CVE: 2019-2692 found in MySQL Connector/J - Version: 5.1.35 [JAVA] #835
Description
Veracode Software Composition Analysis
| Attribute | Details |
|---|---|
| Library | MySQL Connector/J |
| Description | JDBC Type 4 driver for MySQL |
| Language | JAVA |
| Vulnerability | Authorization Bypass |
| Vulnerability description | mysql-connector-java is vulnerable to authorization bypass. A difficult-to-exploit vulnerability allows a high-privileged attacker to bypass authorization, compromise the MySQL connectors and obtain full control over the connectors. |
| CVE | 2019-2692 |
| CVSS score | 3.5 |
| Vulnerability present in version/s | 2.0.14-8.0.15 |
| Found library version/s | 5.1.35 |
| Vulnerability fixed in version | 8.0.16 |
| Library latest version | 8.0.30 |
| Fix |
Links: