advisory-database icon indicating copy to clipboard operation
advisory-database copied to clipboard

Published 20 hours ago verified publisher icon github

[GHSA-jf2m-435m-mxw8] SQL Injection in hive-jdbc

Open MarkLee131 opened this issue 1 year ago • 1 comments

Updates

  • References

Comments Add a patch https://github.com/apache/hive/commit/63df42966cf44ffdd20d3fcdcfb70738c0432ab, of which the commit message claims HIVE-18788: Clean up inputs in JDBC PreparedStatement (Daniel Dai, reviewed by Thejas Nair)

Add a patch https://github.com/apache/hive/commit/0330c1c0b62f3c2e6a4744048578dea55193b62, of which the commit message claims HIVE-18788: Clean up inputs in JDBC PreparedStatement (Daniel Dai, reviewed by Thejas Nair)

MarkLee131 avatar Mar 04 '24 13:03 MarkLee131

Hey @MarkLee131, thanks for the PR. Any chance you also have a reference linking the HIVE-18788 id to the CVE?

darakian avatar Mar 04 '24 20:03 darakian

👋 This pull request has been marked as stale because it has been open with no activity. You can: comment on the issue or remove the stale label to hold stale off for a while, add the Keep label to hold stale off permanently, or do nothing. If you do nothing this pull request will be closed eventually by the stale bot. Please see CONTRIBUTING.md for more policy details.

taladrane avatar Mar 26 '24 00:03 taladrane