Latest version: v0.999.1
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| CVE-2023-25558 | 63332 |
DataHub under 0.9.5 uses the X-DataHub-Actor HTTP header to infer the… |
|
HIGH | 8.8 |
| CVE-2023-25557 | 63334 |
DataHub under 0.8.45 frontend, acting as a proxy, is found to have a … |
|
CRITICAL | 9.1 |
| CVE-2023-25559 | 63333 |
DataHub under 0.8.45 uses the X-DataHub-Actor HTTP header to identify… |
|
HIGH | 8.1 |
| CVE-2023-25560 | 63335 |
DataHub's AuthServiceClient, specifically versions prior to 0.8.45, c… |
|
CRITICAL | 9.8 |
| CVE-2023-25561 | 63336 |
DataHub's AuthServiceClient, particularly versions below 0.8.45, crea… |
|
CRITICAL | 9.8 |
| CVE-2023-25562 | 63337 |
In DataHub versions prior to 0.8.45, session cookies are only cleared… |
|
CRITICAL | 9.8 |
| CVE-2023-47628 | 70896 |
DataHub is an open-source metadata platform. DataHub Frontend's sessi… |
|
MEDIUM | 4.8 |
| CVE-2023-47629 | 70897 |
DataHub is an open-source metadata platform. In affected versions sig… |
|
HIGH | 8.0 |