目前我们自己程序引入了oceanbase-client 1.1.10 驱动组件,在客户现场组件安全扫描时发现了
MySQL Connector/J:5.1.40 存在漏洞
咨询一下oceanbase-client版本什么版本修复了该漏洞?
另外我们还有一个程序是引入了oceanbase-client 2.4.12 驱动组件,是否存在MySQL Connector/J:5.1.40的漏洞?
| MySQL Connector/J | CVE-2021-3711 |
|---|---|
| MySQL Connector/J | CVE-2020-1967 |
| MySQL Connector/J | CVE-2021-44531 |
| MySQL Connector/J | CVE-2017-3523 |
| MySQL Connector/J | CVE-2018-3258 |
| MySQL Connector/J | CVE-2021-3450 |
| MySQL Connector/J | CVE-2021-3712 |
| MySQL Connector/J | CVE-2022-21824 |
| MySQL Connector/J | CVE-2023-22102 |
| MySQL Connector/J | CVE-2021-44532 |
| MySQL Connector/J | CVE-2017-3586 |
| MySQL Connector/J | CVE-2019-2692 |
| MySQL Connector/J | CVE-2020-2875 |
| MySQL Connector/J | CVE-2022-21363 |
| MySQL Connector/J | CVE-2021-44533 |
| MySQL Connector/J | CVE-2019-10219 |
| MySQL Connector/J | CVE-2021-3449 |
| MySQL Connector/J | CVE-2020-2934 |
| MySQL Connector/J | CVE-2017-3589 |
| MySQL Connector/J | CVE-2021-2471 |
| MySQL Connector/J | 未知 |
| MySQL Connector/J | CVE-2020-2933 |
这个是相关的漏洞编号
oceanbase-cliet 1.x 和 2.x 版本差异非常大,2.4.x 开始的开源版本并不依赖 mysql connector,所以不应该有上述 mysql 漏洞的。如果想确认一下,您可以用您那边的检测系统查一下源码 https://github.com/oceanbase/obconnector-j
1 个赞
好的 谢谢