org.apache.atlas:apache-atlas (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.apache.atlas:apache-atlas, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2022-34271 — CVSS 8.8 (high): A vulnerability in import module of Apache Atlas allows an authenticated user to write to web server filesystem. This issue affects Apache…
CVE-2026-40563 — CVSS 8.1 (high): Description: Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Atlas Apache Atlas exposes a DSL search…
CVE-2024-46910 — CVSS 7.1 (high): An authenticated user can perform XSS and potentially impersonate another user. This issue affects Apache Atlas versions 2.3.0 and earlier…
CVE-2019-10070 — CVSS 6.1 (medium): Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored Cross-Site Scripting in the search functionality
CVE-2020-13928 — CVSS 6.1 (medium): Apache Atlas before 2.1.0 contain a XSS vulnerability. While saving search or rendering elements values are not sanitized correctly and…