Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-26791

Applicability of CVE-2022-3171 on Hive exec

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • Hive
    • None

    Description

      Applicability of CVE-2022-3171  on Hive Exec 

      We are currently using hive-exec.jar - https://mvnrepository.com/artifact/org.apache.hive/hive-exec/2.3.7

      This jar contains, [ com.google|http://com.google/].protobuf v2.5.0 which has the vulnerability 'CVE 2022-3171'(https://nvd.nist.gov/vuln/detail/CVE-2022-3171)

      Could you please let us know if this vulnerability is a false positive or affects the hive-exec jar v2.3.7 in any way? 

      In case this vulnerability is applicable, can we have the fix ASAP

       

      Attachments

        Activity

          People

            Unassigned Unassigned
            jeevireddy Jeevi Reddy Gudibandi
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: