Security Advisory

CVE-2025-64164

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-06 00:07:58

Last updated 2025-11-06 21:17:41

Assigner GitHub_M

State PUBLISHED

Description

Dataease is an open source data visualization analysis tool. In versions 2.10.14 and below, DataEase did not properly filter when establishing JDBC connections to Oracle, resulting in a risk of JNDI injection (Java Naming and Directory Interface injection). This issue is fixed in version 2.10.15.

← Browse all CVEs View on cve.org ↗