javadk/CVE-2025-50465.txt

## CVE-2025-50465.txt
Description
Summary
OpenMetadata <=1.4.1 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the
TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query.

Cve id:
CVE-2025-50465

Details:
The open-metadata project exposes the function listCount in TestDefinitionDAO interface at the API URL api/v1/dataQuality/testDefinitions. The testPlatform parameter is directly used to build a SQL query in line 3515,3517.

### CVSS:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Vulnerability Type:
SQL Injection

Vendor of Product:
open-metadata

Affected Product Code Base:
open-metadata 1.4.4 - =<1.4.4

Attack Type:
Remote

Impact Escalation of Privileges:
true

Impact Information Disclosure:
true

Attack Vectors:
 ### Summary
 A SQL injection vulnerability exists in open-metadata 1.4.4 where an authenticated, low-privileged remote attacker could extract information from the
database.

### Details:
The open-metadata project exposes the function listCount in TestDefinitionDAO interface at the API URL api/v1/dataQuality/testDefinitions. The testPlatform parameter is directly used to build a SQL query in line 3515 ,3517.


Reference
 https://github.com/open-metadata/OpenMetadata/blob/4b9145a9da7ed95b7f868ab9f351e3d759af47d7/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/CollectionDAO.java#L3515
 https://github.com/open-metadata/OpenMetadata/blob/4b9145a9da7ed95b7f868ab9f351e3d759af47d7/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/CollectionDAO.java#L3517


Email: javad1386@gmail.com
	Description
	Summary
	OpenMetadata <=1.4.1 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the
	TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query.

	Cve id:
	CVE-2025-50465

	Details:
	The open-metadata project exposes the function listCount in TestDefinitionDAO interface at the API URL api/v1/dataQuality/testDefinitions. The testPlatform parameter is directly used to build a SQL query in line 3515,3517.

	### CVSS:
	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

	Vulnerability Type:
	SQL Injection

	Vendor of Product:
	open-metadata

	Affected Product Code Base:
	open-metadata 1.4.4 - =<1.4.4

	Attack Type:
	Remote

	Impact Escalation of Privileges:
	true

	Impact Information Disclosure:
	true

	Attack Vectors:
	### Summary
	A SQL injection vulnerability exists in open-metadata 1.4.4 where an authenticated, low-privileged remote attacker could extract information from the
	database.

	### Details:
	The open-metadata project exposes the function listCount in TestDefinitionDAO interface at the API URL api/v1/dataQuality/testDefinitions. The testPlatform parameter is directly used to build a SQL query in line 3515 ,3517.


	Reference
	https://github.com/open-metadata/OpenMetadata/blob/4b9145a9da7ed95b7f868ab9f351e3d759af47d7/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/CollectionDAO.java#L3515
	https://github.com/open-metadata/OpenMetadata/blob/4b9145a9da7ed95b7f868ab9f351e3d759af47d7/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/CollectionDAO.java#L3517



	Email: javad1386@gmail.com
No results found