Lucene search
Veracode Vulnerability DatabaseVERACODE:32248HistorySep 27, 2021 - 4:04 a.m.
Information Disclosure
2021-09-2704:04:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
druid-core
vulnerability
unauthorized access
data access
http inputsource
EPSS
0.765
Percentile
98.2%
druid-core is vulnerable to information disclosure. An attacker is able to bypass the application-level restriction and read data from other sources than intended by passing a file URL to the HTTP InputSource.
References
Related
checkpoint_advisories
checkpoint_advisories
Apache Druid Information Disclosure (CVE-2021-36749)
2022-02-02 00:00:00
cnvd
cnvd
Apache Druid LoadData has an arbitrary file reading vulnerability
2021-11-19 00:00:00
githubexploit
githubexploit
Exploit for Exposure of Resource to Wrong Sphere in Apache Druid
2021-11-21 03:23:00
Exploit for Incorrect Authorization in Apache Druid
2021-10-14 03:47:02
Exploit for Incorrect Authorization in Apache Druid
2021-10-14 17:30:55
nessus
nessus
Apache Druid < 0.22.0 Incorrect Authorization
2023-09-20 00:00:00
prion
prion
Privilege escalation
2021-09-24 10:15:00
nuclei
nuclei
Apache Druid - Local File Inclusion
2021-10-25 12:00:48
redhatcve
redhatcve
CVE-2021-36749
2021-09-24 17:31:48
osv
osv
CVE-2021-36749
2021-09-24 10:15:07
github
github
cve
cve
CVE-2021-36749
2021-09-24 10:15:07
nvd
nvd
CVE-2021-36749
2021-09-24 10:15:07
