MySQL :: Re: CVE-2024-7254

Contact MySQL |
Login | Register

The world's most popular open source database

Documentation Downloads MySQL.com

Developer Zone

Section Menu:

New Topic

Re: CVE-2024-7254

Posted by: Filipe Silva
Date: October 28, 2024 08:36AM

CVE-2024-7254 is currently in "awaiting analysis" state.

However, Connector/J users should not be affected by it. Definitely not if using the JDBC implementation (protobuf not used there), and probably not affected if using the X DevAPI.

Nevertheless, third party dependencies are updated regularly and protobuf-java shall be updated soon. On the other hand, you can override this dependency yourself and just use the latest version of the library.

Navigate: Previous Message• Next Message

Options: Reply• Quote

Subject

Written By

Posted

CVE-2024-7254

Michael Bauschert

September 23, 2024 01:54AM

Re: CVE-2024-7254

Filipe Silva

October 28, 2024 08:36AM

Sorry, only registered users may post in this forum.

Click here to login

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.