Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ApacheHive*

3 matches found

CVE
CVEadded 2021/02/12 8:15 p.m.573 views

CVE-2020-13949

In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service.

7.5CVSS7.1AI score0.00838EPSS
CVE
CVEadded 2022/07/16 7:15 a.m.90 views

CVE-2021-34538

Apache Hive before 3.1.3 "CREATE" and "DROP" function operations does not check for necessary authorization of involved entities in the query. It was found that an unauthorized user can manipulate an existing UDF without having the privileges to do so. This allowed unauthorized or underprivileged u...

7.5CVSS7.3AI score0.00284EPSS
CVE
CVEadded 2021/03/16 1:15 p.m.63 views

CVE-2020-1926

Apache Hive cookie signature verification used a non constant time comparison which is known to be vulnerable to timing attacks. This could allow recovery of another users cookie signature. The issue was addressed in Apache Hive 2.3.8

5.9CVSS5.4AI score0.00194EPSS