CVE-2023-0575

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-0575
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-0575.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-0575
Published
2023-02-09T17:15:15.730Z
Modified
2026-04-12T16:55:26.286399Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

External Control of Critical State Data, Improper Control of Generation of Code ('Code Injection') vulnerability in YugaByte, Inc. Yugabyte DB on Windows, Linux, MacOS, iOS (DevopsBase.Java:execCommand, TableManager.Java:runCommand modules) allows API Manipulation, Privilege Abuse. This vulnerability is associated with program files backup.Py.

This issue affects Yugabyte DB: Lesser then 2.2.0.0

References

Affected packages

Git / github.com/yugabyte/yugabyte-db

Affected ranges

Type
GIT
Repo
https://github.com/yugabyte/yugabyte-db
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
a5f0657dcf4db948dd0c4e336ee05dd15b06869b
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.2.0.0"
        }
    ]
}

Affected versions

v0.*
v0.9.4.0-b32
v0.9.5.0
v0.9.6
v0.9.7
v0.9.8
v1.*
v1.0.0
v1.0.4
v1.0.5
v1.1.0
v1.2.0
v1.2.12
v1.2.4
v1.3.0
v1.3.1
v1.3.1f10e23d319a5e5df008467d19ebab95ce631a977
v1.3.2
v2.*
v2.0.0
v2.0.1
v2.0.10
v2.0.11
v2.0.2
v2.0.3
v2.0.6
v2.0.7
v2.0.8
v2.0.9
v2.1.0
v2.1.1
v2.1.2
v2.1.3
v2.1.4
v2.1.5
v2.1.6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-0575.json"
vanir_signatures_modified 
"2026-04-12T16:55:26Z"
vanir_signatures 
[
    {
        "digest": {
            "length": 2714.0,
            "function_hash": "204343337175807947756995863321536609279"
        },
        "deprecated": false,
        "signature_type": "Function",
        "id": "CVE-2023-0575-3293d801",
        "signature_version": "v1",
        "source": "https://github.com/yugabyte/yugabyte-db/commit/a5f0657dcf4db948dd0c4e336ee05dd15b06869b",
        "target": {
            "function": "TEST_F",
            "file": "ent/src/yb/integration-tests/cdc_service-int-test.cc"
        }
    },
    {
        "digest": {
            "length": 821.0,
            "function_hash": "215928341741455898333872101211211652483"
        },
        "deprecated": false,
        "signature_type": "Function",
        "id": "CVE-2023-0575-6a8571e5",
        "signature_version": "v1",
        "source": "https://github.com/yugabyte/yugabyte-db/commit/a5f0657dcf4db948dd0c4e336ee05dd15b06869b",
        "target": {
            "function": "CDCServiceImpl::UpdateLagMetrics",
            "file": "ent/src/yb/cdc/cdc_service.cc"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "217956689048785755460707917031840890517",
                "88405348806615338489455510385654678311",
                "206985777598511063864710315856219170511",
                "232096355138622140851494479162899935053",
                "104987389997541600799316750387388118083"
            ]
        },
        "deprecated": false,
        "signature_type": "Line",
        "id": "CVE-2023-0575-86352ad8",
        "signature_version": "v1",
        "source": "https://github.com/yugabyte/yugabyte-db/commit/a5f0657dcf4db948dd0c4e336ee05dd15b06869b",
        "target": {
            "file": "ent/src/yb/cdc/cdc_service.cc"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "229993459985774672231173854073303442776",
                "81175169860808617276854972339687287267",
                "304821241836840196819421510522177062329",
                "223244381106603020002141177170537283800",
                "100288833265904940995969991268653171353",
                "55415972310042067038752751640172166873",
                "62613776580318490173482258941383726681",
                "267775923706118924442748909435716910705",
                "312278706226394153172419618250395780939",
                "181175947605847134130646124307379181578",
                "87915178526445978669643734231216481786",
                "291540146074435383585275992679148735455",
                "143002650640173705708042065026336496179",
                "101894064957533156644624252283250383244",
                "192169222107743877666665402986106790126",
                "168696175738435274169641493177216457566",
                "33894060146758492987115281242943494761",
                "128040488888498845603047793557472750092",
                "227389252029249218421165339283805320296",
                "126306430509803841487651495099321698510",
                "266006642507757566533538899243455406564",
                "34453591882001854029635655754274554153",
                "104050942309035264620055887745630743137",
                "283998068305247657470161240523871669037",
                "155239915160821271383812242615624038875",
                "57107402584268581736089012834691637874",
                "22960394839965266010075787904712518048",
                "86971185599379810375543722379484492265",
                "206763066665717962408783100125396565585",
                "331228805013913791227878797471285969947",
                "51177371790274933000399664060445940091",
                "192408022398927256859677832096557248433",
                "199169295818330892522239112870394587243",
                "2336371638409415882170948955237512557",
                "40301788704729124330352797737138978681",
                "294529578230813272704619082560735760817",
                "156533563031421403711210207286132415622",
                "203599666473401742444900115346063977065",
                "320316432090353514696300119596102212808",
                "179662185011931396270611274372291032050",
                "231504691618942380464067401978063763728",
                "94001064324598995712353877150623731738",
                "104819821255112559289742276066231816250",
                "2336371638409415882170948955237512557",
                "40301788704729124330352797737138978681",
                "45903140432414997955441710269236823889",
                "255064242997268601093714918312024832884",
                "114963881709270446764597902956484750728",
                "310354080584481918588853404140657586066",
                "336607669658756248426571265119968522335",
                "269395270320443983752860398035841671752",
                "179161457632527203501771133055086397067",
                "182390811340461696681951734427379634746",
                "88208589373209813938107743453242848604",
                "177082706832313501458981019342733408261",
                "104050942309035264620055887745630743137",
                "283998068305247657470161240523871669037",
                "163767258200791585574964946268721253875",
                "41058857911187177709288306123769472015",
                "319750997590895441888821338459066259389",
                "265903566060842688368925332378518539963",
                "128510998301234215338904776055783188558",
                "221146144049931288911669006708623956608",
                "113358351703566918681778141763430522264",
                "133822440988821989685956281773428890033",
                "88208589373209813938107743453242848604",
                "177082706832313501458981019342733408261",
                "104050942309035264620055887745630743137",
                "283998068305247657470161240523871669037",
                "292409082654196987090050880164567912511",
                "230587147658535031747619565950448252552",
                "325925766276528433244225002240389779857",
                "289487223588495808752382619731952372254",
                "218705586068607028180179893252288067725",
                "54541991753621160812895917642654105442",
                "178482788029377111790449362483175284701",
                "296700257342273320203017993311804116282",
                "299344664274688527670705066837040590718",
                "54847326835678138512052828326019169538",
                "39581608811799602751438432915876141013",
                "186549796102910524994689945101213319173",
                "70395373624237230397880738626497747901"
            ]
        },
        "deprecated": false,
        "signature_type": "Line",
        "id": "CVE-2023-0575-ef6607d9",
        "signature_version": "v1",
        "source": "https://github.com/yugabyte/yugabyte-db/commit/a5f0657dcf4db948dd0c4e336ee05dd15b06869b",
        "target": {
            "file": "ent/src/yb/integration-tests/cdc_service-int-test.cc"
        }
    }
]