CVE-2023-37470 - Remote Code Execution in Metabase via H2 Connection String Injection
Metabase is a widely used open-source business intelligence (BI) and analytics platform, popular for helping users visualize and analyze their data with ease. In mid-2023,
CVE-2023-38646 - Breaking Metabase—How Unauthenticated Remote Code Execution Rocked BI Servers
If you’re using Metabase for business intelligence or dashboarding, there’s a critical security warning you need to hear about. CVE-2023-38646 is a high-impact
CVE-2022-39362 - How Metabase Auto-Executed Unsaved SQL Queries & Why It Mattered
Metabase is a popular open-source platform for data visualization and analytics. A lot of businesses and organizations use it so that employees can make sense
CVE-2022-39358 - How Locked Parameters in Metabase Embedded Dashboards Were Bypassed
Metabase is a popular open-source tool for exploring and visualizing data. It’s commonly used to build dashboards and share insights within organizations. One of
CVE-2022-39360 - How a Metabase SSO Flaw Let Attackers Reset Passwords
Metabase is a popular, open-source data visualization and business intelligence tool, often used by organizations to create dashboards and share insights from databases and other
Episode
00:00:00
00:00:00