4 matches found
cn.langpy:db-listener (>=0.0.9-jdk8 <=1.0.4-jdk8), cn.tenmg:flink-cdc-log-base (=1.0.0) +225 more potentially affected by CVE-2023-1419 via io.debezium:debezium-core (>=0.1.0 <=2.2.1.Final)
io.debezium:debezium-core MAVEN version =0.1.0, =0.0.9-jdk8, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.7.4-SNAPSHOT-35e64fa and more Source cves: CVE-2023-1419 Source advisory: OSV:GHSA-HVW5-3MGW-7RCF...
CVE-2023-1419
A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject a parameter that may allow the viewing of unauthorized data...
CVE-2023-1419
creationtimestamp| type| source ---|---|--- 2024-11-17 10:25:44+00:00| seen| https://infosec.exchange/users/cve/statuses/113497810143520970 2024-11-17 12:56:58+00:00| seen| https://t.me/cvedetector/11258...
CVE-2023-1419 Debezium: script injection via connector parameter
A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject a parameter that may allow the viewing of unauthorized data...