CNNVD-202506-3801 Information

CNNVD ID

CNNVD-202506-3801

Related CVE

CVE-2025-53005

• CNNVD Published: 2025-06-30

Description (Chinese)

DataEase是DataEase开源的一个开源的数据可视化分析工具。用于帮助用户快速分析数据并洞察业务趋势，从而实现业务的改进与优化。 DataEase 2.10.11之前版本存在安全漏洞，该漏洞源于PostgreSQL数据源JDBC连接参数存在绕过漏洞。

Description (English)

DataEase is an open source data visualization analysis tool for DataEase open sources. To help users quickly analyse data and see business trends, thereby improving and optimizing operations. There was a security loophole in the pre-DataEase 2.10.11 version, which originated from a circumvention of JDBC connection parameters from PostgreSQL data source.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

DataEase

Published

2025-06-30

Last Modified

2026-02-24

References

https://github.com/dataease/dataease/security/advisories/GHSA-99c4-h4fq-r23v https://access.redhat.com/security/cve/cve-2025-53005 https://nvd.nist.gov/vuln/detail/CVE-2025-53005

Patch

https://dataease.cn/