CVE-2023-34463

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-34463

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-34463.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-34463

Aliases

GHSA-4c4p-qfwq-85fj

Published

2023-06-26T20:29:38.074Z

Modified

2026-04-10T04:58:32.158024Z

Severity

8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVSS Calculator

Summary

Unauthorized users can delete applications in DataEase

Details

DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions Unauthorized users can delete an application erroneously. This vulnerability has been fixed in version 1.18.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Database specific

{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-862"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/34xxx/CVE-2023-34463.json"
}

References

Affected packages

Git / github.com/dataease/dataease

Affected ranges

Type: GIT
Repo: https://github.com/dataease/dataease
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

4de4f95cffc263b4317a0c543d073024af99378e

Affected versions

v1.*

v1.0.0

v1.18.0

v1.18.1

v1.18.2

v1.18.4

v1.18.5

v1.18.6

v1.18.7

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-34463.json"