CVE-2024-28847 | open-metadata OpenMetadata up to 1.2.3 validateExpression code injection

Posted by Angelo Barbosa | Mar 15, 2024 | CVE

A vulnerability classified as critical was found in open-metadata OpenMetadata up to 1.2.3. This vulnerability affects the function AlertUtil::validateExpression. The manipulation leads to code injection.

This vulnerability was named CVE-2024-28847. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-28847 | open-metadata OpenMetadata up to 1.2.3 validateExpression code injection

Related Posts

CVE-2024-4801 | Kashipara College Management System 1.0 submit_new_faculty.php address sql injection

CVE-2024-6756 | Social Auto Poster Plugin up to 5.3.14 on WordPress unrestricted upload

CVE-2024-5154 | cri-o up to 1.28.6/1.29.4/1.30.0 /proc/mounts symlink

CVE-2024-32557 | Exclusive Addons Elementor Plugin up to 2.6.9.2 on WordPress cross site scripting