Lucene search

K

Apache Hive and Spark: CookieSigner exposes the correct signature when message verification fails

🗓️ 23 Dec 2024 18:47:30Reported by GoogleType 
osv
 osv
🔗 osv.dev👁 8 Views

CookieSigner in Apache Hive and Spark reveals correct signature on message verification failure, risking exploitation.

Show more
Related
Detection
Refs
Osv
Node
mavenorg.apache.hive\Matchhive\-service
OR
mavenorg.apache.spark\Matchspark\-hive\-thriftserver_2.11
OR
mavenorg.apache.spark\Matchspark\-hive\-thriftserver_2.12

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
23 Dec 2024 18:30Current
7High risk
Vulners AI Score7
CVSS35.9
EPSS0.0004
SSVC
8
.json
Report