Metabase 0.40.x < 0.40.8 / 0.41.x < 0.41.7 / 0.42.x < 0.42.4 / 1.40.x < 1.40.8 / 1.41.x < 1.41.7 / 1.42.x < 1.42.4

The version of Metabase installed on the remote host is prior to 1.42.4. It is, therefore, affected by multiple vulnerabilities. - Metabase has a proxy to load arbitrary URLs for JSON maps as part of our GeoJSON support. While we do validation to not return contents of arbitrary URLs, there is a...

Metabase 信息泄露漏洞

Metabase is an open source data analytics platform from US-based Metabase, Inc. Metabase suffers from an information disclosure vulnerability that stems from having a proxy that is used to load JSON-mapped arbitrary URLs as part of our GeoJSON support. While we perform validation to not return th...