High severity vulnerability that affects org.apache.hive:hive-jdbc

2018-11-21T22:24:34
ID GHSA-JF2M-435M-MXW8
Type github
Reporter GitHub Advisory Database
Modified 2019-07-03T21:02:05

Description

This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation.