← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-41277 — Actively Exploited: Metabase (Metabase)

Metabase contains a local file inclusion vulnerability in the custom map support in the API to read GeoJSON formatted data.

CVE IDCVE-2021-41277
VendorMetabase
ProductMetabase
Vulnerability nameMetabase GeoJSON API Local File Inclusion Vulnerability
Date added2024-11-12
Remediation due2024-12-03
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionMetabase contains a local file inclusion vulnerability in the custom map support in the API to read GeoJSON formatted data.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →