📦 Datagear

Name: Datagear
Author: Datagear

by Datagear

🔍 What is Datagear?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2025-65792

CRITICAL CVSS 9.1 Dec 10, 2025

DataGear v5.5.0 contains a path traversal vulnerability (CWE-22) that allows attackers to delete arbitrary files on the server. This affects all DataGear installations running version 5.5.0. Attackers...

CVE-2024-37759

CRITICAL CVSS 9.8 Jun 24, 2024

DataGear v5.0.0 and earlier contains a Spring Expression Language (SpEL) injection vulnerability in the Data Viewing interface. This allows authenticated attackers to execute arbitrary code on the ser...

CVE-2024-7552

MEDIUM CVSS 6.3 Aug 6, 2024

This critical vulnerability in DataGear allows remote attackers to execute arbitrary code through expression language injection in the Data Schema Page component. Attackers can exploit improper neutra...

CVE-2023-1571

MEDIUM CVSS 6.3 Mar 22, 2023

This critical SQL injection vulnerability in DataGear allows remote attackers to execute arbitrary SQL commands via the queryOrder parameter in the /analysisProject/pagingQueryData endpoint. Attackers...