📦 Ambari

Name: Ambari
Author: Apache

by Apache

🔍 What is Ambari?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2025-23195

HIGH CVSS 7.5 Jan 21, 2025

An XML External Entity (XXE) vulnerability in Apache Ambari/Oozie allows attackers to inject malicious XML entities due to insecure parsing with DocumentBuilderFactory. This enables reading arbitrary ...

CVE-2025-23196

HIGH CVSS 8.8 Jan 21, 2025

This CVE describes a code injection vulnerability in Apache Ambari's Alert Definition feature where authenticated users can inject arbitrary shell commands through the script filename field. The vulne...

CVE-2023-50379

HIGH CVSS 8.8 Feb 27, 2024

This vulnerability allows a cluster operator with existing access to inject malicious code into Apache Ambari requests, potentially gaining root privileges on the cluster's main host. It affects Apach...

CVE-2020-13924

HIGH CVSS 7.5 Mar 17, 2021

This directory traversal vulnerability in Apache Ambari allows malicious users to construct file names that escape intended directories, enabling unauthorized file downloads. It affects Apache Ambari ...