Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-gqah-8x44-a3c9

Summary

Aliases

alias	CVE-2018-1282

alias	GHSA-jf2m-435m-mxw8

Fixed_packages

url pkg:maven/org.apache.hive/hive-jdbc@2.3.3

purl pkg:maven/org.apache.hive/hive-jdbc@2.3.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-jq4c-tghp-s3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@2.3.3

Affected_packages

url pkg:maven/org.apache.hive/hive-jdbc@0.7.1

purl pkg:maven/org.apache.hive/hive-jdbc@0.7.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@0.7.1

url pkg:maven/org.apache.hive/hive-jdbc@0.8.0

purl pkg:maven/org.apache.hive/hive-jdbc@0.8.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@0.8.0

url pkg:maven/org.apache.hive/hive-jdbc@0.8.1

purl pkg:maven/org.apache.hive/hive-jdbc@0.8.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@0.8.1

url pkg:maven/org.apache.hive/hive-jdbc@0.9.0

purl pkg:maven/org.apache.hive/hive-jdbc@0.9.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@0.9.0

url pkg:maven/org.apache.hive/hive-jdbc@0.10.0

purl pkg:maven/org.apache.hive/hive-jdbc@0.10.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@0.10.0

url pkg:maven/org.apache.hive/hive-jdbc@0.11.0

purl pkg:maven/org.apache.hive/hive-jdbc@0.11.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@0.11.0

url pkg:maven/org.apache.hive/hive-jdbc@0.12.0

purl pkg:maven/org.apache.hive/hive-jdbc@0.12.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@0.12.0

url pkg:maven/org.apache.hive/hive-jdbc@0.13.0

purl pkg:maven/org.apache.hive/hive-jdbc@0.13.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

vulnerability	VCID-xf72-ztd4-8kgd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@0.13.0

url pkg:maven/org.apache.hive/hive-jdbc@0.13.1

purl pkg:maven/org.apache.hive/hive-jdbc@0.13.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

vulnerability	VCID-xf72-ztd4-8kgd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@0.13.1

url pkg:maven/org.apache.hive/hive-jdbc@0.14.0

purl pkg:maven/org.apache.hive/hive-jdbc@0.14.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

vulnerability	VCID-xf72-ztd4-8kgd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@0.14.0

url pkg:maven/org.apache.hive/hive-jdbc@1.0.0

purl pkg:maven/org.apache.hive/hive-jdbc@1.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

vulnerability	VCID-xf72-ztd4-8kgd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@1.0.0

url pkg:maven/org.apache.hive/hive-jdbc@1.0.1

purl pkg:maven/org.apache.hive/hive-jdbc@1.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

vulnerability	VCID-xf72-ztd4-8kgd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@1.0.1

url pkg:maven/org.apache.hive/hive-jdbc@1.1.0

purl pkg:maven/org.apache.hive/hive-jdbc@1.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

vulnerability	VCID-xf72-ztd4-8kgd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@1.1.0

url pkg:maven/org.apache.hive/hive-jdbc@1.1.1

purl pkg:maven/org.apache.hive/hive-jdbc@1.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

vulnerability	VCID-xf72-ztd4-8kgd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@1.1.1

url pkg:maven/org.apache.hive/hive-jdbc@1.2.0

purl pkg:maven/org.apache.hive/hive-jdbc@1.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

vulnerability	VCID-xf72-ztd4-8kgd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@1.2.0

url pkg:maven/org.apache.hive/hive-jdbc@1.2.1

purl pkg:maven/org.apache.hive/hive-jdbc@1.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

vulnerability	VCID-xf72-ztd4-8kgd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@1.2.1

url pkg:maven/org.apache.hive/hive-jdbc@1.2.2

purl pkg:maven/org.apache.hive/hive-jdbc@1.2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@1.2.2

url pkg:maven/org.apache.hive/hive-jdbc@2.0.0

purl pkg:maven/org.apache.hive/hive-jdbc@2.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@2.0.0

url pkg:maven/org.apache.hive/hive-jdbc@2.0.1

purl pkg:maven/org.apache.hive/hive-jdbc@2.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@2.0.1

url pkg:maven/org.apache.hive/hive-jdbc@2.1.0

purl pkg:maven/org.apache.hive/hive-jdbc@2.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bhp4-12yw-bqdn

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@2.1.0

url pkg:maven/org.apache.hive/hive-jdbc@2.1.1

purl pkg:maven/org.apache.hive/hive-jdbc@2.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bhp4-12yw-bqdn

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@2.1.1

url pkg:maven/org.apache.hive/hive-jdbc@2.2.0

purl pkg:maven/org.apache.hive/hive-jdbc@2.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bhp4-12yw-bqdn

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@2.2.0

url pkg:maven/org.apache.hive/hive-jdbc@2.3.0

purl pkg:maven/org.apache.hive/hive-jdbc@2.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bhp4-12yw-bqdn

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@2.3.0

url pkg:maven/org.apache.hive/hive-jdbc@2.3.1

purl pkg:maven/org.apache.hive/hive-jdbc@2.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@2.3.1

url pkg:maven/org.apache.hive/hive-jdbc@2.3.2

purl pkg:maven/org.apache.hive/hive-jdbc@2.3.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gqah-8x44-a3c9

vulnerability	VCID-jq4c-tghp-s3c8

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive-jdbc@2.3.2

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1282

reference_id

reference_type

scores

value	0.00297
scoring_system	epss
scoring_elements	0.53371
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1282

reference_url

https://github.com/apache/hive

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/hive

reference_url	https://github.com/apache/hive/commit/0330c1c0b62f3c2e6a4744048578dea55193b62
reference_id
reference_type
scores
url	https://github.com/apache/hive/commit/0330c1c0b62f3c2e6a4744048578dea55193b62

reference_url	https://github.com/apache/hive/commit/63df42966cf44ffdd20d3fcdcfb70738c0432ab
reference_id
reference_type
scores
url	https://github.com/apache/hive/commit/63df42966cf44ffdd20d3fcdcfb70738c0432ab

reference_url

https://lists.apache.org/thread.html/74bd2bff1827febb348dfb323986fa340d3bb97a315ab93c3ccc8299@%3Cdev.hive.apache.org%3E

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/74bd2bff1827febb348dfb323986fa340d3bb97a315ab93c3ccc8299@%3Cdev.hive.apache.org%3E

reference_url

https://web.archive.org/web/20200227125536/http://www.securityfocus.com/bid/103751

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200227125536/http://www.securityfocus.com/bid/103751

reference_url	http://www.securityfocus.com/bid/103751
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/103751

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-1282

reference_id

CVE-2018-1282

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-1282

reference_url

https://github.com/advisories/GHSA-jf2m-435m-mxw8

reference_id

GHSA-jf2m-435m-mxw8

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-jf2m-435m-mxw8

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	89
name	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
description	The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

Severity_range_score 9.0 - 10.0

Exploitability 0.5

Weighted_severity 9.0

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gqah-8x44-a3c9

Vulnerability Instance