Medium severity5.3OSV Advisory· Published Jan 7, 2026· Updated Apr 15, 2026
CVE-2023-7333
CVE-2023-7333
Description
A weakness has been identified in bluelabsio records-mover up to 1.5.4. The affected element is an unknown function of the component Table Object Handler. This manipulation causes sql injection. The attack needs to be launched locally. Upgrading to version 1.6.0 is sufficient to fix this issue. Patch name: 3f8383aa89f45d861ca081e3e9fd2cc9d0b5dfaa. You should upgrade the affected component.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
records-moverPyPI | < 1.6.0 | 1.6.0 |
Affected products
2- Range: v0.1.0, v0.1.1, v0.1.2, …
Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-p3jp-7gj7-h6prghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-7333ghsaADVISORY
- github.com/bluelabsio/records-mover/commit/3f8383aa89f45d861ca081e3e9fd2cc9d0b5dfaanvdWEB
- github.com/bluelabsio/records-mover/pull/254nvdWEB
- github.com/bluelabsio/records-mover/releases/tag/v1.6.0nvdWEB
- vuldb.comnvdWEB
- vuldb.comnvdWEB
News mentions
0No linked articles in our index yet.