Known vulnerabilities in Apache Foundation Apache Druid 0.7.3

Vendor: Apache Foundation

Website: https://www.apache.org

Total Security Bulletins: 6

Security bulletins (6)

Secuity bulletin	Severity	Status	Published
SB2025112807: Authentication bypass in Apache Druid Kerberos authenticator	High	Patched	28.11.2025
SB2025032718: SSRF in Apache Druid	High	Patched	27.03.2025
SB2022070725: Reflected XSS in Apache Druid	Medium	Patched	07.07.2022
SB2021070509: Security restrictions bypass in Apache Druid	Low	Patched	05.07.2021
SB2021033019: Remote code execution in Apache Druid	Medium	Patched	30.03.2021
SB2021020112: Remote code execution in Apache Druid	Medium	Patched Public exploit	01.02.2021