VYPR

Maven package

org.apache.hbase/hbase-thrift

pkg:maven/org.apache.hbase/hbase-thrift

Vulnerabilities (1)

  • CVE-2018-8025HigJun 27, 2018
    affected >= 2.0.0, < 2.0.1fixed 2.0.1

    CVE-2018-8025 describes an issue in Apache HBase that affects the optional "Thrift 1" API server when running over HTTP. There is a race-condition which could lead to authenticated sessions being incorrectly applied to users, e.g. one authenticated user would be considered a diff