CVE-2024-28847 | open-metadata OpenMetadata up to 1.2.3 validateExpression code injection

Posted by Angelo Barbosa | Mar 15, 2024 | CVE

A vulnerability classified as critical was found in open-metadata OpenMetadata up to 1.2.3. This vulnerability affects the function AlertUtil::validateExpression. The manipulation leads to code injection.

This vulnerability was named CVE-2024-28847. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-28847 | open-metadata OpenMetadata up to 1.2.3 validateExpression code injection

Related Posts

CVE-2023-52801 | Linux Kernel up to 6.5.12/6.6.2 iommufd iopt_area_split use after free (836db2e7e456/fcb32111f01d/e7250ab7ca49)

CVE-2024-34931 | Campcodes Complete Web-Based School Management System 1.0 update_subject.php name sql injection

CVE-2024-9328 | SourceCodester Advocate Office Management System 1.0 /control/edit_client.php id sql injection

CVE-2024-7900 | xiaohe4966 TpMeCMS 1.3.3.2 Basic Configuration config cross site scripting