CVE-2017-7676: Improper Input Validation

October 17, 2018 (updated September 2, 2021)

Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after ‘’ wildcard character - like mytest, test*.txt. This can result in unintended behavior.

References

github.com/advisories/GHSA-758m-6g3q-g3hh
nvd.nist.gov/vuln/detail/CVE-2017-7676

Code Behaviors & Features

Detect and mitigate CVE-2017-7676 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →