mysql-connector-java is vulnerable to Remote Code Execution. The vulnerability is due to not sanitizing the propertiesTransformClassName
when instantiated or not in setupPropertiesTransformer
in the ConnectionUrl.java
file. This potentially leads to Arbitrary Code Execution .
CPE | Name | Operator | Version |
---|---|---|---|
mysql connector/j | le | 8.0.32 | |
mysql connector/j | le | 8.0.32 |