org.apache.seatunnel:datasource-mysql-cdc@1.0.0 vulnerabilities

latest version

1.0.2
latest non vulnerable version

1.0.2
first published

a year ago
latest version published

a month ago
licenses detected
- Apache-2.0
  [1.0.0,)
package manager

View on Maven Repository

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.apache.seatunnel:datasource-mysql-cdc package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Files or Directories Accessible to External Parties Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties via the MySQL URL parameters `allowLoadLocalInfile=true&allowUrlInLocalInfile=true&allowLoadLocalInfileInPath=/&maxAllowedPacket=65536`. An attacker can read arbitrary files on the server by manipulating these URL parameters. How to fix Files or Directories Accessible to External Parties? Upgrade `org.apache.seatunnel:datasource-mysql-cdc` to version 1.0.1 or higher.	[,1.0.1)

Files or Directories Accessible to External Parties

Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties via the MySQL URL parameters allowLoadLocalInfile=true&allowUrlInLocalInfile=true&allowLoadLocalInfileInPath=/&maxAllowedPacket=65536. An attacker can read arbitrary files on the server by manipulating these URL parameters.

How to fix Files or Directories Accessible to External Parties?

Upgrade org.apache.seatunnel:datasource-mysql-cdc to version 1.0.1 or higher.

[,1.0.1)

Go back to all versions of this package

org.apache.seatunnel:datasource-mysql-cdc@1.0.0 vulnerabilities

latest version

latest non vulnerable version

first published

latest version published

licenses detected

package manager

Direct Vulnerabilities