VYPR

Maven package

org.apache.hive/hive-llap-common

pkg:maven/org.apache.hive/hive-llap-common

Vulnerabilities (1)

  • CVE-2024-23953Jan 28, 2025
    affected < 4.0.0fixed 4.0.0

    Use of Arrays.equals() in LlapSignerImpl in Apache Hive to compare message signatures allows attacker to forge a valid signature for an arbitrary message byte by byte. The attacker should be an authorized user of the product to perform this attack. Users are recommended to upgrad