The DB instrumentations are attaching a span attribute db.statement.parameters with the raw query parameters which may contain sensitive data. #854 solves this for asnycpg and a similar approach would be good for the other libraries.

I believe fixing the opentelemetry-ext-dbapi instrumentation would fix this for a few of them: