20 matches found
CVE-2024-23953
CVE-2024-23953 affects Apache Hive (LLAP); uses Arrays.equals() in LlapSignerImpl to compare signatures, introducing a timing discrepancy that can enable signature forgery by an authorized user. The issue stems from non-constant-time comparison, where mismatched bytes may reveal information throu...
CVE-2024-23945
CVE-2024-23945 → CookieSigner exposes the correct cookie signature to end users when a signature mismatch occurs. Affected: Hive service component and Spark Hive-ThriftServer (versions tied to HIVE-9710 1.2.0 and SPARK-14987 2.0.0). Root cause: flawed CookieSigner logic allows exposure of the sig...
CVE-2020-13949
CVE-2020-13949 affects Apache Thrift versions 0.9.3 through 0.13.0. The issue: malicious RPC clients can send short messages that trigger extremely large memory allocations, leading to a denial of service. The connected advisories confirm a remote DoS risk in Thrift with impact on servers handlin...
CVE-2022-41137
CVE-2022-41137 describes a vulnerability in Apache Hive Metastore (HMS) where the call to SerializationUtilities#deserializeObjectWithTypeInformation during filtering/fetching partitions is unsafe and can lead to remote code execution (RCE) via deserializing arbitrary data. The exploit requires a...
CVE-2018-1282
CVE-2018-1282 affects Apache Hive JDBC driver versions 0.7.1 through 2.3.2. The vulnerability arises from an error in the PreparedStatement argument handling, allowing carefully crafted inputs to bypass the driver’s argument escaping/cleanup. Several connected documents corroborate this CVE in th...
CVE-2018-21234
Jodd before 5.0.4 is affected by CVE-2018-21234: Deserialization of Untrusted JSON Data when setClassMetadataName is set. The issue stems from how the library handles deserialization, enabling potentially untrusted data to be deserialized. Impact is indicated as high (NVD CVSS v3.1 base score 9.8...
CVE-2021-34538
CVE-2021-34538 affects Apache Hive (before 3.1.3). The vulnerability arises when performing CREATE and DROP operations for UDFs, as authorization checks for involved entities are missing. This could allow an unauthorized user to drop and recreate UDFs and point them to new jars that may be malici...
CVE-2018-1314
CVE-2018-1314 affects Apache Hive 2.3.3, 3.1.0 and earlier. The EXPLAIN operation fails to enforce authorization on involved entities, allowing an unauthorized user to run EXPLAIN on arbitrary tables/views and disclose table metadata and statistics. Concrete references include NVD/CVE records and...
CVE-2018-1315
CVE-2018-1315 affects Apache Hive 2.1.0–2.3.2 when using the HPL/SQL extension and issuing COPY FROM FTP. The FTP client does not verify the destination path, allowing a compromised FTP server to cause the downloaded file to be written to an arbitrary location on the cluster where the command is ...
CVE-2015-7521
The CVE-2015-7521 entry concerns Apache Hive (versions 1.0.0–1.2.1) run on clusters protected by Ranger and SqlStdHiveAuthorization. It describes an authorization bypass where partition-level operations can grant access that should be denied at the parent table level, effectively bypassing parent...
CVE-2023-35701
Summary (CVE-2023-35701) : The issue is an improper control of code generation (code injection) in the Apache Hive JDBC driver component . It can allow an attacker with sufficient JDBC URL permissions to trigger arbitrary commands on the machine running the JDBC client, by serving a malicious HTT...
CVE-2018-1284
CVE-2018-1284 affects Apache Hive versions 0.6.0 through 2.3.2. A malicious user can leverage any of the xpath UDFs (xpath, xpath_string, xpath_boolean, xpath_number, xpath_double, xpath_float, xpath_long, xpath_int, xpath_short) to expose the content of a local file on the machine running HiveSe...
CVE-2017-12625
The CVE-2017-12625 issue affects Apache Hive: versions 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface for defining masking policies on tables/views (e.g., via Apache Ranger). Root cause: when a view is created over a table, policy enforcement is not correctly a...
CVE-2018-11777
CVE-2018-11777 affects Apache Hive (HiveServer2). In HiveServer2, local resources are not properly protected against a malicious user when the Ranger, Sentry, or SQL standard authorizer is not in use, across Hive versions 2.3.3, 3.1.0 and earlier. The root cause is insufficient protection of loca...
CVE-2020-1926
CVE-2020-1926 affects Apache Hive: cookie signature verification used a non-constant-time comparison, enabling timing attacks that could recover another user’s cookie signature. The issue is addressed in Apache Hive 2.3.8. Connected references describe the vulnerability as an information-disclosu...
CVE-2014-0228
CVE-2014-0228 affects Apache Hive 0.13.0 (prior to 0.13.1). In SQL standards based authorization mode, the directory permissions for URIs used in import/export statements are not properly checked, allowing remote authenticated users to access sensitive information via a crafted URI. Documented im...
CVE-2016-3083
CVE-2016-3083 affects Apache Hive JDBC/HiveServer2: SSL is used for plain TCP and HTTP, but the client may fail to verify the certificate’s common name during the SSL handshake in Hive versions before 1.2.2 and 2.0.x before 2.0.1. This can allow a server presenting a valid CA-signed cert for a di...
CVE-2024-29869
CVE-2024-29869 describes a permission misconfiguration where Hive writes a credentials file to a temporary directory with 644 permissions when unconstrained, allowing read access by unauthorized users. The issue is documented for Hive and is reflected in IBM watsonx.data advisories, which cite af...
CVE-2015-1772
CVE-2015-1772 affects HiveServer2 LDAP authentication in Apache Hive (used in IBM InfoSphere BigInsights and similar products). The issue arises when LDAP authentication is configured with simple unauthenticated or anonymous binds, letting remote attackers bypass authentication via crafted LDAP r...
CVE-2025-62728
CVE-2025-62728 (Apache Hive) : SQL injection in the Hive Metastore Server (HMS) when handling delete column statistics via Thrift APIs. Exploitation is limited to trusted/authorized callers with direct Thrift access; in typical deployments HMS is not publicly exposed and the issue is mitigated if...