MySQL Connector/J before 5.1.37 is vulnerable to Memory Leak. The method methodCompressedInputStream.getNextPacketFromServer() of src/com/mysq/jdbc/CompressedInputStream.java has high memory and garbage collection usage caused by the consecutive instantiation of a new inflater.
HIGH Vulnerable Package issue exists @ mysql:mysql-connector-java in branch master
Description
MySQL Connector/J before 5.1.37 is vulnerable to Memory Leak. The method methodCompressedInputStream.getNextPacketFromServer() of src/com/mysq/jdbc/CompressedInputStream.java has high memory and garbage collection usage caused by the consecutive instantiation of a new inflater.
HIGH Vulnerable Package issue exists @ mysql:mysql-connector-java in branch master
Vulnerability ID: Cx039cb67c-ead3
Package Name: mysql:mysql-connector-java
Severity: HIGH
CVSS Score: 7.5
Publish Date: 2015-08-16T23:00:00
Current Package Version: 5.1.26
Remediation Upgrade Recommendation: 8.0.20
Link To SCA