Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Open-metadata Subscribe
Filtered by product Openmetadata
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-55238 1 Open-metadata 1 Openmetadata 2025-04-24 N/A 7.1 HIGH
OpenMetadata <=1.4.1 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the WorkflowDAO interface. The workflowtype and status parameters can be used to build a SQL query.