7 results (0.004 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-28889 – Clickjacking in the web console

https://notcve.org/view.php?id=CVE-2022-28889

In Apache Druid 0.22.1 and earlier, the server did not set appropriate headers to prevent clickjacking. Druid 0.23.0 and later prevent clickjacking using the Content-Security-Policy header. En Apache Druid versiones 0.22.1 y anteriores, el servidor no establecía los encabezados apropiados para evitar el clickjacking. Druid versiones 0.23.0 y posteriores evitan el clickjacking mediante el encabezado Content-Security-Policy • https://lists.apache.org/thread/t3nsq4crdr8wqgmj721d2wg6pf26s5cw • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-44791 – Reflected XSS on certain HTTP endpoints

https://notcve.org/view.php?id=CVE-2021-44791

In Apache Druid 0.22.1 and earlier, certain specially-crafted links result in unescaped URL parameters being sent back in HTML responses. This makes it possible to execute reflected XSS attacks. En Apache Druid versiones 0.22.1 y anteriores, algunos enlaces especialmente diseñados resultan en el envío de parámetros de URL sin esconder en las respuestas HTML. Esto hace posible una ejecución de ataques de tipo XSS reflejados • https://lists.apache.org/thread/lh2kcl4j45q7xj4w6rqf6kwf0mvyp2o6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 76%CPEs: 1EXPL: 3

CVE-2021-36749 – Apache Druid: The HTTP inputSource allows authenticated users to read data from other sources than intended (incomplete fix of CVE-2021-26920)

https://notcve.org/view.php?id=CVE-2021-36749

In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not an elevation of privilege when users access Druid directly, since Druid also provides the Local InputSource, which allows the same level of access. But it is problematic when users interact with Druid indirectly through an application that allows users to specify the HTTP InputSource, but not the Local InputSource. In this case, users could bypass the application-level restriction by passing a file URL to the HTTP InputSource. • https://github.com/BrucessKING/CVE-2021-36749 https://github.com/dorkerdevil/CVE-2021-36749 https://github.com/Jun-5heng/CVE-2021-36749 https://lists.apache.org/thread.html/r304dfe56a5dfe1b2d9166b24d2c74ad1c6730338b20aef77a00ed2be%40%3Cannounce.apache.org%3E https://lists.apache.org/thread.html/rc9400a70d0ec5cdb8a3486fc5ddb0b5282961c0b63e764abfbcb9f5d%40%3Cdev.druid.apache.org%3E • CWE-863: Incorrect Authorization •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-26920 – Apache Druid: The HTTP inputSource allows authenticated users to read data from other sources than intended

https://notcve.org/view.php?id=CVE-2021-26920

In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not an elevation of privilege when users access Druid directly, since Druid also provides the Local InputSource, which allows the same level of access. But it is problematic when users interact with Druid indirectly through an application that allows users to specify the HTTP InputSource, but not the Local InputSource. In this case, users could bypass the application-level restriction by passing a file URL to the HTTP InputSource. • http://www.openwall.com/lists/oss-security/2021/07/02/1 http://www.openwall.com/lists/oss-security/2021/09/24/1 https://lists.apache.org/thread.html/r29e45561343cc5cf7d3290ee0b0e94e565faab19c20d022df9b5e29c%40%3Cdev.druid.apache.org%3E https://lists.apache.org/thread.html/r304dfe56a5dfe1b2d9166b24d2c74ad1c6730338b20aef77a00ed2be%40%3Cannounce.apache.org%3E https://lists.apache.org/thread.html/r61aab724cf97d80da7f02d50e9af6de5c7c40dd92dab7518746fbaa2%40%3Cannounce.apache.org%3E https://lists.apache.org/thread.html/rc9400a70d0ec5cdb8a3486fc5ddb0b5282961c0b • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •

CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0

CVE-2021-26919 – Apache Druid Authenticated users can execute arbitrary code from malicious MySQL database systems.

https://notcve.org/view.php?id=CVE-2021-26919

Apache Druid allows users to read data from other database systems using JDBC. This functionality is to allow trusted users with the proper permissions to set up lookups or submit ingestion tasks. The MySQL JDBC driver supports certain properties, which, if left unmitigated, can allow an attacker to execute arbitrary code from a hacker-controlled malicious MySQL server within Druid server processes. This issue was addressed in Apache Druid 0.20.2 Apache Druid, permite a usuarios leer datos de otros sistemas de bases de datos usando JDBC. Esta funcionalidad permite a usuarios confiables con los permisos apropiados configurar búsquedas o enviar tareas de ingestión. • https://lists.apache.org/thread.html/r443e2916c612fbd119839c0fc0729327d6031913a75081adac5b43ad%40%3Cdev.druid.apache.org%3E https://lists.apache.org/thread.html/r470f8c92eb5df45f41b3ae609b6315b6c5ff51b3ceb2f09f00ca620f%40%3Cdev.druid.apache.org%3E https://lists.apache.org/thread.html/r6bc68264170046448f823d12c17fd1fd875251d97d60869f58709872%40%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/r7a531ec123570cb7875ff991cf115f99e9ef99a48b3cf3fa4f9d9864%40%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/ra85fa7d31f9bec1148ffd2e4030934927caa8bff89bca9f61f75e697%40 •