CVE-2021-41277: Metabase GeoJSON API Local File Inclusion Vulnerability.
Metabase GeoJSON API Local File Inclusion Vulnerability. Metabase contains a local file inclusion vulnerability in the custom map support in the API to read GeoJSON formatted data.
- CISA KEV-listed (remediation due 2024-12-03)
- EPSS 94.4% (100.0% percentile)