Vulnerabilidades en open-metadata
8 resultadosCVE-2024-28255CRITICALAuthentication Bypass in OpenMetadataEPSS 73.3%CVE-2024-28254HIGHSpEL Injection in `GET /api/v1/events/subscriptions/validation/condition/<expr>` in OpenMetadataEPSS 45.7%CVE-2024-28253CRITICALSpEL Injection in `PUT /api/v1/policies` in OpenMetadataEPSS 12.5%CVE-2024-28848HIGHSpEL Injection in `GET /api/v1/policies/validation/condition/<expr>` in OpenMetadataEPSS 7.9%CVE-2024-28847HIGHSpEL Injection in `PUT /api/v1/events/subscriptions` in OpenMetadataEPSS 2.4%CVE-2026-22244HIGHOpenMetadata Server-Side Template Injection (SSTI) in FreeMarker email templates that leads to RCEEPSS 0.8%CVE-2026-26010HIGHLeaky JWTs in OpenMetadata exposing highly-privileged bot usersEPSS 0.3%CVE-2026-46481HIGHOpenMetadata: TEST_CONNECTION workflow leaks ingestion-bot JWT and database password to regular usersEPSS 0.2%