CVE-2023-37470 - Remote Code Execution in Metabase via H2 Connection String Injection
Metabase is a widely used open-source business intelligence (BI) and analytics platform, popular for helping users visualize and analyze their data with ease. In mid-2023,
CVE-2023-38646 - Breaking Metabase—How Unauthenticated Remote Code Execution Rocked BI Servers
If you’re using Metabase for business intelligence or dashboarding, there’s a critical security warning you need to hear about. CVE-2023-38646 is a high-impact
CVE-2022-39361 - How a Metabase Sample Database Bug Led to Remote Code Execution (RCE)
Metabase makes it easy for anyone to explore and visualize data. But in late 2022, a critical security issue was discovered that could let attackers
CVE-2022-39360 - How a Metabase SSO Flaw Let Attackers Reset Passwords
Metabase is a popular, open-source data visualization and business intelligence tool, often used by organizations to create dashboards and share insights from databases and other
CVE-2022-39358 - How Locked Parameters in Metabase Embedded Dashboards Were Bypassed
Metabase is a popular open-source tool for exploring and visualizing data. It’s commonly used to build dashboards and share insights within organizations. One of
Episode
00:00:00
00:00:00