issues
search
gwhittemore-veracode
/
Veracode-GW-Training-demo
1
stars
0
forks
source link
CVE: 2022-21363 found in mysql-connector-java - Version: 5.1.35 [JAVA]
#165
Open
github-actions[bot]
opened
1 year ago
github-actions[bot]
commented
1 year ago
Veracode Software Composition Analysis
Attribute
Details
Library
mysql-connector-java
Description
MySQL java connector
Language
JAVA
Vulnerability
Privilege Escalation
Vulnerability description
mysql-connector is vulnerable to privilege escalation. An attacker can exploit the vulnerability and takeover the MySQL Connectors.
CVE
2022-21363
CVSS score
6
Vulnerability present in version/s
5.1.29-8.0.27
Found library version/s
5.1.35
Vulnerability fixed in version
8.0.28
Library latest version
8.0.33
Fix
Links:
https://sca.analysiscenter.veracode.com/vulnerability-database/libraries/1834?version=5.1.35
https://sca.analysiscenter.veracode.com/vulnerability-database/vulnerabilities/35820
Patch:
https://github.com/mysql/mysql-connector-j/commit/4993d5735fd84a46e7d949ad1bcaa0e9bb039824
Veracode Software Composition Analysis
Links: