Medium severity4.3NVD Advisory· Published Nov 1, 2017· Updated Jun 17, 2026
CVE-2017-12625
CVE-2017-12625
Description
Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for masked columns.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.hive:hiveMaven | >= 2.1.0, < 2.1.2 | 2.1.2 |
org.apache.hive:hiveMaven | >= 2.2.0, < 2.2.1 | 2.2.1 |
org.apache.hive:hiveMaven | >= 2.3.0, < 2.3.1 | 2.3.1 |
org.apache.hive:hive-execMaven | >= 2.1.0, < 2.1.2 | 2.1.2 |
org.apache.hive:hive-execMaven | >= 2.2.0, < 2.2.1 | 2.2.1 |
org.apache.hive:hive-execMaven | >= 2.3.0, < 2.3.1 | 2.3.1 |
org.apache.hive:hive-serviceMaven | >= 2.1.0, < 2.1.2 | 2.1.2 |
org.apache.hive:hive-serviceMaven | >= 2.2.0, < 2.2.1 | 2.2.1 |
org.apache.hive:hive-serviceMaven | >= 2.3.0, < 2.3.1 | 2.3.1 |
Affected products
8- ghsa-coords3 versionspkg:maven/org.apache.hive/hivepkg:maven/org.apache.hive/hive-execpkg:maven/org.apache.hive/hive-service
>= 2.1.0, < 2.1.2+ 2 more
- (no CPE)range: >= 2.1.0, < 2.1.2
- (no CPE)range: >= 2.1.0, < 2.1.2
- (no CPE)range: >= 2.1.0, < 2.1.2
Patches
Vulnerability mechanics
References
4- mail-archives.apache.org/mod_mbox/hive-user/201710.mbox/%3C3791103E-80D5-4E75-AF23-6F8ED54DDEBE%40apache.org%3EnvdMailing ListVendor AdvisoryWEB
- www.securityfocus.com/bid/101686nvdThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-2g9q-chq2-w8qwghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-12625ghsaADVISORY
News mentions
0No linked articles in our index yet.