134 Vulnerability in npm package git-commit-info
CVE-2021-40146 Vulnerability in maven package org.apache.any23:apache-any23-core