Cdata Api Server vulnerabilities
2 known vulnerabilities affecting cdata/api_server.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-31848P2CRITICALCVSS 9.8PoCfixed in 23.4.88442024-04-05
CVE-2024-31848 [CRITICAL] CWE-22 CVE-2024-31848: A path traversal vulnerability exists in the Java version of CData API Server < 23.4.8844 when runni
A path traversal vulnerability exists in the Java version of CData API Server < 23.4.8844 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application.
nvd
CVE-2025-9273P4MEDIUMCVSS 4.3v23.0.8844.02025-09-02
CVE-2025-9273 [MEDIUM] CWE-552 CVE-2025-9273: CData API Server MySQL Misconfiguration Information Disclosure Vulnerability. This vulnerability all
CData API Server MySQL Misconfiguration Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of CData API Server. Authentication is required to exploit this vulnerability.
The specific flaw exists within the usage of MySQL connections. When connecting to a MySQL s
nvd