Open github-actions[bot] opened 3 years ago
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Issue still exists.
Description
MySQL Connector/J before 5.1.37 is vulnerable to Memory Leak. The method methodCompressedInputStream.getNextPacketFromServer() of src/com/mysq/jdbc/CompressedInputStream.java has high memory and garbage collection usage caused by the consecutive instantiation of a new inflater.
HIGH Vulnerable Package issue exists @ mysql:mysql-connector-java in branch refs/heads/master
Vulnerability ID: Cx039cb67c-ead3
Package Name: mysql:mysql-connector-java
Severity: HIGH
CVSS Score: 7.5
Publish Date: 2015-08-16T23:00:00
Current Package Version: 5.1.26
Remediation Upgrade Recommendation: 8.0.27
Link To SCA