ALT-PU-2026-9882-3

Package update mysql-connector-java in branch p11

Version8.2.0-alt1_1jpp17

Published2026-06-24

Max severityHIGH

Severity:

Closed issues (5)

MEDIUM5.3

Уязвимость компонента Connector/J драйвера MySQL Connectors системы управления базами данных Oracle MySQL, позволяющая нарушителю получить доступ на чтение, изменение, добавление или удаление данных

Published: 2023-05-11Modified: 2024-09-01

CVSS 3.xMEDIUM 5.3

CVSS:3.x/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H

CVSS 2.0MEDIUM 5.8

CVSS:2.0/AV:N/AC:H/Au:M/C:P/I:P/A:C

References

HIGH8.3

Уязвимость компонента Connector/J драйвера MySQL Connectors системы управления базами данных Oracle MySQL, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Published: 2023-10-24Modified: 2024-09-01

CVSS 3.xHIGH 8.3

CVSS:3.x/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

CVSS 2.0HIGH 7.6

CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C

References

MEDIUM5.3

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors as well as unauthorized update, insert or delete access to some of MySQL Connectors accessible data and unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H).

Published: 2023-04-18Modified: 2026-06-17

CVSS 3.xMEDIUM 5.3

CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H

References

HIGH8.3

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).

Published: 2023-10-17Modified: 2026-06-17

CVSS 3.xHIGH 8.3

CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

References

GHSA-m6vm-37g8-gqvh

HIGH8.9

MySQL Connectors takeover vulnerability

Published: 2023-10-18Modified: 2024-12-05

CVSS 3.x

CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

CVSS 4.0HIGH 8.9

CVSS:4.0/CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

References