CVE-2023-7333

Source
https://cve.org/CVERecord?id=CVE-2023-7333
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-7333.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-7333
Aliases
Published
2026-01-07T23:02:10.309Z
Modified
2026-07-15T01:49:18.747173278Z
Severity
  • 4.8 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X CVSS Calculator
Summary
bluelabsio records-mover Table Object sql injection
Details

A weakness has been identified in bluelabsio records-mover up to 1.5.4. The affected element is an unknown function of the component Table Object Handler. This manipulation causes sql injection. The attack needs to be launched locally. Upgrading to version 1.6.0 is sufficient to fix this issue. Patch name: 3f8383aa89f45d861ca081e3e9fd2cc9d0b5dfaa. You should upgrade the affected component.

Database specific
{
    "cwe_ids": [
        "CWE-74",
        "CWE-89"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/7xxx/CVE-2023-7333.json",
    "cna_assigner": "VulDB"
}
References

Affected packages

Git / github.com/bluelabsio/records-mover

Affected ranges

Type
GIT
Repo
https://github.com/bluelabsio/records-mover
Events
Database specific
{
    "extracted_events": [
        {
            "introduced": "1.5.0"
        },
        {
            "last_affected": "1.5.0"
        },
        {
            "introduced": "1.5.1"
        },
        {
            "last_affected": "1.5.1"
        },
        {
            "introduced": "1.5.2"
        },
        {
            "last_affected": "1.5.2"
        },
        {
            "introduced": "1.5.3"
        },
        {
            "last_affected": "1.5.3"
        },
        {
            "introduced": "1.5.4"
        },
        {
            "last_affected": "1.5.4"
        }
    ],
    "source": [
        "AFFECTED_FIELD",
        "REFERENCES"
    ]
}

Affected versions

1.*
1.5.0
1.5.1
1.5.2
1.5.3
1.5.4
v1.*
v1.5.0
v1.5.1
v1.5.2
v1.5.3
v1.5.4

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-7333.json"