False positive: MySQL JDBC driver reported as cpe:/a:mysql:mysql
See original GitHub issueFalse positive :
- reported by
dependency-check-maven 3.0.1
- on library
mysql-connector-java-5.1.41.jar
- reported as
cpe:/a:mysql:mysql:5.1.41
mysql-connector-java-5.1.41.jar (cpe:/a:mysql:mysql:5.1.41, cpe:/a:oracle:connector%2fj:5.1.41, cpe:/a:sun:mysql_connector/j:5.1.41, cpe:/a:oracle:mysql:5.1.41, mysql:mysql-connector-java:5.1.41, cpe:/a:oracle:mysql_connectors:5.1.41) : ...
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.44</version>
</dependency>
https://mvnrepository.com/artifact/mysql/mysql-connector-java
Issue Analytics
- State:
- Created 6 years ago
- Reactions:1
- Comments:5 (2 by maintainers)
Top Results From Across the Web
False Positive on mysql:mysql-connector-java:8.0.23 #3208
I checked using 6.1.3 - maybe the CPE was not correct, because there are several matching: cpe:/a:mysql:mysql; cpe:/a:oracle:connector%2fj ...
Read more >MySQL Connector/J 8.0 Developer Guide :: 6.3.5 Security
Allows special handshake round-trip to get an RSA public key directly from server. Default Value, false. Since Version, 5.1.31. sslMode. By default ...
Read more >6.3.14 Debugging/Profiling - MySQL :: Developer Zone
Should the driver issue usage warnings advising proper and efficient usage of JDBC and MySQL Connector/J to the 'profilerEventHandler'?. Default Value, false.
Read more >6.3.13 Performance Extensions - MySQL :: Developer Zone
If set to "false", the driver will only communicate with the database when the requested transaction isolation is different than the whichever is...
Read more >4.4.1.3 Changes in the Connector/J API
You might need to adjust your API calls accordingly: The name of the class that implements java.sql.Driver in MySQL Connector/J has changed from...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
I will look into this and try to include a patch in the next version (likely a combination of suppression and/or hint rules).
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.