pkg:maven/org.apache.hive/hive

Type maven

Namespace org.apache.hive

Name hive

Known advisories, vulnerabilities and fixes for org.apache.hive/hive package.

Repository: https://mvnrepository.com/artifact/org.apache.hive/hive

High 4

Moderate 2

Low 3

Type	Version	Distribution	# CVEs	# Advisory ID	Title	Severity	Published
Affected	= 2.3.0 = 2.2.0 >= 2.1.0, < 2.1.2		CVE-2017-12625	MAVEN:GHSA-2G9Q-CHQ2-W8QW	Moderate severity vulnerability that affects org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service	moderate	2019-03-14T15:40:16 (5 years ago)
Fixed	= 2.3.1 = 2.2.1 = 2.1.2		CVE-2017-12625	MAVEN:GHSA-2G9Q-CHQ2-W8QW	Moderate severity vulnerability that affects org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service	moderate	2019-03-14T15:40:16 (5 years ago)
Affected	< 2.3.8		CVE-2020-1926	MAVEN:GHSA-54G4-5CF6-HJP3	Apache Hive Information Exposure and Observable Timing Discrepancy	moderate	2022-02-09T00:48:54 (2 years ago)
Fixed	= 2.3.8		CVE-2020-1926	MAVEN:GHSA-54G4-5CF6-HJP3	Apache Hive Information Exposure and Observable Timing Discrepancy	moderate	2022-02-09T00:48:54 (2 years ago)
Affected	= 1.1.0 = 1.0.0		CVE-2015-1772	MAVEN:GHSA-5GVM-HRW5-H6XF	Improper Authentication in org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service	high	2019-03-14T15:40:44 (5 years ago)
Fixed	= 1.1.1 = 1.0.1		CVE-2015-1772	MAVEN:GHSA-5GVM-HRW5-H6XF	Improper Authentication in org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service	high	2019-03-14T15:40:44 (5 years ago)
Affected	>= 1.0.0, < 1.2.2		CVE-2015-7521	MAVEN:GHSA-83R3-C79W-F6WC	High severity vulnerability that affects org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service	high	2018-11-21T22:23:49 (5 years ago)
Fixed	= 1.2.2		CVE-2015-7521	MAVEN:GHSA-83R3-C79W-F6WC	High severity vulnerability that affects org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service	high	2018-11-21T22:23:49 (5 years ago)
Affected	= 2.0.0 < 1.2.2		CVE-2016-3083	MAVEN:GHSA-GF2V-9HP6-44QG	org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service vulnerable to Improper Certificate Validation	high	2019-03-14T15:40:32 (5 years ago)
Fixed	= 2.0.1 = 1.2.2		CVE-2016-3083	MAVEN:GHSA-GF2V-9HP6-44QG	org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service vulnerable to Improper Certificate Validation	high	2019-03-14T15:40:32 (5 years ago)
Affected	>= 2.1.0, < 2.3.3		CVE-2018-1315	MAVEN:GHSA-P639-XXV5-J383	Incorrect Permission Assignment for Critical Resource in Apache hive	low	2018-11-21T22:24:08 (5 years ago)
Fixed	= 2.3.3		CVE-2018-1315	MAVEN:GHSA-P639-XXV5-J383	Incorrect Permission Assignment for Critical Resource in Apache hive	low	2018-11-21T22:24:08 (5 years ago)
Affected	>= 0.6.0, < 2.3.3		CVE-2018-1284	MAVEN:GHSA-RXMR-C9JM-7MM8	Exposure of Sensitive Information to an Unauthorized Actor in Apache hive	low	2018-11-21T22:24:22 (5 years ago)
Fixed	= 2.3.3		CVE-2018-1284	MAVEN:GHSA-RXMR-C9JM-7MM8	Exposure of Sensitive Information to an Unauthorized Actor in Apache hive	low	2018-11-21T22:24:22 (5 years ago)
Affected	< 3.1.3		CVE-2021-34538	MAVEN:GHSA-V3P8-J597-3XG8	Apache Hive before 3.1.3 `CREATE` and `DROP` function operations do not check for necessary authorization.	high	2022-07-17T00:00:45 (2 years ago)
Fixed	= 3.1.3		CVE-2021-34538	MAVEN:GHSA-V3P8-J597-3XG8	Apache Hive before 3.1.3 `CREATE` and `DROP` function operations do not check for necessary authorization.	high	2022-07-17T00:00:45 (2 years ago)
Affected	< 0.13.1		CVE-2014-0228	MAVEN:GHSA-W4X9-4F5X-8JJ8	Low severity vulnerability that affects org.apache.hive:hive-exec, org.apache.hive:hive, and org.apache.hive:hive-service	low	2018-11-21T22:23:29 (5 years ago)
Fixed	= 0.13.1		CVE-2014-0228	MAVEN:GHSA-W4X9-4F5X-8JJ8	Low severity vulnerability that affects org.apache.hive:hive-exec, org.apache.hive:hive, and org.apache.hive:hive-service	low	2018-11-21T22:23:29 (5 years ago)