Approved changes feed: RSS · Atom

cpe:2.3:a:alldata:alldata:0.4.6:*:*:*:*:*:*:*

part: a version: 0.4.6 update: *

VendorAlldata (4f44625a-4994-5200-ab05-dab48e739e4a)
ProductAlldata (d66984eb-08e5-5537-8383-9c486e864982)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/alldatacenter/alldata purl2cpe 2026-06-01 10:15:55.494099

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-29435 vulnerable 2026-06-08 06:33:29.152656 Details available
An issue discovered in Alldata v0.4.6 allows attacker to run arbitrary commands via the processId parameter.
Published: 2024-04-01T00:00:00.000Z
Updated: 2024-09-04T16:02:47.623Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-29434 vulnerable 2026-06-08 06:33:29.152169 Details available
An issue in the system image upload interface of Alldata v0.4.6 allows attackers to execute a directory traversal when uploading a file.
Published: 2024-04-02T00:00:00.000Z
Updated: 2025-03-28T23:38:55.948Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-29433 vulnerable 2026-06-08 06:33:29.151638 Details available
A deserialization vulnerability in the FASTJSON component of Alldata v0.4.6 allows attackers to execute arbitrary commands via supplying crafted data.
Published: 2024-04-01T00:00:00.000Z
Updated: 2024-09-04T15:57:51.349Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-29432 vulnerable 2026-06-08 06:33:29.151060 Details available
Alldata v0.4.6 was discovered to contain a SQL injection vulnerability via the tablename parameter at /data/masterdata/datas.
Published: 2024-04-02T00:00:00.000Z
Updated: 2024-09-04T16:04:34.416Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-27605 vulnerable 2026-06-08 06:31:29.064287 Details available
Alldata V0.4.6 is vulnerable to Insecure Permissions. Using users (test) can query information about the users in the system.
Published: 2024-04-02T00:00:00.000Z
Updated: 2025-03-28T18:25:43.563Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-27604 vulnerable 2026-06-08 06:31:29.063954 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-27602 vulnerable 2026-06-08 06:31:29.063353 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.