VYPR

Maven package

org.apache.druid/druid-core

pkg:maven/org.apache.druid/druid-core

Vulnerabilities (2)

  • CVE-2021-36749Sep 24, 2021
    affected < 0.22.0fixed 0.22.0

    In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server proce

  • CVE-2021-26920Jul 2, 2021
    affected < 0.21.0fixed 0.21.0

    In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server proce