314 matches found
CVE-2022-44645
CVE-2022-44645 affects Apache Linkis
PT-2023-1346 · Apache +1 · Apache Linkis +1
Name of the Vulnerable Software and Affected Versions: Apache Linkis versions prior to 1.3.1 Description: The issue is related to insufficient protection of service data when handling the allowLoadLocalInfile parameter with a value of true in the MySQL Connector/J component of Apache Linkis. This...
OESA-2022-2076 mysql-connector-java security update
MySQL Connector/J is a native Java driver that converts JDBC Java Database Connectivity calls into the network protocol used by the MySQL database. It lets developers working with the Java programming language easily build programs and applets that interact with MySQL and connect all corporate...
GHSA-3F3W-GMQF-4HJ3 Apache Linkis subject to Remote Code Execution via deserialization
In Apache Linkis =1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in...
Apache Linkis subject to Remote Code Execution via deserialization
In Apache Linkis =1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in...
CVE-2022-39944
In Apache Linkis =1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in...
CVE-2022-39944
In Apache Linkis =1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in...
Deserialization of untrusted data
In Apache Linkis =1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in...
CVE-2022-39944 The Apache Linkis JDBC EngineConn module has a RCE Vulnerability
In Apache Linkis =1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in...
CVE-2022-39944 The Apache Linkis JDBC EngineConn module has a RCE Vulnerability
In Apache Linkis =1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in...
CVE-2022-39944
Summary: CVE-2022-39944 affects Apache Linkis <= 1.2.0 when used with MySQL Connector/J, enabling a deserialization vulnerability that can lead to remote code execution if an attacker has write access to a database and provides malicious parameters in a JDBC EC with a MySQL data source. The is...
mysql-connector-java: unauthorized access to critical
MySQL Connector/J has no security check when external general entities are included in XML sources, consequently, there exists an XML External EntityXXE vulnerability. A successful attack can access critical data and gain full control/access to all MySQL Connectors' accessible data without any...
mysql-connector-java: unauthorized access to critical
MySQL Connector/J has no security check when external general entities are included in XML sources, consequently, there exists an XML External EntityXXE vulnerability. A successful attack can access critical data and gain full control/access to all MySQL Connectors' accessible data without any...
Important: Red Hat Security Advisory: Red Hat Fuse 7.11.0 release and security update
A minor version update from 7.10 to 7.11 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scorin...
mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors
Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...
mysql-connector-java: unauthorized access to critical
MySQL Connector/J has no security check when external general entities are included in XML sources, consequently, there exists an XML External EntityXXE vulnerability. A successful attack can access critical data and gain full control/access to all MySQL Connectors' accessible data without any...
Security fix for the ALT Linux 10 package mysql-connector-odbc version 8.0.29-alt1
8.0.29-alt1 built July 6, 2022 Nikolai Kostrigin in task 303150 --- May 12, 2022 Nikolai Kostrigin - New version fixes: CVE-2022-0778...
mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors
Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...
Privilege Escalation
mysql-connector is vulnerable to privilege escalation. An attacker can exploit the vulnerability and takeover the MySQL Connectors...
ai.hyacinth.framework:core-service-jpa-support (>=0.5.0 <=0.5.24), ai.hyacinth.framework:core-service-trigger-server (>=0.5.0 <=0.5.24) +3407 more potentially affected by CVE-2021-2471 via mysql:mysql-connector-java (>=8.0.11 <=8.0.26)
mysql:mysql-connector-java MAVEN version =8.0.11, =0.5.0, =0.5.0, =4.2.6, =j8.2.2.0, =Greenwich.SR1, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210805.0116-93702c4, =0.1.0, =2023.06.07.114626-93b9d6f, =0.1.0, =0.1.4-20220614.0152-5ae0eef, =2023.11.24.141218-03579...