6 matches found
ai.chronon:flink_2.12 (>=0.0.62 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91), ai.chronon:online_2.12 (>=0.0.25 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +555 more potentially affected by CVE-2024-29869 via org.apache.hive:hive-exec (>=0.8.0 <=4.0.0)
org.apache.hive:hive-exec MAVEN version =0.8.0, =0.0.62, =0.0.25, =0.0.25, =0.0.86, =0.0.86, =0.0.8, =0.0.6, =3.18.0.9, =6.5.0, =1.5.8, =0.2.7, =1.3.3, =1.4.0, =1.0.0, =2.0.0, =3.1.0 and more Source cves: CVE-2024-29869 Source advisory: OSV:GHSA-C476-J253-5RGQ...
CVE-2024-29869
Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. Any unauthorized user having access to the directory can read the sensitive information written into this file. Users are recommended to...
CVE-2024-29869
creationtimestamp| type| source ---|---|--- 2025-01-28 21:36:45+00:00| seen| https://infosec.exchange/users/cve/statuses/113908135028434980 2025-01-28 21:52:38+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lgtgv2wfd62q 2025-01-28 22:15:36+00:00| seen|...
CVE-2024-29869 Apache Hive: Credentials file created with non restrictive permissions
Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. Any unauthorized user having access to the directory can read the sensitive information written into this file. Users are recommended to...
CVE-2024-29869
CVE-2024-29869 describes a permission misconfiguration where Hive writes a credentials file to a temporary directory with 644 permissions when unconstrained, allowing read access by unauthorized users. The issue is documented for Hive and is reflected in IBM watsonx.data advisories, which cite af...
CVE-2024-29869 Apache Hive: Credentials file created with non restrictive permissions
Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. Any unauthorized user having access to the directory can read the sensitive information written into this file. Users are recommended to...