CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Veracode•added 2025/02/03 5:29 a.m.•6 views

Improper Access Control

org.apache.hive:hive-exec is vulnerable to Improper Access Control. The vulnerability is due to insecure file permissions due to the credentials file being created with default permissions of 644 in a temporary directory, allowing unauthorized users to read sensitive information...

5.5CVSS6.4AI score0.00096EPSS

Exploits0References6Affected Software1

vulnersOsv•added 2025/01/29 12:31 a.m.•3 views

ai.chronon:flink_2.12 (>=0.0.62 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91), ai.chronon:online_2.12 (>=0.0.25 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +638 more potentially affected by CVE-2024-29869 via org.apache.hive:hive-exec (>=0.10.0 <=4.0.0)

org.apache.hive:hive-exec MAVEN version =0.10.0, =0.0.62, =0.0.25, =0.0.25, =0.0.86, =0.0.86, =0.0.8, =0.0.6, =3.18.0.9, =6.5.0, =1.5.8, =0.2.7, =1.3.3, =1.4.0, =1.0.0, =2.0.0, =3.1.0 and more Source cves: CVE-2024-29869 Source advisory: OSV:GHSA-C476-J253-5RGQ...

5.5CVSS6AI score0.00096EPSS

Exploits0

vulnersOsv•added 2024/12/05 12:31 p.m.•3 views

org.apache.hive.hcatalog:hive-hcatalog-core (=4.0.0-alpha-1), org.apache.hive.hcatalog:hive-hcatalog-pig-adapter (=4.0.0-alpha-1) +18 more potentially affected by CVE-2022-41137 via org.apache.hive:hive-exec (=4.0.0-alpha-1)

org.apache.hive:hive-exec MAVEN version =4.0.0-alpha-1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hive:hive-exec and may be impacted: - org.apache.hive.hcatalog:hive-hcatalog-core =4.0.0-alpha-1 -...

8.3CVSS7.2AI score0.08194EPSS

Exploits0

vulnersOsv•added 2019/03/14 3:40 p.m.•5 views

ai.h2o:h2o-orc-parser (>=3.18.0.9 <=3.46.0.10), com.linkedin.tony:tony-cli (>=0.1.5 <=0.3.3) +3 more potentially affected by CVE-2015-1772 via org.apache.hive:hive-exec (=1.1.0)

org.apache.hive:hive-exec MAVEN version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hive:hive-exec and may be impacted: - ai.h2o:h2o-orc-parser =3.18.0.9, =0.1.5, =0.1.5, =0.11.0, =0.11.1 Source cves: CVE-2015-1772 Source advisory...

7.3CVSS7.1AI score0.00163EPSS

Exploits0

vulnersOsv•added 2019/03/14 3:40 p.m.•3 views

ai.h2o:h2o-orc-parser (>=3.18.0.9 <=3.46.0.10), com.alibaba.blink:flink-hcatalog (>=blink-3.2.0 <=blink-3.7.0) +138 more potentially affected by CVE-2016-3083 via org.apache.hive:hive-exec (>=0.10.0 <=1.2.1)

org.apache.hive:hive-exec MAVEN version =0.10.0, =3.18.0.9, =blink-3.2.0, =1.0.1-migration, =0.60.0, =1.0.1, =0.6, =0.6, =0.6, =0.6, =0.7 - com.facebook.giraph.hive:hive-io-experimental =0.5 - com.facebook.hiveio:hive-io-exp-cmdline =0.8 - com.facebook.hiveio:hive-io-exp-core =0.8 -...

7.5CVSS7.1AI score0.00206EPSS

Exploits0

vulnersOsv•added 2019/03/14 3:40 p.m.•2 views

io.druid.extensions.contrib:druid-orc-extensions (>=0.10.0 <=0.12.3), org.apache.tajo:tajo-hive (>=0.11.2 <=0.11.3) potentially affected by CVE-2016-3083 via org.apache.hive:hive-exec (=2.0.0)

org.apache.hive:hive-exec MAVEN version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hive:hive-exec and may be impacted: - io.druid.extensions.contrib:druid-orc-extensions =0.10.0, =0.11.2, =0.11.3 Source cves: CVE-2016-3083 Source...

