CVE-2017-5654: XPath Injection

May 12, 2017 (updated May 23, 2017)

An authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes.

References

nvd.nist.gov/vuln/detail/CVE-2017-5654

Detect and mitigate CVE-2017-5654 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →