マイナビニュース

「OpenMetadata」の脆弱性

Microsoftによって悪用が確認された脆弱性は、2024年3月15日に公開されたOpenMetadataの複数の脆弱性とみられる。これら脆弱性は悪用されるとリモートの攻撃者に認証をバイパスしてコードを実行される可能性がある。 悪用が確認された脆弱性の情報(CVE)は次の ...
Bleeping Computer

Hackers hijack OpenMetadata apps in Kubernetes cryptomining attacks

In an ongoing Kubernetes cryptomining campaign, attackers target OpenMetadata workloads using critical remote code execution and authentication vulnerabilities. OpenMetadata is an open-source metadata ...
Dark Reading

Active Kubernetes RCE Attack Relies on Known OpenMetadata Vulns

Editor's note: On 4-25-24 this article was updated to include a statement from OpenMetadata. Known vulnerabilities in OpenMetadata's open source metadata repository have been under active exploit ...
GitHub

openmetadata_managed_apis plugin is detected by Airflow, but the REST blueprint/routes are ...

The openmetadata_managed_apis plugin is detected by Airflow, but the REST blueprint/routes are not registered. As a result, the OpenMetadata Server’s health check to Airflow Managed APIs at ...