Datahub Project Datahub — known CVE vulnerabilities
Every CVE whose affected-product data names Datahub Project Datahub, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2023-25558 — CVSS 7.5 (high): DataHub is an open-source metadata platform. When the DataHub frontend is configured to authenticate via SSO, it will leverage the pac4j…
CVE-2024-22409 — CVSS 7.5 (high): DataHub is an open-source metadata platform. In affected versions a low privileged user could remove a user, edit group members, or edit…
CVE-2023-47629 — CVSS 7.1 (high): DataHub is an open-source metadata platform. In affected versions sign-up through an invite link does not properly restrict users from…
CVE-2023-47640 — CVSS 6.4 (medium): DataHub is an open-source metadata platform. The HMAC signature for DataHub Frontend sessions was being signed using a SHA-1 HMAC with the…
CVE-2023-47628 — CVSS 4.2 (medium): DataHub is an open-source metadata platform. DataHub Frontend's sessions are configured using Play Framework's default settings for…