[jira] [Created] (HIVE-26791) Applicability of CVE-2022-3171 on Hive exec

Jeevi Reddy Gudibandi (Jira) Tue, 29 Nov 2022 21:53:11 -0800

Jeevi Reddy Gudibandi created HIVE-26791:
--------------------------------------------


             Summary: Applicability of CVE-2022-3171  on Hive exec 
                 Key: HIVE-26791
                 URL: https://issues.apache.org/jira/browse/HIVE-26791
             Project: Hive
          Issue Type: Bug
          Components: Hive
            Reporter: Jeevi Reddy Gudibandi


Applicability of CVE-2022-3171  on Hive Exec 

We are currently using hive-exec.jar - 
[https://mvnrepository.com/artifact/org.apache.hive/hive-exec/2.3.7]

 This jar contains, [ com.google|http://com.google/].protobuf v2.5.0 which has 
the vulnerability 'CVE 
2022-3171'([https://nvd.nist.gov/vuln/detail/CVE-2022-3171])

Could you please let us know if this vulnerability is a false positive or 
affects the hive-exec jar v2.3.7 in any way? 

In case this vulnerability is applicable, can we have the fix ASAP

 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (HIVE-26791) Applicability of CVE-2022-3171 on Hive exec

Reply via email to