CNNVD-202602-933 Information

CNNVD ID

CNNVD-202602-933

Related CVE

CVE-2026-25644

• CNNVD Published: 2026-02-06

Description (Chinese)

DataHub是datahub-project开源的一个现代数据栈的元数据平台。 DataHub 1.3.1.8之前版本存在信任管理问题漏洞，该漏洞源于LDAP摄取源容易受到通过TLS降级实施的中间人攻击。

Description (English)

Datshub is a metadata platform for a modern data warehouse that is open to datahub-project. The previous version of Datshaub 1.3.1.1.8 had a confidence management gap, which stemmed from the vulnerability of LDAP intake sources to attacks by intermediaries through downgraded TLS.

Hazard Level

High

Vulnerability Type

信任管理问题

Affected Vendor

datahub-project

Published

2026-02-06

Last Modified

2026-02-24

References

https://github.com/datahub-project/datahub/security/advisories/GHSA-j34h-x7qg-4qw5 https://access.redhat.com/security/cve/cve-2026-25644

Patch

https://datahub.com/