Vulnerabilidades en datahub-project
13 resultadosCVE-2023-25558HIGHDeserialization of untrusted data in DataHubEPSS 1.0%CVE-2022-39366CRITICALDataHub missing JWT signature checkEPSS 0.9%CVE-2023-25557HIGHServer-Side Request Forgery in DataHubEPSS 0.7%CVE-2024-22409HIGHDefault Privileges allow for high level operations for low privileged users in datahubEPSS 0.7%CVE-2023-25560HIGHJSON Injection in DataHubEPSS 0.6%CVE-2023-25559HIGHSystem account impersonation in DataHubEPSS 0.5%CVE-2023-47629HIGHPrivilege escalation through email sign-up in datahubEPSS 0.5%CVE-2023-25561MEDIUMLogin fail open on JAAS misconfiguration in DataHubEPSS 0.4%CVE-2023-47628MEDIUMSession Expiration Misconfiguration in datahubEPSS 0.4%CVE-2023-25562MEDIUMFailure to Invalidate Session on Logout in DataHubEPSS 0.4%CVE-2023-47640MEDIUMInsecure Use of HMAC-SHA1 For Session Signing in datahubEPSS 0.4%CVE-2026-25644HIGHDataHub's LDAP Ingestion Source vulnerable to MITM attack through TLS downgradeEPSS 0.3%CVE-2026-44501MEDIUMDataHub OIDC REDIRECT_URL Cookie Deserialization VulnerabilityEPSS 0.1%