CVE-2025-62419 | DataEase up to 2.10.13 Data Source Configuration extraParams deserialization (GHSA-x4x9-mjcf-99r9)

Inserito da Angelo Barbosa | Ott 18, 2025 | CVE

A vulnerability has been found in DataEase up to 2.10.13 and classified as problematic. The affected element is an unknown function of the component Data Source Configuration Handler. The manipulation of the argument extraParams leads to deserialization.

This vulnerability is documented as CVE-2025-62419. The attack can be initiated remotely. There is not any exploit available.

The affected component should be upgraded.

CVE-2025-62419 | DataEase up to 2.10.13 Data Source Configuration extraParams deserialization (GHSA-x4x9-mjcf-99r9)

Post correlati

CVE-2024-22920 | SWFTools 0.9.2 compile.c bufferWriteData use after free

CVE-2024-43639 | Microsoft Windows Server 2012 up to Server 2022 23H2 Kerberos numeric truncation error

CVE-2024-6322 | Grafana/Grafana Enterprise up to 11.1.0/11.1.2 plugin.json ReqActions privileges assignment

CVE-2024-24293 | bit loader 10.0.3 index.js e prototype pollution