In environments that use external location for hive tables, Hive Authorizer in Apache Ranger before 0.7.1 should be checking RWX permission for create table.

Affected Packages

Maven org.apache.ranger:ranger

Affected versions: 0 (fixed in 0.7.1)

Related CVEs

CVE-2017-7677

Key Information

GHSA ID

GHSA-ffjh-fjgg-mfpq

Published

October 17, 2018 5:22 PM

Last Modified

September 10, 2021 6:07 PM

CVSS Score

5.0 /10

Primary Ecosystem

Maven

Primary Package

org.apache.ranger:ranger

GitHub Reviewed

✓ Yes

Dataset

Last updated: September 11, 2025 6:35 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.