GHSA-hvw5-3mgw-7rcf
Suggest an improvement- Source
- https://github.com/advisories/GHSA-hvw5-3mgw-7rcf
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/11/GHSA-hvw5-3mgw-7rcf/GHSA-hvw5-3mgw-7rcf.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-hvw5-3mgw-7rcf
- Aliases
-
- CVE-2023-1419
- Published
- 2024-11-17T12:30:29Z
- Modified
- 2024-11-18T20:27:22.245405Z
- Severity
-
- 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- Debezium database connector has a script injection vulnerability
- Details
-
A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject a parameter that may allow the viewing of unauthorized data.
- References
Affected packages
Maven / io.debezium:debezium-connector-mysql
Package
- Name
- io.debezium:debezium-connector-mysql
- View open source insights on deps.dev
- Purl
- pkg:maven/io.debezium/debezium-connector-mysql
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.3.0.Alpha1
Affected versions
0.*
0.1.0
0.2.0
0.2.1
0.2.2
0.2.3
0.2.4
0.3.0
0.3.1
0.3.2
0.3.3
0.3.4
0.3.5
0.3.6
0.4.0
0.4.1
0.5.0
0.5.1
0.5.2
0.6.0
0.6.1
0.6.2
0.7.0
0.7.1
0.7.2
0.7.3
0.7.4
0.7.5
0.8.0.Beta1
0.8.0.CR1
0.8.0.Final
0.8.1.Final
0.8.2
0.8.3.Final
0.9.0.Alpha1
0.9.0.Alpha2
0.9.0.Beta1
0.9.0.Beta2
0.9.0.CR1
0.9.0.Final
0.9.1.Final
0.9.2.Final
0.9.3.Final
0.9.4.Final
0.9.5.Final
0.10.0.Alpha1
0.10.0.Alpha2
0.10.0.Beta1
0.10.0.Beta2
0.10.0.Beta3
0.10.0.Beta4
0.10.0.CR1
0.10.0.CR2
0.10.0.Final
1.*
1.0.0.Beta1
1.0.0.Beta2
1.0.0.Beta3
1.0.0.CR1
1.0.0.Final
1.0.1.Final
1.0.2.Final
1.0.3.Final
1.1.0.Alpha1
1.1.0.Beta1
1.1.0.Beta2
1.1.0.CR1
1.1.0.Final
1.1.1.Final
1.1.2.Final
1.2.0.Alpha1
1.2.0.Beta1
1.2.0.Beta2
1.2.0.CR1
1.2.0.CR2
1.2.0.Final
1.2.1.Final
1.2.2.Final
1.2.3.Final
1.2.4.Final
1.2.5.Final
1.3.0.Alpha1
1.3.0.Beta1
1.3.0.Beta2
1.3.0.CR1
1.3.0.Final
1.3.1.Final
1.4.0.Alpha1
1.4.0.Alpha2
1.4.0.Beta1
1.4.0.CR1
1.4.0.Final
1.4.1.Final
1.4.2.Final
1.5.0.Alpha1
1.5.0.Beta1
1.5.0.Beta2
1.5.0.CR1
1.5.0.Final
1.5.1.Final
1.5.2.Final
1.5.3.Final
1.5.4.Final
1.6.0.Alpha1
1.6.0.Beta1
1.6.0.Beta2
1.6.0.CR1
1.6.0.Final
1.6.1.Final
1.6.2.Final
1.6.3.Final
1.6.4.Final
1.7.0.Alpha1
1.7.0.Beta1
1.7.0.CR1
1.7.0.CR2
1.7.0.Final
