issues
search
gwhittemore-veracode
/
Veracode-GW-Training-demo
1
stars
0
forks
source link
CVE: 2022-21363 found in MySQL Connector/J - Version: 5.1.35 [JAVA]
#158
Open
github-actions[bot]
opened
2 years ago
github-actions[bot]
commented
2 years ago
Veracode Software Composition Analysis
Attribute
Details
Library
MySQL Connector/J
Description
JDBC Type 4 driver for MySQL
Language
JAVA
Vulnerability
Privilege Escalation
Vulnerability description
mysql-connector is vulnerable to privilege escalation. An attacker can exploit the vulnerability and takeover the MySQL Connectors.
CVE
2022-21363
CVSS score
6
Vulnerability present in version/s
5.1.29-8.0.27
Found library version/s
5.1.35
Vulnerability fixed in version
8.0.28
Library latest version
8.0.30
Fix
Links:
https://sca.analysiscenter.veracode.com/vulnerability-database/libraries/1834?version=5.1.35
https://sca.analysiscenter.veracode.com/vulnerability-database/vulnerabilities/35820
Patch:
https://github.com/mysql/mysql-connector-j/commit/4993d5735fd84a46e7d949ad1bcaa0e9bb039824
Veracode Software Composition Analysis
Links: