[HIVE-16035] Investigate potential SQL injection vulnerability in Hive - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Invalid
Affects Version/s: None
Fix Version/s: None
Component/s: Hive
Labels:
None

Description

Some of the queries in ObjectStore and MetastoreDirectSql classes append Strings variables directly to the query text. This JIRA is to investigate the possible vulnerabilities and fix them using parameterized queries.

Attachments

Activity

People

Assignee:: Vihang Karajgaonkar

Reporter:: Vihang Karajgaonkar

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 24/Feb/17 19:25

Updated:: 24/Feb/17 21:40

Resolved:: 24/Feb/17 21:36