Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-25802

Log4j2 Vulnerability in Hive Storage API

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 4.0.0
    • 4.0.0-alpha-2
    • storage-api
    • None

    Description

      Storage API also brings in log4j2 dependency <= 2.14.1 that can still expose a vulnerability in hive

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. HIVE-25839 Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832

          • Major - Major loss of function.
          • Closed
          is part of

          Bug - A problem which impairs or prevents the functions of the product. HIVE-25795 [CVE-2021-44228] Update log4j2 version to 2.15.0

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            People

              Unassigned Unassigned
              gupta.nikhil0007 Nikhil Gupta
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: