GCVE-VVD-MAGEIA-2017-382 — Vulnetix

Try Vulnetix Request Demo

GCVE-VVD-MAGEIA-2017-382

Advisory Published

Vulnetix · Advisory published October 24, 2017

Thijs Alkemade discovered that unexpected automatic deserialisation of Java objects in the MySQL Connector/J JDBC driver may result in the execution of arbitary code (CVE-2017-3523). Two vulnerabilities have been found in the MySQL Connector/J JDBC driver (CVE-2017-3586, CVE-2017-3589).

Download JSON Open in Console

Affected Products

Vendor	Product	Versions	Platforms
Mageia	mysql-connector-java	0 (affected), 5.1.42-1.mga5 (unaffected)	—
Mageia	mysql-connector-java	0 (affected), 5.1.42-1.mga6 (unaffected)	—

Aliases

CVE-2017-3523 CVE-2017-3586 CVE-2017-3589

Transitive aliases

OPENSUSE-SU-2024:11071-1 GSD-2017-3523 EUVD-2022-3587 EUVD-2022-4838 VVD-CISA-2017-3586 GHSA-cjcf-wm2p-59h5 CNVD-2017-06631 VVD-CISA-2017-3523 EUVD-2022-2076 SUSE-SU-2017:2591-1 GHSA-2xxh-f8r3-hvvr VVD-CISA-2017-3589 GHSA-pwh7-92h3-mqr6

References

Updated mysql-connector-java packages fix security vulnerabilities

advisory

Updated mysql-connector-java packages fix security vulnerabilities

advisory

Updated mysql-connector-java packages fix security vulnerabilities

advisory

Updated mysql-connector-java packages fix security vulnerabilities

issue

Updated mysql-connector-java packages fix security vulnerabilities

issue

Updated mysql-connector-java packages fix security vulnerabilities

issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON