pkg:maven/org.apache.hive/hive
Type
maven
Namespace
org.apache.hive
Name
hive
Known advisories, vulnerabilities and fixes for org.apache.hive/hive package.
High
4
Moderate
2
Low
3
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | = 2.3.0 = 2.2.0 >= 2.1.0, < 2.1.2 |
CVE-2017-12625
|
MAVEN:GHSA-2G9Q-CHQ2-W8QW | Moderate severity vulnerability that affects org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service | moderate |
2019-03-14T15:40:16
(5 years ago) |
|
Fixed | = 2.3.1 = 2.2.1 = 2.1.2 |
CVE-2017-12625
|
MAVEN:GHSA-2G9Q-CHQ2-W8QW | Moderate severity vulnerability that affects org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service | moderate |
2019-03-14T15:40:16
(5 years ago) |
|
Affected | < 2.3.8 |
CVE-2020-1926
|
MAVEN:GHSA-54G4-5CF6-HJP3 | Apache Hive Information Exposure and Observable Timing Discrepancy | moderate |
2022-02-09T00:48:54
(2 years ago) |
|
Fixed | = 2.3.8 |
CVE-2020-1926
|
MAVEN:GHSA-54G4-5CF6-HJP3 | Apache Hive Information Exposure and Observable Timing Discrepancy | moderate |
2022-02-09T00:48:54
(2 years ago) |
|
Affected | = 1.1.0 = 1.0.0 |
CVE-2015-1772
|
MAVEN:GHSA-5GVM-HRW5-H6XF | Improper Authentication in org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service | high |
2019-03-14T15:40:44
(5 years ago) |
|
Fixed | = 1.1.1 = 1.0.1 |
CVE-2015-1772
|
MAVEN:GHSA-5GVM-HRW5-H6XF | Improper Authentication in org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service | high |
2019-03-14T15:40:44
(5 years ago) |
|
Affected | >= 1.0.0, < 1.2.2 |
CVE-2015-7521
|
MAVEN:GHSA-83R3-C79W-F6WC | High severity vulnerability that affects org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service | high |
2018-11-21T22:23:49
(5 years ago) |
|
Fixed | = 1.2.2 |
CVE-2015-7521
|
MAVEN:GHSA-83R3-C79W-F6WC | High severity vulnerability that affects org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service | high |
2018-11-21T22:23:49
(5 years ago) |
|
Affected | = 2.0.0 < 1.2.2 |
CVE-2016-3083
|
MAVEN:GHSA-GF2V-9HP6-44QG | org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service vulnerable to Improper Certificate Validation | high |
2019-03-14T15:40:32
(5 years ago) |
|
Fixed | = 2.0.1 = 1.2.2 |
CVE-2016-3083
|
MAVEN:GHSA-GF2V-9HP6-44QG | org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service vulnerable to Improper Certificate Validation | high |
2019-03-14T15:40:32
(5 years ago) |
|
Affected | >= 2.1.0, < 2.3.3 |
CVE-2018-1315
|
MAVEN:GHSA-P639-XXV5-J383 | Incorrect Permission Assignment for Critical Resource in Apache hive | low |
2018-11-21T22:24:08
(5 years ago) |
|
Fixed | = 2.3.3 |
CVE-2018-1315
|
MAVEN:GHSA-P639-XXV5-J383 | Incorrect Permission Assignment for Critical Resource in Apache hive | low |
2018-11-21T22:24:08
(5 years ago) |
|
Affected | >= 0.6.0, < 2.3.3 |
CVE-2018-1284
|
MAVEN:GHSA-RXMR-C9JM-7MM8 | Exposure of Sensitive Information to an Unauthorized Actor in Apache hive | low |
2018-11-21T22:24:22
(5 years ago) |
|
Fixed | = 2.3.3 |
CVE-2018-1284
|
MAVEN:GHSA-RXMR-C9JM-7MM8 | Exposure of Sensitive Information to an Unauthorized Actor in Apache hive | low |
2018-11-21T22:24:22
(5 years ago) |
|
Affected | < 3.1.3 |
CVE-2021-34538
|
MAVEN:GHSA-V3P8-J597-3XG8 | Apache Hive before 3.1.3 `CREATE` and `DROP` function operations do not check for necessary authorization. | high |
2022-07-17T00:00:45
(2 years ago) |
|
Fixed | = 3.1.3 |
CVE-2021-34538
|
MAVEN:GHSA-V3P8-J597-3XG8 | Apache Hive before 3.1.3 `CREATE` and `DROP` function operations do not check for necessary authorization. | high |
2022-07-17T00:00:45
(2 years ago) |
|
Affected | < 0.13.1 |
CVE-2014-0228
|
MAVEN:GHSA-W4X9-4F5X-8JJ8 | Low severity vulnerability that affects org.apache.hive:hive-exec, org.apache.hive:hive, and org.apache.hive:hive-service | low |
2018-11-21T22:23:29
(5 years ago) |
|
Fixed | = 0.13.1 |
CVE-2014-0228
|
MAVEN:GHSA-W4X9-4F5X-8JJ8 | Low severity vulnerability that affects org.apache.hive:hive-exec, org.apache.hive:hive, and org.apache.hive:hive-service | low |
2018-11-21T22:23:29
(5 years ago) |