pkg:maven/io.dataease/dataease-plugin-common
Type
maven
Namespace
io.dataease
Name
dataease-plugin-common
Known advisories, vulnerabilities and fixes for io.dataease/dataease-plugin-common package.
Critical
3
High
3
Moderate
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 1.11.1 |
CVE-2022-34113
|
MAVEN:GHSA-5469-C5P2-XV5G | Dataease before 1.11.2 allows arbitrary code execution via crafter plugin | critical |
2022-07-23T00:00:15
(2 years ago) |
|
Fixed | = 1.11.2 |
CVE-2022-34113
|
MAVEN:GHSA-5469-C5P2-XV5G | Dataease before 1.11.2 allows arbitrary code execution via crafter plugin | critical |
2022-07-23T00:00:15
(2 years ago) |
|
Affected | <= 1.18.6 |
CVE-2023-32310
|
MAVEN:GHSA-7HV6-GV38-78WJ | DataEase API interface has IDOR vulnerability | high |
2023-06-02T17:09:17
(15 months ago) |
|
Fixed | = 1.18.7 |
CVE-2023-32310
|
MAVEN:GHSA-7HV6-GV38-78WJ | DataEase API interface has IDOR vulnerability | high |
2023-06-02T17:09:17
(15 months ago) |
|
Affected | <= 1.18.9 |
CVE-2023-40771
|
MAVEN:GHSA-8RV7-G772-PP3J | DataEase vulnerable to SQL injection | high |
2023-09-01T18:30:41
(12 months ago) |
|
Affected | <= 1.11.1 |
CVE-2022-34112
|
MAVEN:GHSA-C2PJ-RR68-PW94 | Dataease before 1.11.2 access control issue allows attackers to arbitrarily uninstall plugin | moderate |
2022-07-23T00:00:15
(2 years ago) |
|
Fixed | = 1.11.2 |
CVE-2022-34112
|
MAVEN:GHSA-C2PJ-RR68-PW94 | Dataease before 1.11.2 access control issue allows attackers to arbitrarily uninstall plugin | moderate |
2022-07-23T00:00:15
(2 years ago) |
|
Affected | < 1.11.2 |
CVE-2022-34114
|
MAVEN:GHSA-HMVW-66JM-H9FH | SQL Injection found in Dataease | high |
2022-07-23T00:00:15
(2 years ago) |
|
Fixed | = 1.11.2 |
CVE-2022-34114
|
MAVEN:GHSA-HMVW-66JM-H9FH | SQL Injection found in Dataease | high |
2022-07-23T00:00:15
(2 years ago) |
|
Affected | < 1.15.2 |
CVE-2022-39312
|
MAVEN:GHSA-Q4QQ-JHJV-7RH2 | MySQL JDBC deserialization vulnerability | critical |
2022-10-18T18:05:36
(23 months ago) |
|
Fixed | = 1.15.2 |
CVE-2022-39312
|
MAVEN:GHSA-Q4QQ-JHJV-7RH2 | MySQL JDBC deserialization vulnerability | critical |
2022-10-18T18:05:36
(23 months ago) |
|
Affected | < 1.11.2 |
CVE-2022-34115
|
MAVEN:GHSA-VJMR-6PMM-RPRF | Dataease v1.11.1 SQL Injection via parameter dataSourceId | critical |
2022-07-23T00:00:15
(2 years ago) |
|
Fixed | = 1.11.2 |
CVE-2022-34115
|
MAVEN:GHSA-VJMR-6PMM-RPRF | Dataease v1.11.1 SQL Injection via parameter dataSourceId | critical |
2022-07-23T00:00:15
(2 years ago) |