12 matches found
CVE-2024-28848
CVE-2024-28848 is a SpEL injection vulnerability in OpenMetadata's GET /api/v1/policies/validation/condition/. The CompiledRule.validateExpression flow evaluates user-supplied SpEL against Java types (e.g., Runtime), enabling remote code execution. The issue is exploitable by authenticated non-ad...
CVE-2024-28254
OpenMetadata CVE-2024-28254 is a SpEL injection at GET /api/v1/events/subscriptions/validation/condition/, allowed by AlertUtil::validateExpression, which can reach java.lang.Runtime via StandardEvaluationContext to perform arbitrary commands (RCE). Authentication bypass concerns exist via CVE-20...
CVE-2024-28255
OpenMetadata contains a flaw in the JwtFilter authentication check: the code may treat certain requests as excluded endpoints due to path parameters, allowing requests to bypass JWT validation and reach protected endpoints. The issue enables authentication bypass and, in combination with SpEL inj...
CVE-2024-28253
OpenMetadata (policy handling) is affected by a SpEL injection in PUT /api/v1/policies. The vulnerability arises because SpEL expressions are evaluated in PolicyRepository.prepare() before authorization checks, allowing an attacker to craft a policy payload that executes arbitrary code via a runt...
CVE-2024-28847
OpenMetadata contains a SpEL (Spring Expression Language) injection in PUT /api/v1/events/subscriptions. The vulnerability stems from AlertUtil.validateExpression invoked by EventSubscriptionRepository.prepare(), called during EntityRepository.prepareInternal() as part of createOrUpdate flow, all...
CVE-2024-55238
OpenMetadata
CVE-2025-50465
OpenMetadata
CVE-2025-50466
OpenMetadata (OpenMetadata service)
CVE-2025-50467
OpenMetadata
CVE-2025-50468
CVE-2025-50468 affects OpenMetadata
CVE-2026-26010
OpenMetadata CVE-2026-26010 describes a leakage of JWTs through calls to /api/v1/ingestionPipelines from the UI, prior to version 1.11.8. Read-only users could obtain tokens used by the ingestion-bot for services such as Glue, Redshift, and Postgres, enabling access to a highly privileged Ingesti...
CVE-2026-22244
OpenMetadata is affected by CVE-2026-22244 due to Server-Side Template Injection (SSTI) in FreeMarker email templates. Affected versions: prior to 1.11.4; exploitation requires administrative privileges and can lead to remote code execution. OpenMetadata 1.11.4 contains a patch. References and Re...