Cx6f651376-312a @ Maven-mysql:mysql-connector-java-5.1.26

[srcdev888]

Vulnerable Package issue exists @ Maven-mysql:mysql-connector-java-5.1.26 in branch master

MySQL Connector/J before version 5.1.44 and 6.x is vulnerable to memory leak. When using cached server-side prepared statements, a memory leak occurred as references to opened statements were being kept while the statements were being decached; it happened when either the close() method has been called twice on a statement, or when there were conflicting cache entries for a statement and the older entry had not been closed and removed from the opened statement list.

Namespace: srcdevel1
Repository: JavaVulnerableLabv1
Repository Url: https://github.com/srcdevel1/JavaVulnerableLabv1
CxAST-Project: srcdevel1/JavaVulnerableLabv1
CxAST platform scan: 19f0f9e7-df09-4044-8007-1bf4035f4eb9
Branch: master
Application: JavaVulnerableLabv1
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-401

---

Addition Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH

---

References
Issue
Pull request
Commit
Release Note