Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Das — Vulnerabilities & Security Advisories 7

Browse all 7 CVE security advisories affecting Das. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Das is a distributed application security testing tool primarily used for identifying vulnerabilities in web applications and APIs. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with seven CVEs recorded to date. The tool's architecture often introduces risks through improper input validation and insecure default configurations. While no major public security incidents have been widely documented, its widespread adoption in development pipelines makes any potential vulnerability particularly impactful. Security researchers have noted that Das's plugin system occasionally introduces additional attack surfaces, requiring careful configuration and regular updates to maintain secure deployment environments.

Top products by Das: Parking Management System 停车场管理系统 U-Boot
CVE IDTitleCVSSSeverityPublished
CVE-2025-9843 Das Parking Management System 停车场管理系统 FindAll information disclosure — Parking Management System 停车场管理系统CWE-200 5.3 Medium2025-09-03
CVE-2025-9842 Das Parking Management System 停车场管理系统 Search information disclosure — Parking Management System 停车场管理系统CWE-200 5.3 Medium2025-09-03
CVE-2025-6118 Das Parking Management System 停车场管理系统 API search sql injection — Parking Management System 停车场管理系统CWE-89 7.3 High2025-06-16
CVE-2025-6117 Das Parking Management System 停车场管理系统 API Search sql injection — Parking Management System 停车场管理系统CWE-89 7.3 High2025-06-16
CVE-2025-6116 Das Parking Management System 停车场管理系统 API Search sql injection — Parking Management System 停车场管理系统CWE-89 7.3 High2025-06-16
CVE-2017-3225 Das U-Boot's AES-CBC encryption feature uses a zero (0) initialization vector that may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data — U-BootCWE-329 3.9 -2018-07-24
CVE-2017-3226 Das U-Boot's AES-CBC encryption feature improperly handles an error condition and may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data — U-BootCWE-329 6.4 -2018-07-24

This page lists every published CVE security advisory associated with Das. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.