Cx6f651376-312a @ Maven-mysql:mysql-connector-java-5.1.18 #15992
Description
Checkmarx (SCA): Vulnerable Package
Vulnerability: Read More about Cx6f651376-312a
Checkmarx Project: AsafOrgTesting/Sast-Sca-Test-Repo
Repository URL: https://github.com/AsafOrgTesting/Sast-Sca-Test-Repo
Branch: master
Scan ID: 381445f1-c79b-4b6f-9733-56cc146401f9
MySQL Connector/J before version 5.1.44 and 6.x is vulnerable to memory leak. When using cached server-side prepared statements, a memory leak occurred as references to opened statements were being kept while the statements were being decached; it happened when either the close() method has been called twice on a statement, or when there were conflicting cache entries for a statement and the older entry had not been closed and removed from the opened statement list.
Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH
Remediation Upgrade Recommendation: 5.1.45