10 matches found
EUVD-2021-1614
Malware in sbrugna...
GHSA-9P5G-VG43-MJ5R Druid ingestion system Authenticated users can read data from other sources than intended
In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not a...
Druid ingestion system Authenticated users can read data from other sources than intended
In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not a...
CVE-2021-36749
In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not a...
CVE-2021-36749
In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not a...
Privilege escalation
In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not a...
GHSA-793H-6F7R-6QVM Druid ingestion system Authenticated users can read data from other sources than intended
In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not a...
Druid ingestion system Authenticated users can read data from other sources than intended
In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not a...
CVE-2021-26920
In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not a...
CVE-2021-26920
The CVE-2021-26920 issue affects Apache Druid’s ingestion system: the HTTP InputSource can be used by authenticated users to read data from sources other than intended (e.g., local files) with the Druid server’s privileges. This is not a privilege elevation when accessed directly, since a Local I...