CVE-2022-21363

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-21363

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-21363.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-21363

Aliases

GHSA-g76j-4cxx-23h9

Related

Withdrawn

2024-09-03T04:41:14.489768Z

Published

2022-01-19T12:15:15Z

Modified

2024-09-02T21:36:39Z

Severity

6.6 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).

References

https://www.oracle.com/security-alerts/cpujan2022.html

Affected packages

Git / github.com/quarkusio/quarkus

Affected ranges

Type: GIT
Repo: https://github.com/quarkusio/quarkus
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

6378c69703a485f55b3d221493b5f1e3cfdf9003