You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hive.apache.org by "Vihang Karajgaonkar (JIRA)" <ji...@apache.org> on 2017/02/24 19:25:44 UTC

[jira] [Assigned] (HIVE-16035) Investigate potential SQL injection vulnerability in Hive

     [ https://issues.apache.org/jira/browse/HIVE-16035?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Vihang Karajgaonkar reassigned HIVE-16035:
------------------------------------------


> Investigate potential SQL injection vulnerability in Hive
> ---------------------------------------------------------
>
>                 Key: HIVE-16035
>                 URL: https://issues.apache.org/jira/browse/HIVE-16035
>             Project: Hive
>          Issue Type: Bug
>          Components: Hive
>            Reporter: Vihang Karajgaonkar
>            Assignee: Vihang Karajgaonkar
>
> Some of the queries in ObjectStore and MetastoreDirectSql classes append Strings variables directly to the query text. This JIRA is to investigate the possible vulnerabilities and fix them using parameterized queries.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)