Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-hvw5-3mgw-7rcf: Debezium database connector has a script injection vulnerability

A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject a parameter that may allow the viewing of unauthorized data.

ghsa
Open in Source
#sql#vulnerability#web#git#java#perl#auth#maven

Skip to content

Navigation Menu

    • GitHub Copilot

      Write better code with AI

    • Security

      Find and fix vulnerabilities

    • Actions

      Automate any workflow

    • Codespaces

      Instant dev environments

    • Issues

      Plan and track work

    • Code Review

      Manage code changes

    • Discussions

      Collaborate outside of code

    • Code Search

      Find more, search less

  • Explore

    • Learning Pathways
    • White papers, Ebooks, Webinars
    • Customer Stories
    • Partners

    • GitHub Sponsors

      Fund open source developers

*   The ReadME Project
    
    GitHub community articles

    • Enterprise platform

      AI-powered developer platform

  • Pricing

Provide feedback

Saved searches****Use saved searches to filter your results more quickly

Sign up

  1. GitHub Advisory Database
  2. GitHub Reviewed
  3. CVE-2023-1419

Debezium database connector has a script injection vulnerability

Moderate severity GitHub Reviewed Published Nov 17, 2024 to the GitHub Advisory Database • Updated Nov 18, 2024

Package

maven io.debezium:debezium-connector-mysql (Maven)

Affected versions

< 2.3.0.Alpha1

Patched versions

2.3.0.Alpha1

maven io.debezium:debezium-connector-sqlserver (Maven)

maven io.debezium:debezium-core (Maven)

Description

Published to the GitHub Advisory Database

Nov 17, 2024

Last updated

Nov 18, 2024

ghsa: Latest News

GHSA-jh6x-7xfg-9cq2: Searching Opencast may cause a denial of service
ghsa