Описание
SQL Injection in hive-jdbc
This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation.
Ссылки
Пакеты
org.apache.hive:hive-jdbc
>= 0.7.1, < 2.3.3
2.3.3
Связанные уязвимости
This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation.
This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation.
Уязвимость компонента Analytics Server программной платформы Oracle Business Intelligence Enterprise Edition, позволяющая нарушителю выполнить произвольные SQL команды