JFrog - Insecure Deserialization Arbitrary Code Execution Weakness
Posted by: Marek Lasek
Date: October 14, 2021 11:01PM

Vulnerability security report from JFrog point to high level of threat in mysql connector library:

Summary:
Oracle MySQL Connector/J JDBC Connection
Handling Insecure Deserialization Arbitrary Code
Execution Weakness
Severity:
High
Type:
security

Component:
mysql:mysql-connector-java

Infected:
3.1.5 <= Version <= 8.0.26

Fix Version:
Empty


When can a version without this vulnerability be expected ?

Best regards,
Marek

Options: ReplyQuote


Subject
Written By
Posted
JFrog - Insecure Deserialization Arbitrary Code Execution Weakness
October 14, 2021 11:01PM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.