Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.hive/hive-service@1.1.1
Typemaven
Namespaceorg.apache.hive
Namehive-service
Version1.1.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.0.0
Latest_non_vulnerable_version4.0.0
Affected_by_vulnerabilities
0
url VCID-cccj-uhyy-hbew
vulnerability_id VCID-cccj-uhyy-hbew
summary 
Information Exposure
In Apache Hiveto, malicious user might use any xpath UDFs to expose the content of a file on the machine running HiveServer2 owned by HiveServer2 user (usually hive) if `hive.serverenable.doAs=false`.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1284.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1284.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1284
reference_id
reference_type
scores
0
value 0.00469
scoring_system epss
scoring_elements 0.6492
published_at 2026-06-05T12:55:00Z
1
value 0.00469
scoring_system epss
scoring_elements 0.64878
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1284
2
reference_url https://github.com/apache/hive/commit/b0a58d245875dc1b3ac58a7cf1a61d3b17805e96
reference_id
reference_type
scores
url https://github.com/apache/hive/commit/b0a58d245875dc1b3ac58a7cf1a61d3b17805e96
3
reference_url https://github.com/apache/hive/commit/f80a38ae1174553022deae4f8774918401d9756d
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hive/commit/f80a38ae1174553022deae4f8774918401d9756d
4
reference_url https://issues.apache.org/jira/browse/HIVE-18879
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/HIVE-18879
5
reference_url https://lists.apache.org/thread.html/29184dbce4a37be2af36e539ecb479b1d27868f73ccfdff46c7174b4@%3Cdev.hive.apache.org%3E
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29184dbce4a37be2af36e539ecb479b1d27868f73ccfdff46c7174b4@%3Cdev.hive.apache.org%3E
6
reference_url http://www.securityfocus.com/bid/103750
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/103750
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1564357
reference_id 1564357
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1564357
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1284
reference_id CVE-2018-1284
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1284
9
reference_url https://github.com/advisories/GHSA-rxmr-c9jm-7mm8
reference_id GHSA-rxmr-c9jm-7mm8
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-rxmr-c9jm-7mm8
fixed_packages
0
url pkg:maven/org.apache.hive/hive-service@2.3.3
purl pkg:maven/org.apache.hive/hive-service@2.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-banm-xcds-4uad
1
vulnerability VCID-gcgn-udwx-xqft
2
vulnerability VCID-he9j-yvcw-cuet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-service@2.3.3
aliases CVE-2018-1284, GHSA-rxmr-c9jm-7mm8
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cccj-uhyy-hbew
1
url VCID-e3vr-tx7y-xbg9
vulnerability_id VCID-e3vr-tx7y-xbg9
summary 
Improper Authentication
The authorization framework in Apache Hive 1.0.0, 1.0.1, 1.1.0, 1.1.1, 1.2.0 and 1.2.1, on clusters protected by Ranger and SqlStdHiveAuthorization, allows attackers to bypass intended parent table access restrictions via unspecified partition-level operations.
references
0
reference_url http://mail-archives.apache.org/mod_mbox/hive-user/201601.mbox/%3C20160128205008.2154F185EB%40minotaur.apache.org%3E
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://mail-archives.apache.org/mod_mbox/hive-user/201601.mbox/%3C20160128205008.2154F185EB%40minotaur.apache.org%3E
1
reference_url http://packetstormsecurity.com/files/135836/Apache-Hive-Authorization-Bypass.html
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/135836/Apache-Hive-Authorization-Bypass.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7521
reference_id
reference_type
scores
0
value 0.00404
scoring_system epss
scoring_elements 0.61323
published_at 2026-06-05T12:55:00Z
1
value 0.00404
scoring_system epss
scoring_elements 0.61275
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7521
3
reference_url https://github.com/apache/hive/commit/98f933f269e6b528ef84912b3d701ca3272ec04b
reference_id
reference_type
scores
url https://github.com/apache/hive/commit/98f933f269e6b528ef84912b3d701ca3272ec04b
4
reference_url http://www.openwall.com/lists/oss-security/2016/01/28/12
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/01/28/12
5
reference_url http://www.securityfocus.com/archive/1/537549/100/0/threaded
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/537549/100/0/threaded
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7521
reference_id CVE-2015-7521
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-7521
7
reference_url https://github.com/advisories/GHSA-83r3-c79w-f6wc
reference_id GHSA-83r3-c79w-f6wc
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-83r3-c79w-f6wc
fixed_packages
0
url pkg:maven/org.apache.hive/hive-service@1.2.2
purl pkg:maven/org.apache.hive/hive-service@1.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-banm-xcds-4uad
1
vulnerability VCID-cccj-uhyy-hbew
2
vulnerability VCID-gcgn-udwx-xqft
3
vulnerability VCID-he9j-yvcw-cuet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-service@1.2.2
aliases CVE-2015-7521, GHSA-83r3-c79w-f6wc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e3vr-tx7y-xbg9
2
url VCID-gcgn-udwx-xqft
vulnerability_id VCID-gcgn-udwx-xqft
summary 
Apache Hive before 3.1.3 `CREATE` and `DROP` function operations do not check for necessary authorization.
