OESA-2024-1103

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1103
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2024-1103.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2024-1103
Upstream
Published
2024-01-26T11:06:51Z
Modified
2025-08-12T05:07:39.206825Z
Summary
mysql-connector-java security update
Details

Official JDBC driver for MySQL.

Security Fix(es):

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Connectors accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 5.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H).(CVE-2021-2471)

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).(CVE-2022-21363)

Database specific 
{
    "severity": "Medium"
}
References

Affected packages

openEuler:20.03-LTS-SP1 / mysql-connector-java

Package

Name
mysql-connector-java
Purl
pkg:rpm/openEuler/mysql-connector-java&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.0.30-1.oe1

Ecosystem specific 

{
    "src": [
        "mysql-connector-java-8.0.30-1.oe1.src.rpm"
    ],
    "noarch": [
        "mysql-connector-java-8.0.30-1.oe1.noarch.rpm"
    ]
}

openEuler:20.03-LTS-SP4 / mysql-connector-java

Package

Name
mysql-connector-java
Purl
pkg:rpm/openEuler/mysql-connector-java&distro=openEuler-20.03-LTS-SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.0.30-1.oe2003sp4

Ecosystem specific 

{
    "src": [
        "mysql-connector-java-8.0.30-1.oe2003sp4.src.rpm"
    ],
    "noarch": [
        "mysql-connector-java-8.0.30-1.oe2003sp4.noarch.rpm"
    ]
}

openEuler:22.03-LTS / mysql-connector-java

Package

Name
mysql-connector-java
Purl
pkg:rpm/openEuler/mysql-connector-java&distro=openEuler-22.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.0.30-1.oe2203sp3

Ecosystem specific 

{
    "src": [
        "mysql-connector-java-8.0.30-1.oe2203.src.rpm",
        "mysql-connector-java-8.0.30-1.oe2203sp1.src.rpm",
        "mysql-connector-java-8.0.30-1.oe2203sp2.src.rpm",
        "mysql-connector-java-8.0.30-1.oe2203sp3.src.rpm"
    ],
    "noarch": [
        "mysql-connector-java-8.0.30-1.oe2203.noarch.rpm",
        "mysql-connector-java-8.0.30-1.oe2203sp1.noarch.rpm",
        "mysql-connector-java-8.0.30-1.oe2203sp2.noarch.rpm",
        "mysql-connector-java-8.0.30-1.oe2203sp3.noarch.rpm"
    ]
}

openEuler:22.03-LTS-SP1 / mysql-connector-java

Package

Name
mysql-connector-java
Purl
pkg:rpm/openEuler/mysql-connector-java&distro=openEuler-22.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.0.30-1.oe2203sp1

Ecosystem specific 

{
    "src": [
        "mysql-connector-java-8.0.30-1.oe2203sp1.src.rpm"
    ],
    "noarch": [
        "mysql-connector-java-8.0.30-1.oe2203sp1.noarch.rpm"
    ]
}

openEuler:22.03-LTS-SP2 / mysql-connector-java

Package

Name
mysql-connector-java
Purl
pkg:rpm/openEuler/mysql-connector-java&distro=openEuler-22.03-LTS-SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.0.30-1.oe2203sp2

Ecosystem specific 

{
    "src": [
        "mysql-connector-java-8.0.30-1.oe2203sp2.src.rpm"
    ],
    "noarch": [
        "mysql-connector-java-8.0.30-1.oe2203sp2.noarch.rpm"
    ]
}

openEuler:22.03-LTS-SP3 / mysql-connector-java

Package

Name
mysql-connector-java
Purl
pkg:rpm/openEuler/mysql-connector-java&distro=openEuler-22.03-LTS-SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.0.30-1.oe2203sp3

Ecosystem specific 

{
    "src": [
        "mysql-connector-java-8.0.30-1.oe2203sp3.src.rpm"
    ],
    "noarch": [
        "mysql-connector-java-8.0.30-1.oe2203sp3.noarch.rpm"
    ]
}