CNNVD-202601-1124 Information
CNNVD ID
CNNVD-202601-1124
Related CVE
- CNNVD Published: 2026-01-07
Description (Chinese)
records-mover是BlueLabs开源的一个关系数据移动工具。 records-mover 1.5.4及之前版本存在SQL注入漏洞,该漏洞源于对Table Object Handler组件操作不当,可能导致SQL注入攻击。
Description (English)
records-mover is a relationship data mover for BlueLabs open source. There is an SQL injection loophole in records-mover 1.5.4 and earlier versions, which stems from the inappropriate operation of the Table Object Handler component, which could lead to an SQL injection attack.
Hazard Level
High
Vulnerability Type
SQL注入
Affected Vendor
BlueLabs
Published
2026-01-07
Last Modified
2026-02-24
References
https://github.com/bluelabsio/records-mover/pull/254 https://vuldb.com/?id.339566 https://vuldb.com/?ctiid.339566 https://github.com/bluelabsio/records-mover/releases/tag/v1.6.0 https://github.com/bluelabsio/records-mover/commit/3f8383aa89f45d861ca081e3e9fd2cc9d0b5dfaa https://access.redhat.com/security/cve/cve-2023-7333
Patch
https://github.com/bluelabsio/records-mover/releases
Share on: