Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Information Disclosure

🗓️ 05 Jul 2021 03:36:08Reported by Veracode Vulnerability DatabaseType 
veracode
 veracode🔗 sca.analysiscenter.veracode.com👁 20 Views

druid-core vulnerable to information disclosure via HTTP InputSourc

Related
Detection
Refs
ReporterTitlePublishedViews
Family
Tenable Nessus		Apache Druid < 0.21.0 Privilege Escalation
20 Sep 202300:00
nessus
Circl		CVE-2021-26920
2 Jul 202112:31
circl
CNNVD		Apache Druid权限许可和访问控制问题漏洞
2 Jul 202100:00
cnnvd
CNVD		Apache Druid Privilege Permission and Access Control Issues Vulnerability
6 Jul 202100:00
cnvd
CVE		CVE-2021-26920
2 Jul 202107:20
cve
Cvelist		CVE-2021-26920 Apache Druid: The HTTP inputSource allows authenticated users to read data from other sources than intended
2 Jul 202107:20
cvelist
EUVD		EUVD-2021-1614
7 Oct 202500:30
euvd
Github Security Blog		Druid ingestion system Authenticated users can read data from other sources than intended
13 Aug 202115:21
github
NVD		CVE-2021-26920
2 Jul 202108:15
nvd
OSV		GHSA-793H-6F7R-6QVM Druid ingestion system Authenticated users can read data from other sources than intended
13 Aug 202115:21
osv
Rows per page
Vulners
Node
apachedruid-coreRange0.17.00.20.2java
SourceLink
githubwww.github.com/apache/druid/commit/6b14bdb3a53d6aec45e485e6849956a69720ba3f
listswww.lists.apache.org/thread.html/r29e45561343cc5cf7d3290ee0b0e94e565faab19c20d022df9b5e29c%40%3Cdev.druid.apache.org%3E
listswww.lists.apache.org/thread.html/r61aab724cf97d80da7f02d50e9af6de5c7c40dd92dab7518746fbaa2@%3Cannounce.apache.org%3E
listswww.lists.apache.org/thread.html/r61aab724cf97d80da7f02d50e9af6de5c7c40dd92dab7518746fbaa2%40%3Cannounce.apache.org%3E
listswww.lists.apache.org/thread.html/r304dfe56a5dfe1b2d9166b24d2c74ad1c6730338b20aef77a00ed2be%40%3Cannounce.apache.org%3E
listswww.lists.apache.org/thread.html/r304dfe56a5dfe1b2d9166b24d2c74ad1c6730338b20aef77a00ed2be@%3Cannounce.apache.org%3E
listswww.lists.apache.org/thread.html/rc9400a70d0ec5cdb8a3486fc5ddb0b5282961c0b63e764abfbcb9f5d@%3Cdev.druid.apache.org%3E
listswww.lists.apache.org/thread.html/rc9400a70d0ec5cdb8a3486fc5ddb0b5282961c0b63e764abfbcb9f5d%40%3Cdev.druid.apache.org%3E
openwallwww.openwall.com/lists/oss-security/2021/07/02/1
openwallwww.openwall.com/lists/oss-security/2021/09/24/1
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
07 Nov 2023 22:48Current
0.7Low risk
Vulners AI Score0.7
CVSS 24
CVSS 3.16.5
EPSS0.03154
druid-coreinformation disclosurehttp inputsource
20