CookieSigner exposes correct signature upon verification failure, risking exploitation in Apache Hive and Spark.
Reporter | Title | Published | Views | Family All 7 |
---|---|---|---|---|
Cvelist | CVE-2024-23945 Apache Hive, Apache Spark, Apache Spark: CookieSigner exposes the correct signature when message verification fails | 23 Dec 202415:26 | – | cvelist |
Github Security Blog | Apache Hive and Spark: CookieSigner exposes the correct signature when message verification fails | 23 Dec 202418:30 | – | github |
OSV | Apache Hive and Spark: CookieSigner exposes the correct signature when message verification fails | 23 Dec 202418:30 | – | osv |
OSV | CVE-2024-23945 | 23 Dec 202416:15 | – | osv |
CVE | CVE-2024-23945 | 23 Dec 202416:15 | – | cve |
Veracode | Sensitive Information Exposure | 8 Jan 202504:39 | – | veracode |
NVD | CVE-2024-23945 | 23 Dec 202416:15 | – | nvd |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo