CNNVD-202510-1288 Information

CNNVD ID

CNNVD-202510-1288

Related CVE

CVE-2025-62228

• CNNVD Published: 2025-10-09

Description (Chinese)

Apache Flink CDC是Apache基金会的一个实时数据捕获框架。 Apache Flink CDC 3.4.0版本存在SQL注入漏洞，该漏洞源于对特制标识符如数据库名或表名处理不当，可能导致SQL注入攻击。

Description (English)

Apache Flink CTC is a real-time data capture framework for the Apache Foundation. Version 3.4.0 of Apache Flink CTC contains an injection loophole in SQL, which arises from the improper handling of special identifiers such as database names or watch names, which may lead to an attack on SQL injections.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

阿帕奇

Published

2025-10-09

Last Modified

2026-02-24

References

https://lists.apache.org/thread/3dn0hc1wbc5sj0jbgdg33gtnwlw7qrl3 https://access.redhat.com/security/cve/cve-2025-62228

Patch

https://lists.apache.org/thread/3dn0hc1wbc5sj0jbgdg33gtnwlw7qrl3