Approved changes feed: RSS · Atom

cpe:2.3:a:alldata:alldata:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorAlldata (4f44625a-4994-5200-ab05-dab48e739e4a)
ProductAlldata (d66984eb-08e5-5537-8383-9c486e864982)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/alldatacenter/alldata purl2cpe 2026-06-01 10:15:55.494097

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-29435 vulnerable 2026-06-08 06:33:29.152465 Details available
An issue discovered in Alldata v0.4.6 allows attacker to run arbitrary commands via the processId parameter.
Published: 2024-04-01T00:00:00.000Z
Updated: 2024-09-04T16:02:47.623Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-29433 vulnerable 2026-06-08 06:33:29.151455 Details available
A deserialization vulnerability in the FASTJSON component of Alldata v0.4.6 allows attackers to execute arbitrary commands via supplying crafted data.
Published: 2024-04-01T00:00:00.000Z
Updated: 2024-09-04T15:57:51.349Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-29432 vulnerable 2026-06-08 06:33:29.150030 Details available
Alldata v0.4.6 was discovered to contain a SQL injection vulnerability via the tablename parameter at /data/masterdata/datas.
Published: 2024-04-02T00:00:00.000Z
Updated: 2024-09-04T16:04:34.416Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-27602 vulnerable 2026-06-08 06:31:29.062104 Details available
Alldata V0.4.6 is vulnerable to Incorrect Access Control. A total of many modules interface documents have been leaked.For example, the /api/system/v2/api-docs module.
Published: 2024-04-02T00:00:00.000Z
Updated: 2024-09-04T16:03:38.277Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.