CVE-2024-23945 | Apache Hive up to 3.x Signed Cookie information exposure

Posted by Angelo Barbosa | Dec 23, 2024 | CVE

A vulnerability, which was classified as problematic, was found in Apache Hive up to 3.x. This affects an unknown part of the component Signed Cookie Handler. The manipulation leads to information exposure through error message.

This vulnerability is uniquely identified as CVE-2024-23945. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23945 | Apache Hive up to 3.x Signed Cookie information exposure

Related Posts

CVE-2024-46712 | Linux Kernel up to 6.10.7/6.11-rc1 vmwgfx buffer overflow (c45558414b8f/e9fd436bb8fb)

CVE-2024-12902 | Global Wisdom Software ANCHOR up to 2.5.9.4/2.7.2.3 default credentials

CVE-2023-51745 | Siemens JT2Go/Teamcenter Visualization CGM File stack-based overflow (ssa-794653)

CVE-2024-39132 | DumpTS 0.1.0-nightly /src/DumpTS.cpp VerifyCommandLine null pointer dereference