Apache · Apache Flink Cdc · CVE-2025-62228
**Name of the Vulnerable Software and Affected Versions**
Apache Flink CDC version 3.4.0
**Description**
The software is susceptible to a SQL injection due to maliciously crafted identifiers, such as a crafted database name or table name. The attack can only be triggered by a logged-in database user.
**Recommendations**
Update to version 3.5.0.