Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.hive/hive@2.3.1
Typemaven
Namespaceorg.apache.hive
Namehive
Version2.3.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.3.8
Latest_non_vulnerable_version3.1.3
Affected_by_vulnerabilities
0
url VCID-12xd-nb8g-23gc
vulnerability_id VCID-12xd-nb8g-23gc
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-11777
reference_id
reference_type
scores
0
value 0.00249
scoring_system epss
scoring_elements 0.4836
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-11777
1
reference_url https://github.com/apache/hive/commit/00c0ee7bc4b8492476b377a6edafcc33411f14b
reference_id
reference_type
scores
url https://github.com/apache/hive/commit/00c0ee7bc4b8492476b377a6edafcc33411f14b
2
reference_url https://github.com/apache/hive/commit/1a1d6ca1bc3ae840238dc345fa1eb2c7c28c8cb
reference_id
reference_type
scores
url https://github.com/apache/hive/commit/1a1d6ca1bc3ae840238dc345fa1eb2c7c28c8cb
3
reference_url https://github.com/apache/hive/commit/f0419dfaabe31dd7802c37aeebab101265907e1
reference_id
reference_type
scores
url https://github.com/apache/hive/commit/f0419dfaabe31dd7802c37aeebab101265907e1
4
reference_url https://lists.apache.org/thread.html/963c8e2516405c9b532b4add16c03b2c5db621e0c83e80f45049cbbb@%3Cdev.hive.apache.org%3E
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/963c8e2516405c9b532b4add16c03b2c5db621e0c83e80f45049cbbb@%3Cdev.hive.apache.org%3E
5
reference_url http://www.securityfocus.com/bid/105886
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/105886
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-11777
reference_id CVE-2018-11777
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-11777
7
reference_url https://github.com/advisories/GHSA-rrfq-g5fq-fc9c
reference_id GHSA-rrfq-g5fq-fc9c
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-rrfq-g5fq-fc9c
fixed_packages
0
url pkg:maven/org.apache.hive/hive@2.3.4
purl pkg:maven/org.apache.hive/hive@2.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rs3p-yb2z-3bfd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive@2.3.4
1
url pkg:maven/org.apache.hive/hive@3.1.1
purl pkg:maven/org.apache.hive/hive@3.1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive@3.1.1
aliases CVE-2018-11777, GHSA-rrfq-g5fq-fc9c
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-12xd-nb8g-23gc
1
url VCID-jq4c-tghp-s3c8
vulnerability_id VCID-jq4c-tghp-s3c8
summary 
Missing Authorization
The Hive `EXPLAIN` operation does not check for necessary authorization of involved entities in a query. An unauthorized user can do `EXPLAIN` on arbitrary table or view and expose table metadata and statistics.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1314
reference_id
reference_type
scores
0
value 0.00374
scoring_system epss
scoring_elements 0.59365
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1314
1
reference_url https://lists.apache.org/thread.html/3da47dbcbf09697387f29d2f1aed970523b6b334d93afd3cced23727@%3Cdev.hive.apache.org%3E
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/3da47dbcbf09697387f29d2f1aed970523b6b334d93afd3cced23727@%3Cdev.hive.apache.org%3E
2
reference_url http://www.securityfocus.com/bid/105884
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/105884
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1314
reference_id CVE-2018-1314
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1314
4
reference_url https://github.com/advisories/GHSA-jmf4-pq78-f8vj
reference_id GHSA-jmf4-pq78-f8vj
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-jmf4-pq78-f8vj
fixed_packages
0
url pkg:maven/org.apache.hive/hive@2.3.4
purl pkg:maven/org.apache.hive/hive@2.3.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rs3p-yb2z-3bfd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive@2.3.4
1
url pkg:maven/org.apache.hive/hive@3.1.1
purl pkg:maven/org.apache.hive/hive@3.1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive@3.1.1
aliases CVE-2018-1314, GHSA-jmf4-pq78-f8vj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jq4c-tghp-s3c8
2
url VCID-kwsx-3cxw-8uaa
vulnerability_id VCID-kwsx-3cxw-8uaa
summary 
Incorrect Permission Assignment for Critical Resource
In Apache Hiveto, when `COPY FROM FTP` statement is run using HPL/SQL extension to Hive, a compromised/malicious FTP server can cause the file to be written to an arbitrary location on the cluster where the command is run from. This is because FTP client code in HPL/SQL does not verify the destination location of the downloaded file. This does not affect hive cli user and hiveserver2 user as hplsql is a separate command line script and needs to be invoked differently.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1315
reference_id
reference_type
scores
0
value 0.01026
scoring_system epss
scoring_elements 0.77586
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1315
1
reference_url https://lists.apache.org/thread.html/d5da94ef60312c01a8d2348466680d1b5fb70702c71a3e84e94f7933@%3Cdev.hive.apache.org%3E
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/d5da94ef60312c01a8d2348466680d1b5fb70702c71a3e84e94f7933@%3Cdev.hive.apache.org%3E
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1315
reference_id CVE-2018-1315
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1315
3
reference_url https://github.com/advisories/GHSA-p639-xxv5-j383
reference_id GHSA-p639-xxv5-j383
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-p639-xxv5-j383
fixed_packages
0
url pkg:maven/org.apache.hive/hive@2.3.3
