exploitDog

GHSA-jw6q-gq77-j944

Опубликовано: 08 авг. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.1

Описание

OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query.

OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query.

Ссылки

EPSS

Процентиль: 8%

0.00028

Низкий

7.1 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-50465

CVSS3: 7.1

nvd

6 месяцев назад

OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query.

EPSS

Процентиль: 8%

0.00028

Низкий

7.1 High

CVSS3

CVE ID

Дефекты

CWE-89