Intel/AIKIDO-2025-10068
mysql-connector-java
AIKIDO-2025-10068
mysql-connector-java is vulnerable to Remote code execution
Remote code executionCVE-2023-22102 Published Feb 3, 2025
75
High Risk
This Affects:
mysql-connector-java0.0.1 - 8.0.33
Are you affected? Scan for Free
TL;DR
MySQL Connectors takeover vulnerability
Who does this affect?
Attacker must have network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker.
Background info
mysql-connector-java is vulnerable to Remote code execution in versions 0.0.1 - 8.0.33.
How to fix this
The namespace of this package has been changed on Maven to https://mvnrepository.com/artifact/com.mysql/mysql-connector-j. Upgrade to at least version 8.2.0 of this new package.
Links
github.com/mysql/mysql-connector-j/blob/release/9.x/CHANGEShttps://github.com/mysql/mysql-connector-j/blob/release/9.x/CHANGES
security.netapp.com/advisory/ntap-20231027-0007/https://security.netapp.com/advisory/ntap-20231027-0007/
oracle.com/security-alerts/cpuoct2023.htmlhttps://www.oracle.com/security-alerts/cpuoct2023.html
Are You Affected?
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.
Resources
Industries
Use Cases
Compare
© 2026 Aikido Security BV | BE0792914919
Keizer Karelstraat 15, 9000, Ghent, Belgium
95 Third St, 2nd Fl, San Francisco, CA 94103, US
Unit 6.15 Runway East 18 18 Crucifix Ln, London SE1 3JW UK
Ghent, Belgium | San Francisco, US
SOC 2Compliant
ISO 27001Compliant