CVE: 2019-2692 found in MySQL Connector/J - Version: 5.1.35 [JAVA]

[github-actions]

Veracode Software Composition Analysis

Attribute	Details
Library	MySQL Connector/J
Description	JDBC Type 4 driver for MySQL
Language	JAVA
Vulnerability	Authorization Bypass
Vulnerability description	mysql-connector-java is vulnerable to authorization bypass. A difficult-to-exploit vulnerability allows a high-privileged attacker to bypass authorization, compromise the MySQL connectors and obtain full control over the connectors.
CVE	2019-2692
CVSS score	3.5
Vulnerability present in version/s	2.0.14-8.0.15
Found library version/s	5.1.35
Vulnerability fixed in version	8.0.16
Library latest version	8.0.30
Fix

Links:

• https://sca.analysiscenter.veracode.com/vulnerability-database/libraries/1834?version=5.1.35
• https://sca.analysiscenter.veracode.com/vulnerability-database/vulnerabilities/20694
• Patch: