druidpackaged by Chainguard
packaged by Chainguard
Last changed
Request a free trial
Contact our team to test out this image for free. Please also indicate any other images you would like to evaluate.
Tag:
Severity:All
Expand | CVE ID | Severity | Package | Version | Last detected |
|---|---|---|---|---|---|
CVE-2021-44521 | Critical | cassandra-all | 1.0.8 | ||
CVE-2024-47561 | Critical | avro | 1.7.7 | ||
CVE-2019-20444 | Critical | netty | 3.10.6.Final | ||
CVE-2024-47561 | Critical | avro | 1.7.7 | ||
CVE-2022-23305 | Critical | log4j | 1.2.17 | ||
CVE-2019-17571 | Critical | log4j | 1.2.17 | ||
CVE-2019-20444 | Critical | netty | 3.10.5.Final | ||
CVE-2022-23307 | Critical | log4j | 1.2.17 | ||
CVE-2021-22569 | High | protobuf-java | 3.7.1 | ||
CVE-2025-52999 | High | jackson-core | 2.13.2 | ||
CVE-2023-52428 | High | nimbus-jose-jwt | 9.8.1 | ||
CVE-2021-37137 | High | netty | 3.10.5.Final | ||
CVE-2025-52999 | High | jackson-core | 2.12.7 | ||
CVE-2021-31684 | High | json-smart | 1.3.2 | ||
CVE-2025-23015 | High | cassandra-all | 1.0.8 | ||
CVE-2021-22569 | High | protobuf-java | 3.7.1 | ||
CVE-2025-67030 | High | plexus-utils | 3.1.0 | ||
CVE-2025-48734 | High | commons-beanutils | 1.9.4 | ||
CVE-2023-39410 | High | avro | 1.7.7 | ||
CVE-2022-41404 | High | ini4j | 0.5.4 | ||
CVE-2024-7254 | High | protobuf-java | 3.7.1 | ||
CVE-2024-7254 | High | protobuf-java | 3.7.1 | ||
CVE-2023-1370 | High | json-smart | 1.3.2 | ||
CVE-2026-40458 | High | pac4j-core | 5.7.3 | ||
CVE-2023-43642 | High | snappy-java | 1.1.8.2 | ||
CVE-2026-35554 | High | kafka-clients | 3.9.1 | ||
CVE-2025-48734 | High | commons-beanutils | 1.9.4 | ||
CVE-2024-25638 | High | dnsjava | 2.1.7 | ||
CVE-2023-52428 | High | nimbus-jose-jwt | 9.8.1 | ||
CVE-2022-3510 | High | protobuf-java | 3.7.1 | ||
CVE-2022-3510 | High | protobuf-java | 3.7.1 | ||
CVE-2021-37137 | High | netty | 3.10.6.Final | ||
CVE-2021-31684 | High | json-smart | 1.3.2 | ||
CVE-2026-2332 | High | jetty-http | 9.4.43.v20210629 | ||
CVE-2026-2332 | High | jetty-http | 9.4.51.v20230217 | ||
CVE-2022-41404 | High | ini4j | 0.5.4 | ||
CVE-2024-25638 | High | dnsjava | 2.1.7 | ||
CVE-2024-25638 | High | dnsjava | 2.1.7 | ||
CVE-2024-47554 | High | commons-io | 2.8.0 | ||
CVE-2023-26464 | High | log4j | 1.2.17 | ||
CVE-2021-22569 | High | protobuf-java | 3.7.1 | ||
CVE-2024-7254 | High | protobuf-java | 3.7.1 | ||
CVE-2023-39410 | High | avro | 1.7.7 | ||
CVE-2026-5928 | High | glibc | 2.43-r6 | ||
CVE-2021-37136 | High | netty | 3.10.5.Final | ||
CVE-2022-3510 | High | protobuf-java | 3.7.1 | ||
CVE-2023-1370 | High | json-smart | 1.3.2 | ||
CVE-2021-4104 | High | log4j | 1.2.17 | ||
CVE-2022-23302 | High | log4j | 1.2.17 | ||
CVE-2026-2332 | High | jetty-http | 12.0.31 | ||
CVE-2020-13949 | High | libthrift | 0.9.3-1 | ||
CVE-2024-47554 | High | commons-io | 2.8.0 | ||
CVE-2021-37136 | High | netty | 3.10.6.Final | ||
CVE-2020-13949 | High | libthrift | 0.13.0 | ||
CVE-2025-52999 | High | jackson-core | 2.12.7 | ||
CVE-2019-0205 | High | libthrift | 0.9.3-1 | ||
CVE-2023-34455 | High | snappy-java | 1.1.8.2 | ||
CVE-2024-47554 | High | commons-io | 2.4 | ||
CVE-2024-47554 | High | commons-io | 2.8.0 | ||
CVE-2018-11798 | Medium | libthrift | 0.9.3-1 | ||
CVE-2025-48924 | Medium | commons-lang | 2.5 | ||
CVE-2018-10237 | Medium | guava | 14.0.1 | ||
CVE-2021-37533 | Medium | commons-net | 3.6 | ||
CVE-2026-0636 | Medium | bcprov-jdk18on | 1.79 | ||
CVE-2024-25710 | Medium | commons-compress | 1.21 | ||
CVE-2024-26308 | Medium | commons-compress | 1.21 | ||
CVE-2022-3171 | Medium | protobuf-java | 3.7.1 | ||
CVE-2020-13956 | Medium | httpclient | 4.5.2 | ||
CVE-2024-29131 | Medium | commons-configuration2 | 2.8.0 | ||
CVE-2025-48924 | Medium | commons-lang3 | 3.12.0 | ||
CVE-2026-5588 | Medium | bcpkix-jdk18on | 1.79 | ||
CVE-2023-34453 | Medium | snappy-java | 1.1.8.2 | ||
GHSA-72hv-8253-57qq | Medium | jackson-core | 2.12.7 | ||
GHSA-72hv-8253-57qq | Medium | jackson-core | 2.12.7 | ||
CVE-2025-49128 | Medium | jackson-core | 2.12.7 | ||
CVE-2019-20445 | Medium | netty | 3.10.5.Final | ||
CVE-2022-3171 | Medium | protobuf-java | 3.7.1 | ||
CVE-2022-3171 | Medium | protobuf-java | 3.7.1 | ||
GHSA-72hv-8253-57qq | Medium | jackson-core | 2.18.1 | ||
CVE-2023-34454 | Medium | snappy-java | 1.1.8.2 | ||
CVE-2024-29133 | Medium | commons-configuration2 | 2.8.0 | ||
CVE-2025-48924 | Medium | commons-lang3 | 3.12.0 | ||
CVE-2023-40167 | Medium | jetty-http | 9.4.43.v20210629 | ||
CVE-2025-53864 | Medium | nimbus-jose-jwt | 9.8.1 | ||
CVE-2025-49128 | Medium | jackson-core | 2.12.7 | ||
CVE-2024-25710 | Medium | commons-compress | 1.21 | ||
CVE-2024-26308 | Medium | commons-compress | 1.21 | ||
CVE-2025-53864 | Medium | nimbus-jose-jwt | 9.8.1 | ||
GHSA-72hv-8253-57qq | Medium | jackson-core | 2.13.2 | ||
CVE-2019-20445 | Medium | netty | 3.10.6.Final | ||
CVE-2025-48924 | Medium | commons-lang | 2.6 | ||
CVE-2026-40490 | Medium | async-http-client | 3.0.2 | ||
CVE-2024-6763 | Medium | jetty-http | 9.4.43.v20210629 | ||
CVE-2024-29133 | Medium | commons-configuration2 | 2.1.1 | ||
CVE-2024-6763 | Medium | jetty-http | 9.4.51.v20230217 | ||
CVE-2021-29425 | Medium | commons-io | 2.4 | ||
CVE-2024-29131 | Medium | commons-configuration2 | 2.1.1 | ||
CVE-2026-34479 | Medium | log4j-1.2-api | 2.25.3 | ||
CVE-2022-2047 | Low | jetty-http | 9.4.43.v20210629 | ||
CVE-2020-8908 | Low | guava | 30.1.1-jre | ||
CVE-2024-23454 | Low | hadoop-common | 3.3.6 | ||
CVE-2020-8908 | Low | guava | 30.1.1-jre | ||
CVE-2025-11143 | Low | jetty-http | 9.4.51.v20230217 | ||
CVE-2020-8908 | Low | guava | 30.1.1-jre | ||
CVE-2020-8908 | Low | guava | 14.0.1 | ||
GHSA-58qw-p7qm-5rvh | Low | jetty-xml | 9.4.43.v20210629 | ||
CVE-2025-11143 | Low | jetty-http | 9.4.43.v20210629 | ||
CVE-2024-23454 | Low | hadoop-common | 3.3.6 |
Last updated:
The trusted source for open source
Talk to an expertProduct
Customers
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.