purl pkg:maven/org.apache.hive/hive@2.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12xd-nb8g-23gc
1
vulnerability VCID-jq4c-tghp-s3c8
2
vulnerability VCID-rs3p-yb2z-3bfd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive@2.3.3
aliases CVE-2018-1315, GHSA-p639-xxv5-j383
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kwsx-3cxw-8uaa
3
url VCID-rs3p-yb2z-3bfd
vulnerability_id VCID-rs3p-yb2z-3bfd
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1926
reference_id
reference_type
scores
0
value 0.00478
scoring_system epss
scoring_elements 0.65311
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1926
1
reference_url https://issues.apache.org/jira/browse/HIVE-22708
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/HIVE-22708
2
reference_url https://lists.apache.org/thread.html/rd186eedff68102ba1e68059a808101c5aa587e11542c7dcd26e7b9d7%40%3Cuser.hive.apache.org%3E
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd186eedff68102ba1e68059a808101c5aa587e11542c7dcd26e7b9d7%40%3Cuser.hive.apache.org%3E
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1926
reference_id CVE-2020-1926
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1926
4
reference_url https://github.com/advisories/GHSA-54g4-5cf6-hjp3
reference_id GHSA-54g4-5cf6-hjp3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-54g4-5cf6-hjp3
fixed_packages
0
url pkg:maven/org.apache.hive/hive@2.3.8
purl pkg:maven/org.apache.hive/hive@2.3.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive@2.3.8
aliases CVE-2020-1926, GHSA-54g4-5cf6-hjp3
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rs3p-yb2z-3bfd
4
url VCID-w6dq-9zaa-ykhb
vulnerability_id VCID-w6dq-9zaa-ykhb
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1284
reference_id
reference_type
scores
0
value 0.00469
scoring_system epss
scoring_elements 0.64841
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1284
1
reference_url https://github.com/apache/hive/commit/b0a58d245875dc1b3ac58a7cf1a61d3b17805e96
reference_id
reference_type
scores
url https://github.com/apache/hive/commit/b0a58d245875dc1b3ac58a7cf1a61d3b17805e96
2
reference_url https://github.com/apache/hive/commit/f80a38ae1174553022deae4f8774918401d9756d
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apache/hive/commit/f80a38ae1174553022deae4f8774918401d9756d
3
reference_url https://issues.apache.org/jira/browse/HIVE-18879
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/HIVE-18879
4
reference_url https://lists.apache.org/thread.html/29184dbce4a37be2af36e539ecb479b1d27868f73ccfdff46c7174b4@%3Cdev.hive.apache.org%3E
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/29184dbce4a37be2af36e539ecb479b1d27868f73ccfdff46c7174b4@%3Cdev.hive.apache.org%3E
5
reference_url http://www.securityfocus.com/bid/103750
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/103750
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1284
reference_id CVE-2018-1284
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1284
7
reference_url https://github.com/advisories/GHSA-rxmr-c9jm-7mm8
reference_id GHSA-rxmr-c9jm-7mm8
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-rxmr-c9jm-7mm8
fixed_packages
0
url pkg:maven/org.apache.hive/hive@2.3.3
purl pkg:maven/org.apache.hive/hive@2.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12xd-nb8g-23gc
1
vulnerability VCID-jq4c-tghp-s3c8
2
vulnerability VCID-rs3p-yb2z-3bfd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive@2.3.3
aliases CVE-2018-1284, GHSA-rxmr-c9jm-7mm8
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w6dq-9zaa-ykhb
Fixing_vulnerabilities
0
url VCID-bhp4-12yw-bqdn
vulnerability_id VCID-bhp4-12yw-bqdn
summary 
Information Exposure
Apache Hive expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for masked columns.
references
0
reference_url http://mail-archives.apache.org/mod_mbox/hive-user/201710.mbox/%3C3791103E-80D5-4E75-AF23-6F8ED54DDEBE%40apache.org%3E
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://mail-archives.apache.org/mod_mbox/hive-user/201710.mbox/%3C3791103E-80D5-4E75-AF23-6F8ED54DDEBE%40apache.org%3E
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12625
reference_id
reference_type
scores
0
value 0.00468
scoring_system epss
scoring_elements 0.64785
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12625
2
reference_url http://www.securityfocus.com/bid/101686
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/101686
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-12625
reference_id CVE-2017-12625
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-12625
4
reference_url https://github.com/advisories/GHSA-2g9q-chq2-w8qw
reference_id GHSA-2g9q-chq2-w8qw
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-2g9q-chq2-w8qw
fixed_packages
0
url pkg:maven/org.apache.hive/hive@2.1.2
purl pkg:maven/org.apache.hive/hive@2.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive@2.1.2
1
url pkg:maven/org.apache.hive/hive@2.2.1
purl pkg:maven/org.apache.hive/hive@2.2.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive@2.2.1
2
url pkg:maven/org.apache.hive/hive@2.3.1
purl pkg:maven/org.apache.hive/hive@2.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12xd-nb8g-23gc
1
vulnerability VCID-jq4c-tghp-s3c8
2
vulnerability VCID-kwsx-3cxw-8uaa
3
vulnerability VCID-rs3p-yb2z-3bfd
4
vulnerability VCID-w6dq-9zaa-ykhb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive@2.3.1
aliases CVE-2017-12625, GHSA-2g9q-chq2-w8qw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bhp4-12yw-bqdn
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.hive/hive@2.3.1