CVE-2018-1282: hive: Improper input validation in jdbc/HivePreparedStatement.java allows for SQL injection

Severity: Critical

CVSS Score: 9.1

This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation.