Openmetadata
Monthly
OpenMetadata versions prior to 1.11.8 expose JWT tokens for the privileged ingestion-bot account through the /api/v1/ingestionPipelines API endpoint, allowing any read-only user to escalate privileges and impersonate a highly privileged service account. With public exploit code available and no patch currently deployed on most instances, attackers can perform destructive actions within OpenMetadata and access sensitive metadata that should be restricted by role-based policies. This vulnerability affects OpenMetadata deployments and related systems like PostgreSQL that depend on its authentication tokens.
Remote code execution in OpenMetadata versions before 1.11.4 through Server-Side Template Injection in FreeMarker email templates allows authenticated administrators to execute arbitrary code on the affected system. Public exploit code exists for this vulnerability, and attackers with admin-level access can leverage unsafe template processing to compromise the metadata platform. A patch is available in version 1.11.4 and should be applied immediately.
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
OpenMetadata <=1.4.1 is vulnerable to SQL Injection. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
OpenMetadata versions prior to 1.11.8 expose JWT tokens for the privileged ingestion-bot account through the /api/v1/ingestionPipelines API endpoint, allowing any read-only user to escalate privileges and impersonate a highly privileged service account. With public exploit code available and no patch currently deployed on most instances, attackers can perform destructive actions within OpenMetadata and access sensitive metadata that should be restricted by role-based policies. This vulnerability affects OpenMetadata deployments and related systems like PostgreSQL that depend on its authentication tokens.
Remote code execution in OpenMetadata versions before 1.11.4 through Server-Side Template Injection in FreeMarker email templates allows authenticated administrators to execute arbitrary code on the affected system. Public exploit code exists for this vulnerability, and attackers with admin-level access can leverage unsafe template processing to compromise the metadata platform. A patch is available in version 1.11.4 and should be applied immediately.
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
OpenMetadata <=1.4.1 is vulnerable to SQL Injection. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.