Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:6 a.m.8 views

CVE-2024-45384

Padding Oracle vulnerability in Apache Druid extension, druid-pac4j. This could allow an attacker to manipulate a pac4j session cookie. This issue affects Apache Druid versions 0.18.0 through 30.0.0. Since the druid-pac4j extension is optional and disabled by default, Druid installations not usin...

5.3CVSS5AI score0.00821EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/27 1:29 p.m.10 views

Security Bulletin:Vulnerability in Apache Druid affects watsonx.data

Summary Apache Druid could allow a remote attacker to bypass security restrictions. These could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-45384 DESCRIPTION: Apache Druid could allow a remote attacker to bypass security restrictions, caused by a flaw in the druid-pac4j extension. B...

6.5CVSS6.3AI score0.00821EPSS
Exploits0Affected Software1
Chainguard
Chainguard
added 2024/09/17 7:15 p.m.10 views

CVE-2024-45384 vulnerabilities

Vulnerabilities for packages: druid...

5.3CVSS6.9AI score0.00821EPSS
Exploits0
Wolfi
Wolfi
added 2024/09/17 7:15 p.m.15 views

CVE-2024-45384 vulnerabilities

Vulnerabilities for packages: druid...

5.3CVSS7.2AI score0.00821EPSS
Exploits0
Cvelist
Cvelist
added 2024/09/17 6:36 p.m.44 views

CVE-2024-45384 Apache Druid: Padding oracle in druid-pac4j extension that allows an attacker to manipulate a pac4j session cookie via Padding Oracle Attack

Padding Oracle vulnerability in Apache Druid extension, druid-pac4j. This could allow an attacker to manipulate a pac4j session cookie. This issue affects Apache Druid versions 0.18.0 through 30.0.0. Since the druid-pac4j extension is optional and disabled by default, Druid installations not usin...

0.00821EPSS
Exploits0References1
OSV
OSV
added 2024/09/17 6:36 p.m.14 views

CVE-2024-45384 Apache Druid: Padding oracle in druid-pac4j extension that allows an attacker to manipulate a pac4j session cookie via Padding Oracle Attack

Padding Oracle vulnerability in Apache Druid extension, druid-pac4j. This could allow an attacker to manipulate a pac4j session cookie. This issue affects Apache Druid versions 0.18.0 through 30.0.0. Since the druid-pac4j extension is optional and disabled by default, Druid installations not usin...

5.3CVSS6AI score0.00821EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/09/17 6:36 p.m.22 views

CVE-2024-45384 Apache Druid: Padding oracle in druid-pac4j extension that allows an attacker to manipulate a pac4j session cookie via Padding Oracle Attack

Padding Oracle vulnerability in Apache Druid extension, druid-pac4j. This could allow an attacker to manipulate a pac4j session cookie. This issue affects Apache Druid versions 0.18.0 through 30.0.0. Since the druid-pac4j extension is optional and disabled by default, Druid installations not usin...

6.6AI score0.00821EPSS
Exploits0References1
Rows per page
Query Builder