Code Intelligence Finds Vulnerability in MySQL JDBC Driver - CVE-2023-21971
Affected applications are at a higher risk of severe availability issues.
Bonn, Germany, April 21st, 2023 - As part of Code Intelligence’s ongoing efforts to improve the security of open-source software it continuously tests open-source projects with its JVM fuzzing engine, Jazzer, in Google’s OSS-Fuzz. Today Code Intelligence uncovered a new vulnerability in MySQL Connector/J (CVE-2023-21971). MySQL Connector/J is an Oracle JDBC driver that can be used to interact with MySQL databases from Java applications. The discovered vulnerability allows attackers to compromise MySQL connectors. Oracle has issued a critical path update which fixes this vulnerability.
More details on the vulnerability, along with affected versions and mitigation steps, can be found in Code Intelligence’s blog on the topic.
Sources:
About Code Intelligence:
Founded in 2018 by Sergej Dechand, Khaled Yakdan, and Matthew Smith, Code Intelligence offers an automated software security platform that helps developers ship more secure code. The startup strongly focuses on securing memory-safe languages widely used in the industry. To this end, it develops and maintains the leading fuzzing engines for Java and JavaScript. It also contributed several improvements to fuzzing in Golang, which have been integrated into the language, benefiting all Go developers. Code Intelligence is trusted by Google, Deutsche Telekom, Bosch, and CARIAD, amongst others.
Media Kit
Link
Media Contact
press@code-intelligence.com
Related Articles
Code Intelligence Raises $12M for Dev-First Security
We are thrilled to announce that we secured Series A funding of $12 Million and welcome Thomas Dohmke, CEO of GitHub as our new business angel.
Our Log4j Bug Detectors Are Now in Google’s OSS-Fuzz
Code Intelligence implemented bug detectors for Remote Code Execution Vulnerabilities (RCEs) into Google’s open-source fuzzing framework, OSS-Fuzz.
Open-Source: Jazzer Fixes 19 Bugs in Jsoup
With Jazzer, we were able to find over 19 Bugs in Jsoup. Jsoup is a popular open-source library used to parse, extract and manipulate data stored in HTML.