Vulnerabilities > Apache > Hive > 2.3.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-16 | CVE-2020-1926 | Information Exposure Through Discrepancy vulnerability in Apache Hive Apache Hive cookie signature verification used a non constant time comparison which is known to be vulnerable to timing attacks. | 4.3 |
| 2021-02-12 | CVE-2020-13949 | Resource Exhaustion vulnerability in multiple products In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. | 7.5 |