apache/hive: The latest CVE Vulnerabilities and Exploits for Penetration Test
apache/hive Vulnerability Summary Vendor name: apache Product name: hive Total vulnerabilities: 14 (as 2023-05-04) apache/hive Vulnerability List CVE-2020-1926: Apache Hive cookie signature verification used a non constant time comparison which is known to… Published: 2021-03-16T13:15:00 Last Modified: 2021-03-22T20:21:00
Summary
Apache Hive cookie signature verification used a non constant time comparison which is known to be vulnerable to timing attacks. This could allow recovery of another users cookie signature. The issue was addressed in Apache Hive 2.