CVE-2024-23953 | Apache Hive 2.2.x/3.x LlapSignerImpl Arrays.equals integrity check

Posted by Angelo Barbosa | Jan 28, 2025 | CVE

A vulnerability, which was classified as problematic, was found in Apache Hive 2.2.x/3.x. Affected is the function Arrays.equals of the component LlapSignerImpl. The manipulation leads to improper validation of integrity check value.

This vulnerability is traded as CVE-2024-23953. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23953 | Apache Hive 2.2.x/3.x LlapSignerImpl Arrays.equals integrity check

Related Posts

CVE-2024-5309 | Form Vibes Plugin up to 1.4.12 on WordPress authorization

CVE-2024-11125 | GetSimpleCMS 3.3.16 /admin/profile.php cross-site request forgery

CVE-2024-26220 | Microsoft unknown vulnerability

CVE-2024-46817 | Linux Kernel up to 6.10.8 AMD Display amdgpu_dm initialization