CX: Cx039cb67c-ead3 in Maven-mysql:mysql-connector-java and 5.1.26 @ JavaVulnerableLab-1.refs/heads/master

github-actions[bot] commented 2 years ago

Description

MySQL Connector/J before 5.1.37 is vulnerable to Memory Leak. The method methodCompressedInputStream.getNextPacketFromServer() of src/com/mysq/jdbc/CompressedInputStream.java has high memory and garbage collection usage caused by the consecutive instantiation of a new inflater.

HIGH Vulnerable Package issue exists @ mysql:mysql-connector-java in branch refs/heads/master

Vulnerability ID: Cx039cb67c-ead3

Package Name: mysql:mysql-connector-java

Severity: HIGH

CVSS Score: 7.5

Publish Date: 2015-08-16T23:00:00

Current Package Version: 5.1.26

Remediation Upgrade Recommendation: 8.0.16.redhat-00001

Link To SCA

Reference – NVD link

github-actions[bot] commented 2 years ago

Issue still exists.

github-actions[bot] commented 1 week ago

Issue still exists.

SamHeadrickCx / JavaVulnerableLab-1

CX: Cx039cb67c-ead3 in Maven-mysql:mysql-connector-java and 5.1.26 @ JavaVulnerableLab-1.refs/heads/master #36