Apache Hive before 3.1.3 `CREATE` and `DROP` function operations do not check for necessary authorization of involved entities in the query. It was found that an unauthorized user can manipulate an existing UDF without having the privileges to do so. This allowed unauthorized or underprivileged users to drop and recreate UDFs pointing them to new jars that could be potentially malicious.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-34538
reference_id
reference_type
scores
0
value 0.00451
scoring_system epss
scoring_elements 0.64028
published_at 2026-06-04T12:55:00Z
1
value 0.00451
scoring_system epss
scoring_elements 0.6407
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-34538
1
reference_url https://github.com/apache/hive
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hive
2
reference_url https://lists.apache.org/thread/oqqgnhz4c6nxsfd0xstosnk0g15f7354
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/oqqgnhz4c6nxsfd0xstosnk0g15f7354
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-34538
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-34538
4
reference_url https://github.com/advisories/GHSA-v3p8-j597-3xg8
reference_id GHSA-v3p8-j597-3xg8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v3p8-j597-3xg8
fixed_packages
0
url pkg:maven/org.apache.hive/hive-service@3.1.3
purl pkg:maven/org.apache.hive/hive-service@3.1.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-banm-xcds-4uad
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-service@3.1.3
aliases CVE-2021-34538, GHSA-v3p8-j597-3xg8
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gcgn-udwx-xqft
3
url VCID-he9j-yvcw-cuet
vulnerability_id VCID-he9j-yvcw-cuet
summary 
Information Exposure
Apache Hive cookie signature verification used a non constant time comparison which is known to be vulnerable to timing attacks. This could allow recovery of another users cookie signature. The issue was addressed in Apache Hive
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1926
reference_id
reference_type
scores
0
value 0.00478
scoring_system epss
scoring_elements 0.65352
published_at 2026-06-04T12:55:00Z
1
value 0.00478
scoring_system epss
scoring_elements 0.65404
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1926
1
reference_url https://issues.apache.org/jira/browse/HIVE-22708
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/HIVE-22708
2
reference_url https://lists.apache.org/thread.html/rd186eedff68102ba1e68059a808101c5aa587e11542c7dcd26e7b9d7%40%3Cuser.hive.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd186eedff68102ba1e68059a808101c5aa587e11542c7dcd26e7b9d7%40%3Cuser.hive.apache.org%3E
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1926
reference_id CVE-2020-1926
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1926
4
reference_url https://github.com/advisories/GHSA-54g4-5cf6-hjp3
reference_id GHSA-54g4-5cf6-hjp3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-54g4-5cf6-hjp3
fixed_packages
0
url pkg:maven/org.apache.hive/hive-service@2.3.8
purl pkg:maven/org.apache.hive/hive-service@2.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-banm-xcds-4uad
1
vulnerability VCID-gcgn-udwx-xqft
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-service@2.3.8
aliases CVE-2020-1926, GHSA-54g4-5cf6-hjp3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-he9j-yvcw-cuet
4
url VCID-me8z-qek2-wfgn
vulnerability_id VCID-me8z-qek2-wfgn
summary 
Improper Certificate Validation
Apache Hive (JDBC + HiveServer2) implements SSL for plain TCP and HTTP connections (it supports both transport modes). While validating the server's certificate during the connection setup, the client in Apache Hive does not seem to be verifying the common name attribute of the certificate. In this way, if a JDBC client sends an SSL request to server `abc.com`, and the server responds with a valid certificate (certified by CA) but issued to `xyz.com`, the client will accept that as a valid certificate and the SSL handshake will go through.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3083
reference_id
reference_type
scores
0
value 0.00206
scoring_system epss
scoring_elements 0.42874
published_at 2026-06-04T12:55:00Z
1
value 0.00206
scoring_system epss
scoring_elements 0.42948
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3083
1
reference_url https://lists.apache.org/thread.html/0851bcf85635385f94cdaa008053802d92b4aab0a3075e30ed171192@%3Cdev.hive.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/0851bcf85635385f94cdaa008053802d92b4aab0a3075e30ed171192@%3Cdev.hive.apache.org%3E
2
reference_url http://www.securityfocus.com/bid/98669
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/98669
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3083
reference_id CVE-2016-3083
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3083
4
reference_url https://github.com/advisories/GHSA-gf2v-9hp6-44qg
reference_id GHSA-gf2v-9hp6-44qg
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-gf2v-9hp6-44qg
fixed_packages
0
url pkg:maven/org.apache.hive/hive-service@1.2.2
purl pkg:maven/org.apache.hive/hive-service@1.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-banm-xcds-4uad
1
vulnerability VCID-cccj-uhyy-hbew
2
vulnerability VCID-gcgn-udwx-xqft
3
vulnerability VCID-he9j-yvcw-cuet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-service@1.2.2
1
url pkg:maven/org.apache.hive/hive-service@2.0.1
purl pkg:maven/org.apache.hive/hive-service@2.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-banm-xcds-4uad
1
vulnerability VCID-cccj-uhyy-hbew
2
vulnerability VCID-gcgn-udwx-xqft
3
vulnerability VCID-he9j-yvcw-cuet
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-service@2.0.1
aliases CVE-2016-3083, GHSA-gf2v-9hp6-44qg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-me8z-qek2-wfgn
Fixing_vulnerabilities
0
url VCID-6ppt-m2fe-1uge
vulnerability_id VCID-6ppt-m2fe-1uge
summary 
Improper Authentication
The LDAP implementation in HiveServer2 in Apache Hive before 1.0.1 and 1.1.x before 1.1.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, mishandles simple unauthenticated and anonymous bind configurations, which allows remote attackers to bypass authentication via a crafted LDAP request.
references
0
reference_url http://mail-archives.apache.org/mod_mbox/www-announce/201505.mbox/%3CCAOpgucy52yzNN1FaRcxwhZmx8ZtNRjmK6V0Bxk4svAD-R1q70Q@mail.gmail.com%3E
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://mail-archives.apache.org/mod_mbox/www-announce/201505.mbox/%3CCAOpgucy52yzNN1FaRcxwhZmx8ZtNRjmK6V0Bxk4svAD-R1q70Q@mail.gmail.com%3E
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1772.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1772.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-1772
reference_id
reference_type
scores
0
value 0.00163
scoring_system epss
scoring_elements 0.37065
published_at 2026-06-05T12:55:00Z
1
value 0.00163
scoring_system epss
scoring_elements 0.36975
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-1772
3
reference_url https://github.com/apache/hive/commit/6929846a8120eaf094b914b4ca8af80b65f891c8
reference_id
reference_type
scores
url https://github.com/apache/hive/commit/6929846a8120eaf094b914b4ca8af80b65f891c8
4
reference_url https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html
5
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21969546
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www-01.ibm.com/support/docview.wss?uid=swg21969546
6
reference_url http://www.securitytracker.com/id/1034365
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1034365
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1293837
reference_id 1293837
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1293837
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-1772
reference_id CVE-2015-1772
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-1772
9
reference_url https://github.com/advisories/GHSA-5gvm-hrw5-h6xf
reference_id GHSA-5gvm-hrw5-h6xf
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-5gvm-hrw5-h6xf
fixed_packages
0
url pkg:maven/org.apache.hive/hive-service@1.0.1
purl pkg:maven/org.apache.hive/hive-service@1.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cccj-uhyy-hbew
1
vulnerability VCID-e3vr-tx7y-xbg9
2
vulnerability VCID-gcgn-udwx-xqft
3
vulnerability VCID-he9j-yvcw-cuet
4
vulnerability VCID-me8z-qek2-wfgn
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-service@1.0.1
1
url pkg:maven/org.apache.hive/hive-service@1.1.1
purl pkg:maven/org.apache.hive/hive-service@1.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cccj-uhyy-hbew
1
vulnerability VCID-e3vr-tx7y-xbg9
2
vulnerability VCID-gcgn-udwx-xqft
3
vulnerability VCID-he9j-yvcw-cuet
4
vulnerability VCID-me8z-qek2-wfgn
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-service@1.1.1
aliases CVE-2015-1772, GHSA-5gvm-hrw5-h6xf
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6ppt-m2fe-1uge
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-service@1.1.1