12 matches found
CVE-2021-25646
CVE-2021-25646 affects Apache Druid where an authenticated user can trigger execution of user-provided JavaScript in certain requests. The root cause is improper validation that enables the server to run code with the Druid server process privileges, potentially compromising the host. Affected ve...
CVE-2024-45384
The CVE-2024-45384 issue affects Apache Druid via the optional druid-pac4j extension, enabling a Padding Oracle vulnerability that could let an attacker manipulate a pac4j session cookie. Affected versions are 0.18.0 through 30.0.0; installations not using druid-pac4j are not affected. While expl...
CVE-2021-26919
CVE-2021-26919 affects Apache Druid, where allowing users with certain JDBC permissions to supply MySQL JDBC properties not on the allowed list could enable code execution in Druid server processes via a malicious MySQL server. Documented behavior: trusted users can set up lookups or ingestion ta...
CVE-2021-36749
Apache Druid CVE-2021-36749 describes an information-disclosure/reading-via-HTTP InputSource issue in the Druid ingestion system. The HTTP InputSource context permits authenticated users to read data from sources other than intended (for example, local files) with the privileges of the Druid serv...
CVE-2021-26920
The CVE-2021-26920 issue affects Apache Druid’s ingestion system: the HTTP InputSource can be used by authenticated users to read data from sources other than intended (e.g., local files) with the Druid server’s privileges. This is not a privilege elevation when accessed directly, since a Local I...
CVE-2022-28889
CVE-2022-28889 affects Apache Druid up to v0.22.1: the web console/server did not send headers to mitigate clickjacking. Druid v0.23.0 and later address this by implementing a Content-Security-Policy header. Base CVSSv3.1 score 4.3 (MEDIUM). The connected sources confirm impact is limited to miss...
CVE-2025-27888
Affected software and issue: Apache Druid with the management proxy enabled is vulnerable to SSRF, XSS, and Open Redirect via specially crafted URLs. Root cause / vulnerability details: When a request is proxied through the Druid management proxy, a crafted URL can redirect to an arbitrary server...
CVE-2021-44791
CVE-2021-44791 affects Apache Druid 0.22.1 and earlier. The vulnerability arises when certain specially-crafted links cause unescaped URL parameters to be echoed back in HTML responses, enabling reflected XSS . The impact floor is limited to the types of data altered in the response and user inte...
CVE-2020-1958
Apache Druid 0.17.0 is affected by CVE-2020-1958, which allows an attacker using valid LDAP credentials to bypass the credentialsValidator.userSearch filter and proceed to authentication, while still being subjected to RBAC if configured. The issue also enables retrieval of LDAP attribute values ...
CVE-2024-45537
Apache Druid CVE-2024-45537 describes a vulnerability where an authenticated user can bypass authorization by sending a specially crafted MySQL JDBC connection string that includes properties not on the allow list, enabling access to read data from other databases via JDBC. The issue stems from i...
CVE-2026-23906
Summary (CVE-2026-23906) : Apache Druid versions 0.17.0 through 35.x are affected when using the druid-basic-security extension with LDAP authentication and an LDAP server that allows anonymous bind. The vulnerability arises from improper validation of LDAP authentication responses, where anonymo...
CVE-2025-59390
Apache Druid’s Kerberos authenticator is affected. If the configuration druid.auth.authenticator.kerberos.cookieSignatureSecret is not set, a weak fallback secret is generated with ThreadLocalRandom, which is not cryptographically secure. This can allow an attacker to predict or brute‑force the c...