CVE-2025-50467 | OpenMetadata up to 1.4.4 TestDefinitionDAO Interface listCount supportedDataTypeParam sql injection

Inserito da Angelo Barbosa | Ago 8, 2025 | CVE

A vulnerability was found in OpenMetadata up to 1.4.4. It has been classified as critical. Affected is the function listCount of the component TestDefinitionDAO Interface. The manipulation of the argument supportedDataTypeParam leads to sql injection.

This vulnerability is traded as CVE-2025-50467. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-50467 | OpenMetadata up to 1.4.4 TestDefinitionDAO Interface listCount supportedDataTypeParam sql injection

Post correlati

CVE-2024-11420 | Blocksy Plugin up to 2.0.77 on WordPress cross site scripting

CVE-2024-33700 | LevelOne WBR-6012 R0.40e6 FTP denial of service (TALOS-2024-1998)

CVE-2024-39846 | NewPass up to 1.1.x missing encryption

CVE-2024-28753 | RaspAP up to 3.0.9 Request information disclosure