3 matches found
CVE-2023-25560
DataHub is an open-source metadata platform. The AuthServiceClient which is responsible for creation of new accounts, verifying credentials, resetting them or requesting access tokens, crafts multiple JSON strings using format strings with user-controlled data. This means that an attacker may be...
CVE-2023-25560
Summary of CVE-2023-25560 (DataHub) : The vulnerability affects DataHub’s AuthServiceClient, responsible for account creation, credential verification, reset, and token requests. It arises from crafting multiple JSON strings with user-controlled data via format strings, enabling an attacker to au...
PT-2023-20158
Name of the Vulnerable Software and Affected Versions DataHub affected versions not specified Description The issue concerns the AuthServiceClient in DataHub, which is responsible for managing accounts and authentication. It crafts JSON strings using format strings with user-controlled data,...