Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Dataease Project Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-34115 1 Dataease Project 1 Dataease 2022-10-27 N/A 9.8 CRITICAL
DataEase v1.11.1 was discovered to contain a arbitrary file write vulnerability via the parameter dataSourceId.
CVE-2022-34112 1 Dataease Project 1 Dataease 2022-07-30 N/A 6.5 MEDIUM
An access control issue in the component /api/plugin/uninstall Dataease v1.11.1 allows attackers to arbitrarily uninstall the plugin, a right normally reserved for the administrator.
CVE-2022-34114 1 Dataease Project 1 Dataease 2022-07-25 N/A 8.8 HIGH
Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId.