{"id":"CVE-2024-55532","details":"Improper Neutralization of Formula Elements in Export CSV feature of Apache Ranger in Apache Ranger Version \u003c 2.6.0.\nUsers are recommended to upgrade to version 2.6.0, which fixes this issue.","aliases":["GHSA-2h4w-p9fh-9rmv"],"modified":"2026-04-10T05:18:35.528196Z","published":"2025-03-03T16:15:38.777Z","references":[{"type":"ADVISORY","url":"https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2025/03/03/2"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apache/ranger","events":[{"introduced":"0"},{"fixed":"a1786ac2fe02196af9cda2ed25716310cac44d43"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.6.0"}]}}],"versions":["ranger-0.4.0-rc0","ranger-0.6.0-rc1","release-2.1.0-rc0","release-2.2.0-rc0","release-2.2.0-rc1","release-2.2.0-rc2","release-2.3.0-rc0","release-2.3.0-rc1","release-2.3.0-rc2","release-2.3.0-rc3","release-2.4.0-rc0","release-2.4.0-rc1","release-2.4.0-rc2","release-2.5.0-rc0","release-2.5.0-rc1","release-2.5.0-rc2","release-2.5.0-rc3","release-2.5.0-rc4","release-ranger-2.1.0","release-ranger-2.2.0","release-ranger-2.3.0","release-ranger-2.4.0","release-ranger-2.5.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-55532.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}