CVE-2024-55532

Apache Ranger: Improper Neutralization of Formula Elements in a CSV File

Description

Improper Neutralization of Formula Elements in Export CSV feature of Apache Ranger in Apache Ranger Version < 2.6.0. Users are recommended to upgrade to version 2.6.0, which fixes this issue.

INFO

Published Date :

2025-03-03T16:04:54.856Z

Last Modified :

2025-03-04T16:10:02.790Z

Source :

apache

AFFECTED PRODUCTS

The following products are affected by CVE-2024-55532 vulnerability.

Vendors	Products
Apache	Ranger

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-55532.

URL	Resource
http://www.openwall.com/lists/oss-security/2025/03/03/2
https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact