4.0.1
13 years ago
2 months ago
Known vulnerabilities in the org.apache.hive:hive-jdbc package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
Affected versions of the package are vulnerable to SQL Injection attacks if
the input parameters are not properly cleaned.
An attacker may be send specially crafted arguments to bypass the argument escaping/cleanup that JDBC driver does in the How to fix SQL Injection? Upgrade | [0.7.1,2.3.3) |