CVE-2024-57707

Critical CVSS: 9.8

An issue in DataEase v1 allows an attacker to execute arbitrary code via the user account and password components.

Vendor

Product

CWE

Yayın Tarihi

2025-02-07 16:15:38

Güncelleme

2025-03-28 17:24:50

Source Identifier

cve@mitre.org

KEV Date Added

CWE-94 Dataease CRITICAL Dataease 2025

https://github.com/shigophilo/CVE/blob/main/DataEase-v1-code-execute.md

High

CVE-2026-32939

DataEase is an open source data visualization analysis tool. Versions 2.10.19 and below have inconsistent Locale handlin…

Critical

CVE-2026-32137

Dataease is an open source data visualization analysis tool. Prior to 2.10.20, The table parameter for /de2api/datasourc…

Medium

CVE-2026-32139

Dataease is an open source data visualization analysis tool. In DataEase 2.10.19 and earlier, the static resource upload…

Critical

CVE-2026-32140

Dataease is an open source data visualization analysis tool. Prior to 2.10.20, By controlling the IniFile parameter, an…

High

CVE-2026-23958

Dataease is an open source data visualization analysis tool. Prior to version 2.10.19, DataEase uses the MD5 hash of the…

High

CVE-2025-64428

Dataease is an open source data visualization analysis tool. Versions prior to 2.10.17 are vulnerable to JNDI injection.…