pkg:Maven/org.open-metadata:openmetadata-service

5 total CVEsCRITICAL1HIGH4

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.4CVE-2024-28253OpenMetadata vulnerable to SpEL Injection in `PUT /api/v1/policies` (`GHSL-2023-252`)
    from 0, < 1.3.1
  • HIGH8.8CVE-2024-28848OpenMetadata vulnerable to a SpEL Injection in `GET /api/v1/policies/validation/condition/<expr>` (`GHSL-2023-236`)
    from 0, < 1.2.4
  • HIGH8.8CVE-2024-28847OpenMetadata vulnerable to a SpEL Injection in `PUT /api/v1/events/subscriptions` (`GHSL-2023-251`)
    from 0, < 1.2.4
  • HIGH8.3CVE-2026-46481OpenMetadata: TEST_CONNECTION workflow leaks ingestion-bot JWT and database password to regular users
    from 0, < 1.12.4
  • HIGH7.1CVE-2024-55238OpenMetadata SQL Injection
    from 0, <= 1.4.1