Advisories for Maven/Org.apache.atlas/Apache-Atlas package

2022

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

A vulnerability in import module of Apache Atlas allows an authenticated user to write to web server filesystem. This issue affects Apache Atlas versions from 0.8.4 to 2.2.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Apache Atlas before 2.1.0 contain a XSS vulnerability. While saving search or rendering elements values are not sanitized correctly and because of that it triggers the XSS vulnerability.

2020

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored Cross-Site Scripting in the search functionality