Candidate: CVE-2018-3258
PublicDate: 2018-10-17 01:31:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3258
 http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
 http://www.securitytracker.com/id/1041888
 https://security.netapp.com/advisory/ntap-20181018-0002/
Description:
 Vulnerability in the MySQL Connectors component of Oracle MySQL
 (subcomponent: Connector/J). Supported versions that are affected are
 8.0.12 and prior. Easily exploitable vulnerability allows low privileged
 attacker with network access via multiple protocols to compromise MySQL
 Connectors. Successful attacks of this vulnerability can result in takeover
 of MySQL Connectors. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity
 and Availability impacts). CVSS Vector:
 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H [8.8 HIGH]


Patches_mysql-connector-java:
upstream_mysql-connector-java: not-affected (affects 8.x only)
precise/esm_mysql-connector-java: DNE
trusty_mysql-connector-java: ignored (out of standard support)
trusty/esm_mysql-connector-java: not-affected (affects 8.x only)
xenial_mysql-connector-java: not-affected (affects 8.x only)
bionic_mysql-connector-java: not-affected (affects 8.x only)
cosmic_mysql-connector-java: ignored (reached end-of-life)
disco_mysql-connector-java: DNE
devel_mysql-connector-java: DNE