CVE-2024-45479

CVE-2024-45479: Apache Ranger: SSRF in Edit Service page - Add logic to filter requests to localhost

Vendor Apache Software Foundation

Product Apache Ranger

Weakness CWE-918 · SSRF

Published January 21, 2025

Last update June 10, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

SSRF vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue.

Key dates

Disclosure timeline

January 21, 2025 CVE published

June 10, 2025 Record updated