Approved changes feed: RSS · Atom
cpe:2.3:a:alldata:alldata:0.4.6:*:*:*:*:*:*:*
part: a version: 0.4.6 update: *
| Vendor | Alldata (4f44625a-4994-5200-ab05-dab48e739e4a) |
|---|---|
| Product | Alldata (d66984eb-08e5-5537-8383-9c486e864982) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/alldatacenter/alldata |
purl2cpe | 2026-06-01 10:15:55.494099 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-29435 |
vulnerable | 2026-06-08 06:33:29.152656 |
Details available
An issue discovered in Alldata v0.4.6 allows attacker to run arbitrary commands via the processId parameter.
Published: 2024-04-01T00:00:00.000Z
Updated: 2024-09-04T16:02:47.623Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-29434 |
vulnerable | 2026-06-08 06:33:29.152169 |
Details available
An issue in the system image upload interface of Alldata v0.4.6 allows attackers to execute a directory traversal when uploading a file.
Published: 2024-04-02T00:00:00.000Z
Updated: 2025-03-28T23:38:55.948Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-29433 |
vulnerable | 2026-06-08 06:33:29.151638 |
Details available
A deserialization vulnerability in the FASTJSON component of Alldata v0.4.6 allows attackers to execute arbitrary commands via supplying crafted data.
Published: 2024-04-01T00:00:00.000Z
Updated: 2024-09-04T15:57:51.349Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-29432 |
vulnerable | 2026-06-08 06:33:29.151060 |
Details available
Alldata v0.4.6 was discovered to contain a SQL injection vulnerability via the tablename parameter at /data/masterdata/datas.
Published: 2024-04-02T00:00:00.000Z
Updated: 2024-09-04T16:04:34.416Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-27605 |
vulnerable | 2026-06-08 06:31:29.064287 |
Details available
Alldata V0.4.6 is vulnerable to Insecure Permissions. Using users (test) can query information about the users in the system.
Published: 2024-04-02T00:00:00.000Z
Updated: 2025-03-28T18:25:43.563Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-27604 |
vulnerable | 2026-06-08 06:31:29.063954 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-27602 |
vulnerable | 2026-06-08 06:31:29.063353 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.