CVE-2025-57772

Source
https://cve.org/CVERecord?id=CVE-2025-57772
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-57772.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-57772
Aliases
  • GHSA-v37q-vh67-9rqv
Published
2025-08-25T17:00:20.382Z
Modified
2026-07-15T15:30:18.674568Z
Severity
  • 8.2 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
Dataease H2 JDBC RCE Bypass
Details

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.12, there is a H2 JDBC RCE bypass in DataEase. If the JDBC URL meets criteria, the getJdbcUrl method is returned, which acts as the getter for the JdbcUrl parameter provided. This bypasses H2's filtering logic and returns the H2 JDBC URL, allowing the "driver":"org.h2.Driver" to specify the H2 driver for the JDBC connection. The vulnerability has been fixed in version 2.10.12.

Database specific
{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-94"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/57xxx/CVE-2025-57772.json"
}
References

Affected packages

Git / github.com/dataease/dataease

Affected ranges

Type
GIT
Repo
https://github.com/dataease/dataease
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed
Database specific
{
    "source": [
        "CPE_RANGE",
        "REFERENCES"
    ],
    "cpe": "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.10.12"
        }
    ]
}

Affected versions

v1.*
v1.0.0
v2.*
v2.10.0
v2.10.1
v2.10.10
v2.10.11
v2.10.2
v2.10.3
v2.10.4
v2.10.5
v2.10.6
v2.10.7
v2.10.8
v2.10.9
v2.2.0
v2.3.0
v2.6.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-57772.json"
vanir_signatures
[
    {
        "id": "CVE-2025-57772-0c06767f",
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "function_hash": "256554938771478780442828783751474596058",
            "length": 706.0
        },
        "target": {
            "function": "getJdbc",
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/Oracle.java"
        }
    },
    {
        "id": "CVE-2025-57772-1698a1b3",
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "23757338840592367074786271824445765928",
                "137118489655014640805630097006327311185",
                "49705660588032014071884621681836796323",
                "121792339078831036714911070597933511577"
            ]
        },
        "target": {
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/Redshift.java"
        }
    },
    {
        "id": "CVE-2025-57772-24abc64d",
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "3682491180337774735492088248212711218",
                "137118489655014640805630097006327311185",
                "49705660588032014071884621681836796323",
                "131427123251763910502019681955658018229"
            ]
        },
        "target": {
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/Mysql.java"
        }
    },
    {
        "id": "CVE-2025-57772-50ae2587",
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "function_hash": "323061625201023349501432989808329884404",
            "length": 748.0
        },
        "target": {
            "function": "getJdbc",
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/CK.java"
        }
    },
    {
        "id": "CVE-2025-57772-598d20ad",
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "function_hash": "160492777701142202855704762939884143636",
            "length": 791.0
        },
        "target": {
            "function": "getJdbc",
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/Redshift.java"
        }
    },
    {
        "id": "CVE-2025-57772-6f6f6b05",
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "27627074303964318882417323486351141630",
                "272790013953672796150386807231842354032",
                "171457449788107737185421138346977175272",
                "155492726525485500818202825548485514582",
                "172332398816939070015484972354472842339"
            ]
        },
        "target": {
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/Mongo.java"
        }
    },
    {
        "id": "CVE-2025-57772-72aa9500",
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "27627074303964318882417323486351141630",
                "272790013953672796150386807231842354032",
                "171457449788107737185421138346977175272",
                "155492726525485500818202825548485514582",
                "172332398816939070015484972354472842339"
            ]
        },
        "target": {
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/Impala.java"
        }
    },
    {
        "id": "CVE-2025-57772-74adefe5",
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "110933217615169316001806491425634383769",
                "137118489655014640805630097006327311185",
                "49705660588032014071884621681836796323",
                "203174799191427566620597313802144224224"
            ]
        },
        "target": {
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/Db2.java"
        }
    },
    {
        "id": "CVE-2025-57772-7809bc80",
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "27627074303964318882417323486351141630",
                "241075840831451737810488679501752633791",
                "230413827549299870676532268452966731911",
                "155492726525485500818202825548485514582",
                "78087433515453413823786164604187590088"
            ]
        },
        "target": {
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/Oracle.java"
        }
    },
    {
        "id": "CVE-2025-57772-81bbbdb8",
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "function_hash": "194965484651173277104040408159602013466",
            "length": 772.0
        },
        "target": {
            "function": "getJdbc",
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/Sqlserver.java"
        }
    },
    {
        "id": "CVE-2025-57772-a22728d7",
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "27627074303964318882417323486351141630",
                "116151248021616525147549313345851321911",
                "230413827549299870676532268452966731911",
                "155492726525485500818202825548485514582",
                "172332398816939070015484972354472842339",
                "307313047144167514548660011036587434750",
                "218566917964947618261136916994581201392",
                "46958366425708698470715653761462115100",
                "306889702375309906217025182719901388652",
                "130191747495566765357858499324510657492",
                "38851420526857209240461188799402472185",
                "149035767662142678828418635795166846892",
                "60489612171580857010862227886461451827"
            ]
        },
        "target": {
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/CK.java"
        }
    },
    {
        "id": "CVE-2025-57772-bc1cd87c",
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "function_hash": "105551996778645940445512813741637268168",
            "length": 1400.0
        },
        "target": {
            "function": "getJdbc",
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/Mysql.java"
        }
    },
    {
        "id": "CVE-2025-57772-bf663da4",
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "function_hash": "134578047148909783629916950705463096659",
            "length": 1656.0
        },
        "target": {
            "function": "getJdbc",
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/Pg.java"
        }
    },
    {
        "id": "CVE-2025-57772-c109a1dc",
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "23757338840592367074786271824445765928",
                "137118489655014640805630097006327311185",
                "49705660588032014071884621681836796323",
                "131427123251763910502019681955658018229"
            ]
        },
        "target": {
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/Pg.java"
        }
    },
    {
        "id": "CVE-2025-57772-cb9dfe10",
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "function_hash": "59384475017983037905694381714415158882",
            "length": 740.0
        },
        "target": {
            "function": "getJdbc",
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/Impala.java"
        }
    },
    {
        "id": "CVE-2025-57772-e38250a7",
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "27627074303964318882417323486351141630",
                "272790013953672796150386807231842354032",
                "171457449788107737185421138346977175272",
                "155492726525485500818202825548485514582",
                "172332398816939070015484972354472842339"
            ]
        },
        "target": {
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/Sqlserver.java"
        }
    },
    {
        "id": "CVE-2025-57772-e8a46750",
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "function_hash": "61449927374068713371938487920096925176",
            "length": 1525.0
        },
        "target": {
            "function": "getJdbc",
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/Db2.java"
        }
    },
    {
        "id": "CVE-2025-57772-f53d23af",
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/dataease/dataease/commit/1644d81dff46272b09570fa1f4a8f83f01f37440",
        "deprecated": false,
        "digest": {
            "function_hash": "506107949034947191046459658789950843",
            "length": 915.0
        },
        "target": {
            "function": "getJdbc",
            "file": "core/core-backend/src/main/java/io/dataease/datasource/type/Mongo.java"
        }
    }
]
vanir_signatures_modified
"2026-07-15T15:30:18Z"