openSUSE-SU-2025:20089-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2025:20089-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2025:20089-1
Upstream
  • CVE-2025-30706
Related
  • CVE-2025-30706
Published
2025-11-26T08:12:25Z
Modified
2026-03-23T04:54:16.806830Z
Summary
Security update for mysql-connector-java
Details

This update for mysql-connector-java fixes the following issues:

  • Upgrade to Version 9.3.0
    • CVE-2025-30706: Fixed Connector/J vulnerability (bsc#1241693)
    • Updatable ResultSet fails with 'Parameter index out of range'.
    • Fixed Resultset UPDATE methods not checking validity of ResultSet.
    • DatabaseMetaData clean up.
    • Fixed implement missing methods in DatabaseMetaDataUsingInfoSchema.
    • Fixed procedure execution failing when the parameter name contains escape character.
    • Fixed allow only Krb5LoginModule in Kerberos authentication.
    • Fixed EXECUTE on CallableStatement resulting in ArrayIndexOutOfBoundsException.
    • Mysql connector use an uneffective way to match numericValue.
    • Fixed parameter index validation not proper in CallableStatement
References

Affected packages

openSUSE:Leap 16.0 / mysql-connector-java

Package

Name
mysql-connector-java
Purl
pkg:rpm/opensuse/mysql-connector-java&distro=openSUSE%20Leap%2016.0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
9.3.0-160000.1.1

Ecosystem specific 

{
    "binaries": [
        {
            "mysql-connector-java": "9.3.0-160000.1.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2025:20089-1.json"