Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
---|---|---|---|---|---|
CVE-2021-34538 | Low | Jul 16, 2022 | Apache Hive before 3.1.3 "CREATE" and "DROP" function operations does not check for necessary authorization of involved entities in the query. It was f more... |
2.3.7, 3.1.2, 2.3.6, 2.3.5, 2.3.4, 3.1.1, 3.1.0, 3.0.0, 2.3.3, 2.3.2
|
|
CVE-2020-1926 | Medium | Mar 16, 2021 | Apache Hive cookie signature verification used a non constant time comparison which is known to be vulnerable to timing attacks. This could allow recov more... |
2.3.7, 2.3.6, 2.3.5, 2.3.4, 2.3.3, 2.3.2, 2.3.1, 2.2.0, 2.3.0, 1.2.2
|
|
CVE-2020-13949 | Medium | Feb 12, 2021 | In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading more... |
2.3.7, 3.1.2, 2.3.6, 2.3.5, 2.3.4, 3.1.1, 3.1.0, 3.0.0, 2.3.3, 2.3.2
|