← Back

Sentry

sentry

Vendor: Apache • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-8028
1Apache
1Sentry
Nov 21, 2024
Aug 23, 2018
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
An authenticated user can execute ALTER TABLE EXCHANGE PARTITIONS without being authorized by Apache Sentry before 2.0.1. This can allow an attacker unauthorized access to the partitioned data of a Sentry protected table...Show more
An authenticated user can execute ALTER TABLE EXCHANGE PARTITIONS without being authorized by Apache Sentry before 2.0.1. This can allow an attacker unauthorized access to the partitioned data of a Sentry protected table and can allow an attacker to remove data from a Sentry protected table.Show less
CVE-2016-0760
1Apache
1Sentry
May 6, 2026
Aug 19, 2016
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
Multiple incomplete blacklist vulnerabilities in Apache Sentry before 1.7.0 allow remote authenticated users to execute arbitrary code via the (1) reflect, (2) reflect2, or (3) java_method Hive builtin functions.