VDB

GCVE-VVD-MAGEIA-2017-382

GCVE-VVD-MAGEIA-2017-382
Advisory Published
Vulnetix · Advisory published October 24, 2017
Thijs Alkemade discovered that unexpected automatic deserialisation of Java objects in the MySQL Connector/J JDBC driver may result in the execution of arbitary code (CVE-2017-3523). Two vulnerabilities have been found in the MySQL Connector/J JDBC driver (CVE-2017-3586, CVE-2017-3589).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiamysql-connector-java0 (affected), 5.1.42-1.mga5 (unaffected)
Mageiamysql-connector-java0 (affected), 5.1.42-1.mga6 (unaffected)

Aliases

CVE-2017-3523CVE-2017-3586CVE-2017-3589

Transitive aliases

OPENSUSE-SU-2024:11071-1GSD-2017-3523EUVD-2022-3587EUVD-2022-4838VVD-CISA-2017-3586GHSA-cjcf-wm2p-59h5CNVD-2017-06631VVD-CISA-2017-3523EUVD-2022-2076SUSE-SU-2017:2591-1GHSA-2xxh-f8r3-hvvrVVD-CISA-2017-3589GHSA-pwh7-92h3-mqr6

References

Updated mysql-connector-java packages fix security vulnerabilities
advisory
Updated mysql-connector-java packages fix security vulnerabilities
advisory
Updated mysql-connector-java packages fix security vulnerabilities
advisory
Updated mysql-connector-java packages fix security vulnerabilities
issue
Updated mysql-connector-java packages fix security vulnerabilities
issue
Updated mysql-connector-java packages fix security vulnerabilities
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›