CVE-2025-62228
EUVD-2025-3334209.10.2025, 14:15
Apache Flink CDC version 3.4.0 was vulnerable to a SQL injection via maliciously crafted identifiers eg. crafted database name or crafted table name. Even through only the logged-in database user can trigger the attack, we recommend users update Flink CDC version to 3.5.0 which address this issue.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| apache | flink_cdc | 3.4.0 |
𝑥
= Vulnerable software versions