4 matches found
Input validation
Multiple incomplete blacklist vulnerabilities in Apache Sentry before 1.7.0 allow remote authenticated users to execute arbitrary code via the 1 reflect, 2 reflect2, or 3 javamethod Hive builtin functions...
CVE-2016-0760
Multiple incomplete blacklist vulnerabilities in Apache Sentry before 1.7.0 allow remote authenticated users to execute arbitrary code via the 1 reflect, 2 reflect2, or 3 javamethod Hive builtin functions...
CVE-2016-0760
CVE-2016-0760 pertains to Apache Sentry prior to 1.7.0, where multiple incomplete blacklist checks allow remote authenticated users to execute arbitrary code through the Hive builtin functions reflect, reflect2, and java_method. The linked records (NVD, OSV, CNVD, CVE lists) consistently describe...
Hive Built-in Function Arbitrary Code Execution Vulnerability
hive is a data warehouse tool based on Hadoop that maps structured data files to a single database table and provides simple sql query functionality that can convert sql statements into MapReduce tasks to run. Arbitrary code execution vulnerabilities exist in the 'reflect', 'reflect2' and...