CVE-2018-1282
published 2018-04-05CVE-2018-1282: This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC…
critical9.1CVSS 3.0
AVNACLPRNUINSUCHIHAN
This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | hive | 0.7.1 – 2.3.2 | — |
| apache_software_foundation | apache_hive | — | — |