Lucene search
K

314 matches found

CVE
CVE
added 2023/01/31 9:38 a.m.73 views

CVE-2022-44645

CVE-2022-44645 affects Apache Linkis

8.8CVSS8.9AI score0.01949EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/31 12:0 a.m.4 views

PT-2023-1346 · Apache +1 · Apache Linkis +1

Name of the Vulnerable Software and Affected Versions: Apache Linkis versions prior to 1.3.1 Description: The issue is related to insufficient protection of service data when handling the allowLoadLocalInfile parameter with a value of true in the MySQL Connector/J component of Apache Linkis. This...

6.8CVSS6.2AI score0.01161EPSS
Exploits0References11
OSV
OSV
added 2022/11/11 11:4 a.m.2 views

OESA-2022-2076 mysql-connector-java security update

MySQL Connector/J is a native Java driver that converts JDBC Java Database Connectivity calls into the network protocol used by the MySQL database. It lets developers working with the Java programming language easily build programs and applets that interact with MySQL and connect all corporate...

6.3CVSS6AI score0.00501EPSS
Exploits0References2
OSV
OSV
added 2022/10/26 7:0 p.m.30 views

GHSA-3F3W-GMQF-4HJ3 Apache Linkis subject to Remote Code Execution via deserialization

In Apache Linkis =1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in...

8.8CVSS8.8AI score0.01747EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/10/26 7:0 p.m.27 views

Apache Linkis subject to Remote Code Execution via deserialization

In Apache Linkis =1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in...

8.8CVSS8.7AI score0.01747EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2022/10/26 4:15 p.m.22 views

CVE-2022-39944

In Apache Linkis =1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in...

8.8CVSS0.01747EPSS
Exploits0References1
OSV
OSV
added 2022/10/26 4:15 p.m.14 views

CVE-2022-39944

In Apache Linkis =1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in...

8.8CVSS8.9AI score
Exploits0References1
Prion
Prion
added 2022/10/26 4:15 p.m.20 views

Deserialization of untrusted data

In Apache Linkis =1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in...

6.5CVSS8.9AI score0.01747EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/26 12:0 a.m.7 views

CVE-2022-39944 The Apache Linkis JDBC EngineConn module has a RCE Vulnerability

In Apache Linkis =1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in...

8.9AI score0.01747EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/10/26 12:0 a.m.27 views

CVE-2022-39944 The Apache Linkis JDBC EngineConn module has a RCE Vulnerability

In Apache Linkis =1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in...

9.1AI score0.01747EPSS
Exploits0References1
CVE
CVE
added 2022/10/26 12:0 a.m.87 views

CVE-2022-39944

Summary: CVE-2022-39944 affects Apache Linkis <= 1.2.0 when used with MySQL Connector/J, enabling a deserialization vulnerability that can lead to remote code execution if an attacker has write access to a database and provides malicious parameters in a JDBC EC with a MySQL data source. The is...

8.8CVSS8.9AI score0.01747EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2022/09/09 7:12 a.m.3 views

mysql-connector-java: unauthorized access to critical

MySQL Connector/J has no security check when external general entities are included in XML sources, consequently, there exists an XML External EntityXXE vulnerability. A successful attack can access critical data and gain full control/access to all MySQL Connectors' accessible data without any...

7.9CVSS7.2AI score0.07318EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2022/08/04 4:46 a.m.4 views

mysql-connector-java: unauthorized access to critical

MySQL Connector/J has no security check when external general entities are included in XML sources, consequently, there exists an XML External EntityXXE vulnerability. A successful attack can access critical data and gain full control/access to all MySQL Connectors' accessible data without any...

7.9CVSS7.2AI score0.07318EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2022/07/07 2:19 p.m.171 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.11.0 release and security update

A minor version update from 7.10 to 7.11 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scorin...

10CVSS7.1AI score0.77735EPSS
Exploits48References61
RedHat Linux
RedHat Linux
added 2022/07/07 2:19 p.m.3 views

mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...

6.6CVSS7.3AI score0.0132EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/07/07 2:19 p.m.2 views

mysql-connector-java: unauthorized access to critical

MySQL Connector/J has no security check when external general entities are included in XML sources, consequently, there exists an XML External EntityXXE vulnerability. A successful attack can access critical data and gain full control/access to all MySQL Connectors' accessible data without any...

7.9CVSS7.2AI score0.07318EPSS
Exploits1References5
ALT Linux
ALT Linux
added 2022/07/06 12:0 a.m.58 views

Security fix for the ALT Linux 10 package mysql-connector-odbc version 8.0.29-alt1

8.0.29-alt1 built July 6, 2022 Nikolai Kostrigin in task 303150 --- May 12, 2022 Nikolai Kostrigin - New version fixes: CVE-2022-0778...

5CVSS3.5AI score0.70561EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2022/06/06 3:54 p.m.3 views

mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...

6.6CVSS7.3AI score0.0132EPSS
Exploits0References5
Veracode
Veracode
added 2022/06/02 9:0 p.m.26 views

Privilege Escalation

mysql-connector is vulnerable to privilege escalation. An attacker can exploit the vulnerability and takeover the MySQL Connectors...

6.6CVSS7.9AI score0.0132EPSS
Exploits0References8Affected Software26
vulnersOsv
vulnersOsv
added 2022/05/24 7:18 p.m.4 views

ai.hyacinth.framework:core-service-jpa-support (>=0.5.0 <=0.5.24), ai.hyacinth.framework:core-service-trigger-server (>=0.5.0 <=0.5.24) +3407 more potentially affected by CVE-2021-2471 via mysql:mysql-connector-java (>=8.0.11 <=8.0.26)

mysql:mysql-connector-java MAVEN version =8.0.11, =0.5.0, =0.5.0, =4.2.6, =j8.2.2.0, =Greenwich.SR1, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210805.0116-93702c4, =0.1.0, =2023.06.07.114626-93b9d6f, =0.1.0, =0.1.4-20220614.0152-5ae0eef, =2023.11.24.141218-03579...

7.9CVSS6.8AI score0.07318EPSS
Exploits1
Rows per page
Query Builder