Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:45 a.m.19 views

CVE-2024-28251

Querybook is a Big Data Querying UI, combining collocated table metadata and a simple notebook interface. Querybook's datadocs functionality works by using a Websocket Server. The client talks to this WSS whenever updating/deleting/reading any cells as well as for watching the live status of quer...

7.3CVSS5.5AI score0.00239EPSS
Exploits0References1
Prion
Prion
added 2024/03/14 10:54 p.m.41 views

CVE-2024-28251

RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided...

5.1CVSS7.3AI score0.00239EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/03/13 11:21 p.m.15 views

CVE-2024-28251 Cross-site websocket hijacking in Querybook

Querybook is a Big Data Querying UI, combining collocated table metadata and a simple notebook interface. Querybook's datadocs functionality works by using a Websocket Server. The client talks to this WSS whenever updating/deleting/reading any cells as well as for watching the live status of quer...

5.6CVSS7AI score0.00239EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/13 11:21 p.m.44 views

CVE-2024-28251 Cross-site websocket hijacking in Querybook

Querybook is a Big Data Querying UI, combining collocated table metadata and a simple notebook interface. Querybook's datadocs functionality works by using a Websocket Server. The client talks to this WSS whenever updating/deleting/reading any cells as well as for watching the live status of quer...

5.6CVSS5.7AI score0.00239EPSS
Exploits0References2
CVE
CVE
added 2024/03/13 11:21 p.m.79 views

CVE-2024-28251

Querybook (Big Data Querying UI) exposes a cross-site websocket hijacking risk due to permissive CORS on its WebSocket Server. The issue affects datadocs functionality where the client communicates with a WebSocket Server to update/read/delete cells and monitor query execution, enabling an attack...

7.3CVSS5.4AI score0.00239EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder