6 matches found
Exposure of Sensitive Information to an Unauthorized Actor in Apache hive
In Apache Hive 0.6.0 to 2.3.2, malicious user might use any xpath UDFs xpath/xpathstring/xpathboolean/xpathnumber/xpathdouble/xpathfloat/xpathlong/xpathint/xpathshort to expose the content of a file on the machine running HiveServer2 owned by HiveServer2 user usually hive if...
CVE-2018-1284
In Apache Hive 0.6.0 to 2.3.2, malicious user might use any xpath UDFs xpath/xpathstring/xpathboolean/xpathnumber/xpathdouble/xpathfloat/xpathlong/xpathint/xpathshort to expose the content of a file on the machine running HiveServer2 owned by HiveServer2 user usually hive if...
CVE-2018-1284
In Apache Hive 0.6.0 to 2.3.2, malicious user might use any xpath UDFs xpath/xpathstring/xpathboolean/xpathnumber/xpathdouble/xpathfloat/xpathlong/xpathint/xpathshort to expose the content of a file on the machine running HiveServer2 owned by HiveServer2 user usually hive if...
CVE-2018-1284
In Apache Hive 0.6.0 to 2.3.2, malicious user might use any xpath UDFs xpath/xpathstring/xpathboolean/xpathnumber/xpathdouble/xpathfloat/xpathlong/xpathint/xpathshort to expose the content of a file on the machine running HiveServer2 owned by HiveServer2 user usually hive if...
CVE-2018-1284
In Apache Hive 0.6.0 to 2.3.2, malicious user might use any xpath UDFs xpath/xpathstring/xpathboolean/xpathnumber/xpathdouble/xpathfloat/xpathlong/xpathint/xpathshort to expose the content of a file on the machine running HiveServer2 owned by HiveServer2 user usually hive if...
CVE-2018-1284
CVE-2018-1284 affects Apache Hive versions 0.6.0 through 2.3.2. A malicious user can leverage any of the xpath UDFs (xpath, xpath_string, xpath_boolean, xpath_number, xpath_double, xpath_float, xpath_long, xpath_int, xpath_short) to expose the content of a local file on the machine running HiveSe...