5l1D3R / Github-actions

0 stars 0 forks source link

CVE: 2019-2692 found in MySQL java connector - Version: 5.1.35 [JAVA] #28

Open github-actions[bot] opened 1 year ago

github-actions[bot] commented 1 year ago

Veracode Software Composition Analysis

Attribute Details
Library MySQL java connector
Description MySQL java connector
Language JAVA
Vulnerability Authorization Bypass
Vulnerability description mysql-connector-java is vulnerable to authorization bypass. A difficult-to-exploit vulnerability allows a high-privileged attacker to bypass authorization, compromise the MySQL connectors and obtain full control over the connectors.
CVE 2019-2692
CVSS score 3.5
Vulnerability present in version/s 2.0.14-8.0.15
Found library version/s 5.1.35
Vulnerability fixed in version 8.0.16
Library latest version 8.0.31
Fix

Links:

github-actions[bot] commented 1 year ago

Veracode issue link to PR: https://github.com/5l1D3R/Github-actions/pull/2