📦 Hive

This vulnerability in Apache Hive Metastore allows authenticated users to achieve remote code execution by exploiting unsafe deserialization in partition filtering operations. Only authenticated clien...

This vulnerability in Apache Hive allows unauthorized users to manipulate existing User-Defined Functions (UDFs) without proper authorization checks. Attackers can drop and recreate UDFs to point to m...

This SQL injection vulnerability in Apache Hive Metastore Server allows authorized users to execute arbitrary SQL commands when calling Thrift APIs to delete column statistics. It affects Hive version...

Apache Hive and Spark expose correct cookie signatures during signature mismatch errors, potentially allowing attackers to forge valid signed cookies. This affects systems using Hive service or Spark ...

This CVE describes a code injection vulnerability in Apache Hive's JDBC driver that allows arbitrary code execution on client systems. Attackers can exploit it by tricking users into connecting to mal...