hive-exec is vulnerable to an information disclosure.The library does not properly handle permissions of entities in an EXPLAIN
operation, allowing a malicious user to use the operation to gain access to sensitive information in an arbitrary table, view, metadata or statistics.
CPE | Name | Operator | Version |
---|---|---|---|
hive query language | le | 1.2.1 | |
hive query language | le | 3.1.0 | |
hive query language | le | 2.3.3 |