CVE-2024-46997 | DataEase up to 2.10.0 h2 Data Source Connection String injection

Inserito da Angelo Barbosa | Set 23, 2024 | CVE

A vulnerability classified as very critical has been found in DataEase up to 2.10.0. This affects an unknown part of the component h2 Data Source Connection String Handler. The manipulation leads to injection.

This vulnerability is uniquely identified as CVE-2024-46997. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-46997 | DataEase up to 2.10.0 h2 Data Source Connection String injection

Post correlati

CVE-2024-23527 | Ivanti Avalanche up to 6.4.2 Service Port 1777 WLAvalancheService out-of-bounds

CVE-2024-25501 | WinMail up to 5.1/7.1 email cross site scripting

CVE-2024-9891 | Multiline Files Upload for Contact Form 7 up to 2.8.1 on WordPress Deactivation authorization

CVE-2024-38570 | Linux Kernel up to 6.6.32/6.8.11/6.9.2 gfs2 sd_dead_glocks use after free