Vulnerabilities > Metabase > Metabase > 0.40.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-04 | CVE-2023-37470 | Code Injection vulnerability in Metabase Metabase is an open-source business intelligence and analytics platform. | 9.8 |
| 2023-07-21 | CVE-2023-38646 | Unspecified vulnerability in Metabase Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. | 9.8 |
| 2023-05-18 | CVE-2023-32680 | Unspecified vulnerability in Metabase Metabase is an open source business analytics engine. | 9.6 |
| 2023-01-28 | CVE-2023-23628 | Unspecified vulnerability in Metabase Metabase is an open source data analytics platform. | 4.1 |
| 2023-01-28 | CVE-2023-23629 | Unspecified vulnerability in Metabase Metabase is an open source data analytics platform. | 6.3 |
| 2022-10-26 | CVE-2022-43776 | Server-Side Request Forgery (SSRF) vulnerability in Metabase The url parameter of the /api/geojson endpoint in Metabase versions <44.5 can be used to perform Server Side Request Forgery attacks. | 6.5 |