Information disclosure in Metabase
CVE-2025-32382
Metabase is an open source Business Intelligence and Embedded Analytics tool. When admins change Snowflake connection details in Metabase (either updating a password or changing password to private key or vice versa), Metabase would not al…
EPSS: 0.003 (22.4th percentile) — read the EPSS interpretation.
Affected products
- Metabase — versions >= 0.52.12, < 0.52.17.1, >= 1.52.12, < 1.52.17.1, >= 0.53.2.3, < 0.53.9.5
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)