351 matches found
GHSA-8P4X-WR7X-3788 vulnerabilities
Vulnerabilities for packages: datahub-ingestion-fips, datahub-ingestion...
CVE-2026-45017 vulnerabilities
Vulnerabilities for packages: datahub-ingestion-fips, datahub-ingestion...
CVE-2026-44501
DataHub is an open-source metadata platform. Prior to 1.5.0.3, The DataHub frontend datahub-frontend-react deserializes attacker-controlled Java objects from the REDIRECTURL HTTP cookie during the OIDC callback flow, with no integrity protection no HMAC, no encryption. This is a Deserialization o...
EUVD-2026-30321
DataHub is an open-source metadata platform. Prior to 1.5.0.3, The DataHub frontend datahub-frontend-react deserializes attacker-controlled Java objects from the REDIRECTURL HTTP cookie during the OIDC callback flow, with no integrity protection no HMAC, no encryption. This is a Deserialization o...
CVE-2026-44501
DataHub frontend (datahub-frontend-react) prior to 1.5.0.3 deserializes attacker-controlled Java objects from the REDIRECT_URL cookie during the OIDC callback (GET /callback/oidc) with no integrity protection. This CWE-502 Deserialization of Untrusted Data vulnerability requires a valid user acco...
CVE-2026-44501
DataHub is an open-source metadata platform. Prior to 1.5.0.3, The DataHub frontend datahub-frontend-react deserializes attacker-controlled Java objects from the REDIRECTURL HTTP cookie during the OIDC callback flow, with no integrity protection no HMAC, no encryption. This is a Deserialization o...
CVE-2026-44501 DataHub OIDC REDIRECT_URL Cookie Deserialization Vulnerability
DataHub is an open-source metadata platform. Prior to 1.5.0.3, The DataHub frontend datahub-frontend-react deserializes attacker-controlled Java objects from the REDIRECTURL HTTP cookie during the OIDC callback flow, with no integrity protection no HMAC, no encryption. This is a Deserialization o...
CVE-2026-44501 DataHub OIDC REDIRECT_URL Cookie Deserialization Vulnerability
DataHub is an open-source metadata platform. Prior to 1.5.0.3, The DataHub frontend datahub-frontend-react deserializes attacker-controlled Java objects from the REDIRECTURL HTTP cookie during the OIDC callback flow, with no integrity protection no HMAC, no encryption. This is a Deserialization o...
PT-2026-40949
DataHub is an open-source metadata platform. Prior to 1.5.0.3, The DataHub frontend datahub-frontend-react deserializes attacker-controlled Java objects from the REDIRECT URL HTTP cookie during the OIDC callback flow, with no integrity protection no HMAC, no encryption. This is a Deserialization ...
GHSA-MQCG-5X36-VFCG vulnerabilities
Vulnerabilities for packages: datahub-ingestion-fips...
GHSA-7545-FCXQ-7J24 vulnerabilities
Vulnerabilities for packages: awx, datahub-ingestion-fips...
CVE-2026-42557 vulnerabilities
Vulnerabilities for packages: datahub-ingestion-fips...
CVE-2026-44243 vulnerabilities
Vulnerabilities for packages: awx, datahub-ingestion-fips...
GHSA-QH7Q-6QM3-653W vulnerabilities
Vulnerabilities for packages: datahub-ingestion-fips, datahub-ingestion...
CVE-2026-40934 vulnerabilities
Vulnerabilities for packages: datahub-ingestion-fips, datahub-ingestion...
CVE-2026-35397 vulnerabilities
Vulnerabilities for packages: datahub-ingestion-fips, datahub-ingestion...
CVE-2025-61669 vulnerabilities
Vulnerabilities for packages: datahub-ingestion-fips, datahub-ingestion...
GHSA-5MRQ-X3X5-8V8F vulnerabilities
Vulnerabilities for packages: datahub-ingestion-fips, datahub-ingestion...
GHSA-37W4-HWHX-4RC4 vulnerabilities
Vulnerabilities for packages: datahub-ingestion-fips, datahub-ingestion...
GHSA-5789-5FC7-67V3 vulnerabilities
Vulnerabilities for packages: datahub-ingestion-fips, datahub-ingestion...