CVE-2025-70829

Medium CVSS: 5.7

An information exposure vulnerability in Datart v1.0.0-rc.3 allows authenticated attackers to access sensitive data via a custom H2 JDBC connection string.

Vendor

Running-elephant

Product

Datart

CWE

CWE-200

Yayın Tarihi

2026-02-17 15:16:19

Güncelleme

2026-02-23 13:17:08

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-200 Datart MEDIUM Running-elephant 2026

Referanslar

https://github.com/running-elephant/datart https://github.com/xiaoxiaoranxxx/CVE-2025-70829

Benzer Kayıtlar

High

CVE-2025-70828

An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configuratio…

High

CVE-2025-56815

Datart 1.0.0-rc.3 is vulnerable to Directory Traversal in the POST /viz/image interface, since the server directly uses…

High

CVE-2025-56816

Datart 1.0.0-rc.3 is vulnerable to Directory Traversal. The configuration file handling of the application allows attack…

Critical

CVE-2025-56819

An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT connection parameter.