Medium severity5.9GHSA Advisory· Published Nov 17, 2024· Updated Apr 15, 2026
CVE-2023-1419
CVE-2023-1419
Description
A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject a parameter that may allow the viewing of unauthorized data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
io.debezium:debezium-connector-mysqlMaven | < 2.3.0.Alpha1 | 2.3.0.Alpha1 |
io.debezium:debezium-connector-sqlserverMaven | < 2.3.0.Alpha1 | 2.3.0.Alpha1 |
io.debezium:debezium-coreMaven | < 2.3.0.Alpha1 | 2.3.0.Alpha1 |
Affected products
4- ghsa-coords3 versionspkg:maven/io.debezium/debezium-connector-mysqlpkg:maven/io.debezium/debezium-connector-sqlserverpkg:maven/io.debezium/debezium-core
< 2.3.0.Alpha1+ 2 more
- (no CPE)range: < 2.3.0.Alpha1
- (no CPE)range: < 2.3.0.Alpha1
- (no CPE)range: < 2.3.0.Alpha1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.