CVE List

CVE-2024-55238

OpenMetadata <=1.4.1 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the WorkflowDAO interface. The workflowtype and status parameters can be used to build a SQL query.

Published April 17, 2025.

Affected software

Get alerts for Open-metadata Openmetadata

Reference links