Is CVE-2021-25646 known to be exploited?

104 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apache Software Foundation Druid

CVE-2021-25646

Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests. This functionality is intended for use in high-trust environments, and is disabled by default. However, in Druid 0.20.0 and e…

EPSS: 0.939 (99.9th percentile) — read the EPSS interpretation.

Affected products

Apache Software Foundation Druid — versions 0.20.0 and earlier

Public proof-of-concept exploits

References

lists.apache.org/thread.html/rfda8a3aa6ac06a80c5cbfdeae0fc85f88a5984e32ea05e6dd… (x_refsource_MISC)
[oss-security] 20210129 CVE-2021-25646: Authenticated users can override system configurations in their requests which allows them to execute arbitrary code. (mailing-list, x_refsource_MLIST)
[druid-dev] 20210129 Re: [druid-user] Re: CVE-2021-25646: Authenticated users can override system configurations in their requests which allows them to execute arbitrary code. (mailing-list, x_refsource_MLIST)
[druid-dev] 20210129 Re: CVE-2021-25646: Authenticated users can override system configurations in their requests which allows them to execute arbitrary code. (mailing-list, x_refsource_MLIST)
[announce] 20210129 Subject: [CVE-2021-25646] Apache Druid remote code execution vulnerability (mailing-list, x_refsource_MLIST)
[druid-commits] 20210204 [GitHub] [druid] jihoonson merged pull request #10818: Fix CVE-2021-25646 (mailing-list, x_refsource_MLIST)
[druid-commits] 20210204 [GitHub] [druid] jihoonson commented on pull request #10818: Fix CVE-2021-25646 (mailing-list, x_refsource_MLIST)
[druid-commits] 20210204 [GitHub] [druid] jihoonson opened a new pull request #10854: [Backport] Fix CVE-2021-25646 (mailing-list, x_refsource_MLIST)
[druid-commits] 20210204 [druid] branch 0.21.0 updated: Fix CVE-2021-25646 (#10818) (#10854) (mailing-list, x_refsource_MLIST)
[druid-commits] 20210204 [GitHub] [druid] jihoonson merged pull request #10854: [Backport] Fix CVE-2021-25646 (mailing-list, x_refsource_MLIST)

Frequently asked questions

What is CVE-2021-25646?: CVE-2021-25646 is a vulnerability in Apache Software Foundation Druid. Published 2021-01-29.
Is CVE-2021-25646 known to be exploited?: 104 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.