7.5CVSS7.1AI score0.00206EPSS

Exploits0

vulnersOsv•added 2019/03/14 3:40 p.m.•1 views

com.amazon.emr:hive2-shims (>=5.0.0 <=5.6.0), com.scylladb.alternator:hive2-shims (>=5.6.0 <=5.8.0) potentially affected by CVE-2017-12625 via org.apache.hive:hive-exec (=2.3.0)

org.apache.hive:hive-exec MAVEN version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hive:hive-exec and may be impacted: - com.amazon.emr:hive2-shims =5.0.0, =5.6.0, =5.8.0 Source cves: CVE-2017-12625 Source advisory:...

4.3CVSS6.1AI score0.00468EPSS

Exploits3

vulnersOsv•added 2018/11/21 10:25 p.m.•4 views

ai.h2o:h2o-orc-parser (>=3.18.0.9 <=3.46.0.10), com.alibaba.blink:flink-hcatalog (>=blink-3.2.0 <=blink-3.7.0) +205 more potentially affected by CVE-2018-11777 via org.apache.hive:hive-exec (>=0.10.0 <=2.3.3)

org.apache.hive:hive-exec MAVEN version =0.10.0, =3.18.0.9, =blink-3.2.0, =5.0.0, =1.0.1-migration, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =0.60.0, =4.1.2-RELEASE, =1.0.1, =0.6, =0.6, =0.6, =0.7 and more Source cves: CVE-2018-11777 Source advisory: OSV:GHSA-RRFQ-G5FQ-FC9...

8.1CVSS7.2AI score0.00249EPSS

Exploits0

vulnersOsv•added 2018/11/21 10:24 p.m.•1 views

ai.h2o:h2o-orc-parser (>=3.18.0.9 <=3.46.0.10), com.amazon.emr:hive2-shims (>=5.0.0 <=5.6.0) +106 more potentially affected by CVE-2018-1284 via org.apache.hive:hive-exec (>=0.8.0 <=2.3.2)

org.apache.hive:hive-exec MAVEN version =0.8.0, =3.18.0.9, =5.0.0, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =4.1.2-RELEASE, =0.1.1, =4.0.0-preview22.0.1, =1.0.5, =0.1.5, =0.1.5, =0.3.3 and more Source cves: CVE-2018-1284 Source advisory: OSV:GHSA-RXMR-C9JM-7MM8...

4.3CVSS6.1AI score0.00469EPSS

Exploits0

vulnersOsv•added 2018/11/21 10:24 p.m.•1 views

com.amazon.emr:hive2-shims (>=5.0.0 <=5.6.0), com.boozallen.aissemble:extensions-data-delivery-spark (>=1.13.0-rc6 <=2.0.0) +56 more potentially affected by CVE-2018-1315 via org.apache.hive:hive-exec (>=2.1.0 <=2.3.2)

org.apache.hive:hive-exec MAVEN version =2.1.0, =5.0.0, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =4.1.2-RELEASE, =4.0.0-preview22.0.1, =5.6.0, =4.0.00.31.1-prerelease6, =4.0.0, =4.1.0, =4.2.0 and more Source cves: CVE-2018-1315 Source advisory: OSV:GHSA-P639-XXV5-J383...

4.3CVSS6.1AI score0.01026EPSS

Exploits0

vulnersOsv•added 2018/11/21 10:23 p.m.•3 views

com.alibaba.blink:flink-hcatalog (>=blink-3.2.0 <=blink-3.7.0), com.bazaarvoice.emodb:emodb-sor-hive (>=1.0.1-migration <=6.2.3) +85 more potentially affected by CVE-2014-0228 via org.apache.hive:hive-exec (>=0.10.0 <=0.13.0)

org.apache.hive:hive-exec MAVEN version =0.10.0, =blink-3.2.0, =1.0.1-migration, =0.60.0, =1.0.1, =0.6, =0.6, =0.6, =0.6, =1.11.2, =1.11.2, =1.11.9 and more Source cves: CVE-2014-0228 Source advisory: OSV:GHSA-W4X9-4F5X-8JJ8...

3.5CVSS5.8AI score0.00322EPSS

Exploits0

Veracode•added 2018/11/09 7:12 a.m.•19 views

Information Disclosure

hive-exec is vulnerable to an information disclosure.The library does not properly handle permissions of entities in an EXPLAIN operation, allowing a malicious user to use the operation to gain access to sensitive information in an arbitrary table, view, metadata or statistics...

4.3CVSS5.1AI score0.00374EPSS

Exploits0References5Affected Software1

Veracode•added 2017/03/20 12:53 a.m.•7 views

Leakage Of File And Folder Information

hive-exec is vulnerable to the leakage of file and folder information. The file and folder information is being logged when a query is canceled and the thread is interrupted...

6.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by