CVE-2017-12625: Information Exposure

November 1, 2017 (updated November 21, 2017)

Apache Hive expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for masked columns.

References

mail-archives.apache.org/mod_mbox/hive-user/201710.mbox/%3C3791103E-80D5-4E75-AF23-6F8ED54DDEBE%40apache.org%3E
www.securityfocus.com/bid/101686
nvd.nist.gov/vuln/detail/CVE-2017-12625

Code Behaviors & Features

Detect and mitigate CVE-2017-12625 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →