CVE-2025-50466 | OpenMetadata up to 1.4.4 TestDefinitionDAO Interface listCount entityType sql injection

Inserito da Angelo Barbosa | Ago 8, 2025 | CVE

A vulnerability was found in OpenMetadata up to 1.4.4 and classified as critical. This issue affects the function listCount of the component TestDefinitionDAO Interface. The manipulation of the argument entityType leads to sql injection.

The identification of this vulnerability is CVE-2025-50466. The attack may be initiated remotely. There is no exploit available.

CVE-2025-50466 | OpenMetadata up to 1.4.4 TestDefinitionDAO Interface listCount entityType sql injection

Post correlati

CVE-2024-0676 | Lamassu Bitcoin ATM Douro Machine 7.1 weak password

CVE-2024-52975 | Elastic Fleet Server up to 8.14.x information disclosure

CVE-2025-40631 | Icewarp Mail Server 11.4.0 HTTP Header Host http headers for scripting syntax

CVE-2024-34762 | WPENGINE Advanced Custom Fields Pro Plugin up to 6.2.9 on WordPress path traversal