CVE-2022-39366 - Critical Auth Bypass in DataHub—How Unverified JWTs Threaten Your Metadata
Summary:
A critical security flaw—CVE-2022-39366—was discovered in DataHub, an open-source metadata platform, in its Metadata Service (GMS). The flaw allowed anyone to bypass