Lucene search
Veracode Vulnerability DatabaseVERACODE:43925HistoryOct 20, 2023 - 9:40 a.m.
Remote Code Execution (RCE)
2023-10-2009:40:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
267
rce
mysql-connector-java
connectionurl.java
arbitrary code execution
software
0.001 Low
EPSS
Percentile
37.9%
mysql-connector-java is vulnerable to Remote Code Execution. The vulnerability is due to not sanitizing the propertiesTransformClassName when instantiated or not in setupPropertiesTransformer in the ConnectionUrl.java file. This potentially leads to Arbitrary Code Execution .
| CPE | Name | Operator | Version |
|---|---|---|---|
| mysql connector/j | le | 8.0.32 | |
| mysql connector/j | le | 8.0.32 |
Related
prion
prion
Design/Logic Flaw
2023-04-18 20:15:00
f5
f5
K000134573 : MySQL vulnerability CVE-2023-21971
2023-05-11 00:00:00
openvas
openvas
openSUSE: Security Advisory for mysql (SUSE-SU-2023:2979-1)
2024-03-04 00:00:00
cnvd
cnvd
Unspecified Vulnerability in Oracle MySQL Server (CNVD-2023-65518)
2023-04-21 00:00:00
nessus
nessus
openSUSE 15 Security Update : mysql-connector-java (SUSE-SU-2023:2241-1)
2023-05-19 00:00:00
openSUSE 15 Security Update : mysql-connector-java (SUSE-SU-2023:2979-1)
2023-07-27 00:00:00
Oracle MySQL Java Connectors (Apr 2023 CPU)
2023-04-19 00:00:00
redhatcve
redhatcve
CVE-2023-21971
2023-05-09 20:21:28
cvelist
cvelist
CVE-2023-21971
2023-04-18 19:54:35
cve
cve
CVE-2023-21971
2023-04-18 20:15:16
freebsd
freebsd
MySQL -- Multiple vulnerabilities
2023-04-19 00:00:00
ibm
ibm
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00