9.1.0
2 years ago
2 months ago
Known vulnerabilities in the com.mysql:mysql-connector-j package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Access Control Bypass. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Note: Successful attacks of this vulnerability can result in takeover of MySQL Connectors. How to fix Access Control Bypass? Upgrade | [,8.2.0) |
Affected versions of this package are vulnerable to Remote Code Execution (RCE) due to insufficient checks in the How to fix Remote Code Execution (RCE)? Upgrade | [,8.0.33) |