1.7.1.Final
1.7.2.Final
1.8.0.Alpha1
1.8.0.Alpha2
1.8.0.Beta1
1.8.0.CR1
1.8.0.Final
1.8.1.Final
1.9.0.Alpha1
1.9.0.Alpha2
1.9.0.Beta1
1.9.0.CR1
1.9.0.Final
1.9.1.Final
1.9.2.Final
1.9.3.Final
1.9.4.Final
1.9.5.Final
1.9.6.Final
1.9.7.Final
1.9.8.Final
2.*
2.0.0.Alpha1
2.0.0.Alpha2
2.0.0.Alpha3
2.0.0.Beta1
2.0.0.Beta2
2.0.0.CR1
2.0.0.Final
2.0.1.Final
2.1.0.Alpha1
2.1.0.Alpha2
2.1.0.Beta1
2.1.0.Final
2.1.1.Final
2.1.2.Final
2.1.3.Final
2.1.4.Final
2.2.0.Alpha1
2.2.0.Alpha2
2.2.0.Alpha3
2.2.0.Beta1
2.2.0.CR1
2.2.0.Final
2.2.1.Final
Maven / io.debezium:debezium-connector-sqlserver
Package
- Name
- io.debezium:debezium-connector-sqlserver
- View open source insights on deps.dev
- Purl
- pkg:maven/io.debezium/debezium-connector-sqlserver
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.3.0.Alpha1
Affected versions
0.*
0.9.0.Alpha1
0.9.0.Alpha2
0.9.0.Beta1
0.9.0.Beta2
0.9.0.CR1
0.9.0.Final
0.9.1.Final
0.9.2.Final
0.9.3.Final
0.9.4.Final
0.9.5.Final
0.10.0.Alpha1
0.10.0.Alpha2
0.10.0.Beta1
0.10.0.Beta2
0.10.0.Beta3
0.10.0.Beta4
0.10.0.CR1
0.10.0.CR2
0.10.0.Final
1.*
1.0.0.Beta1
1.0.0.Beta2
1.0.0.Beta3
1.0.0.CR1
1.0.0.Final
1.0.1.Final
1.0.2.Final
1.0.3.Final
1.1.0.Alpha1
1.1.0.Beta1
1.1.0.Beta2
1.1.0.CR1
1.1.0.Final
1.1.1.Final
1.1.2.Final
1.2.0.Alpha1
1.2.0.Beta1
1.2.0.Beta2
1.2.0.CR1
1.2.0.CR2
1.2.0.Final
1.2.1.Final
1.2.2.Final
1.2.3.Final
1.2.4.Final
1.2.5.Final
1.3.0.Alpha1
1.3.0.Beta1
1.3.0.Beta2
1.3.0.CR1
1.3.0.Final
1.3.1.Final
1.4.0.Alpha1
1.4.0.Alpha2
1.4.0.Beta1
1.4.0.CR1
1.4.0.Final
1.4.1.Final
1.4.2.Final
1.5.0.Alpha1
1.5.0.Beta1
1.5.0.Beta2
1.5.0.CR1
1.5.0.Final
1.5.1.Final
1.5.2.Final
1.5.3.Final
1.5.4.Final
1.6.0.Alpha1
1.6.0.Beta1
1.6.0.Beta2
1.6.0.CR1
1.6.0.Final
1.6.1.Final
1.6.2.Final
1.6.3.Final
1.6.4.Final
1.7.0.Alpha1
1.7.0.Beta1
1.7.0.CR1
1.7.0.CR2
1.7.0.Final
1.7.1.Final
1.7.2.Final
1.8.0.Alpha1
1.8.0.Alpha2
1.8.0.Beta1
1.8.0.CR1
1.8.0.Final
1.8.1.Final
1.9.0.Alpha1
1.9.0.Alpha2
1.9.0.Beta1
1.9.0.CR1
1.9.0.Final
1.9.1.Final
1.9.2.Final
1.9.3.Final
1.9.4.Final
1.9.5.Final
1.9.6.Final
1.9.7.Final
1.9.8.Final
2.*
2.0.0.Alpha1
2.0.0.Alpha2
2.0.0.Alpha3
2.0.0.Beta1
2.0.0.Beta2
2.0.0.CR1
2.0.0.Final
2.0.1.Final
2.1.0.Alpha1
2.1.0.Alpha2
2.1.0.Beta1
2.1.0.Final
2.1.1.Final
2.1.2.Final
2.1.3.Final
2.1.4.Final
2.2.0.Alpha1
2.2.0.Alpha2
2.2.0.Alpha3
2.2.0.Beta1
2.2.0.CR1
2.2.0.Final
2.2.1.Final
Maven / io.debezium:debezium-core
Package
- Name
- io.debezium:debezium-core
- View open source insights on deps.dev
- Purl
- pkg:maven/io.debezium/debezium-core
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.3.0.Alpha1
Affected versions
0.*
0.1.0
0.2.0
0.2.1
0.2.2
0.2.3
0.2.4
0.3.0
0.3.1
0.3.2
0.3.3
0.3.4
0.3.5
0.3.6
0.4.0
0.4.1
0.5.0
0.5.1
0.5.2
0.6.0
0.6.1
0.6.2
0.7.0
0.7.1
0.7.2
0.7.3
0.7.4
0.7.5
0.8.0.Beta1
0.8.0.CR1
0.8.0.Final
0.8.1.Final
0.8.2
0.8.3.Final
0.9.0.Alpha1
0.9.0.Alpha2
0.9.0.Beta1
0.9.0.Beta2
0.9.0.CR1
0.9.0.Final
0.9.1.Final
0.9.2.Final
0.9.3.Final
0.9.4.Final
0.9.5.Final
0.10.0.Alpha1
0.10.0.Alpha2
0.10.0.Beta1
0.10.0.Beta2
0.10.0.Beta3
0.10.0.Beta4
0.10.0.CR1
0.10.0.CR2
0.10.0.Final
1.*
1.0.0.Beta1
1.0.0.Beta2
1.0.0.Beta3
1.0.0.CR1
1.0.0.Final
1.0.1.Final
1.0.2.Final
1.0.3.Final
1.1.0.Alpha1
1.1.0.Beta1
1.1.0.Beta2
1.1.0.CR1
1.1.0.Final
1.1.1.Final
1.1.2.Final
1.2.0.Alpha1
1.2.0.Beta1
1.2.0.Beta2
1.2.0.CR1
1.2.0.CR2
1.2.0.Final
1.2.1.Final
1.2.2.Final
1.2.3.Final
1.2.4.Final
1.2.5.Final
1.3.0.Alpha1
1.3.0.Beta1
1.3.0.Beta2
1.3.0.CR1
1.3.0.Final
1.3.1.Final
1.4.0.Alpha1
1.4.0.Alpha2
1.4.0.Beta1
1.4.0.CR1
1.4.0.Final
1.4.1.Final
1.4.2.Final
1.5.0.Alpha1
1.5.0.Beta1
1.5.0.Beta2
1.5.0.CR1
1.5.0.Final
1.5.1.Final
1.5.2.Final
1.5.3.Final
1.5.4.Final
1.6.0.Alpha1
1.6.0.Beta1
1.6.0.Beta2
1.6.0.CR1
1.6.0.Final
1.6.1.Final
1.6.2.Final
1.6.3.Final
1.6.4.Final
1.7.0.Alpha1
1.7.0.Beta1
1.7.0.CR1
1.7.0.CR2
1.7.0.Final
1.7.1.Final
1.7.2.Final
1.8.0.Alpha1
1.8.0.Alpha2
1.8.0.Beta1
1.8.0.CR1
1.8.0.Final
1.8.1.Final
1.9.0.Alpha1
1.9.0.Alpha2
1.9.0.Beta1
1.9.0.CR1
1.9.0.Final
1.9.1.Final
1.9.2.Final
1.9.3.Final
1.9.4.Final
1.9.5.Final
1.9.6.Final
1.9.7.Final
1.9.8.Final
2.*
2.0.0.Alpha1
2.0.0.Alpha2
2.0.0.Alpha3
2.0.0.Beta1
2.0.0.Beta2
2.0.0.CR1
2.0.0.Final
2.0.1.Final
2.1.0.Alpha1
2.1.0.Alpha2
2.1.0.Beta1
2.1.0.Final
2.1.1.Final
2.1.2.Final
2.1.3.Final
2.1.4.Final
2.2.0.Alpha1
2.2.0.Alpha2
2.2.0.Alpha3
2.2.0.Beta1
2.2.0.CR1
2.2.0.Final
2.2.1.Final