Replace dependency mysql:mysql-connector-java with com.mysql:mysql-connector-j#129
Open
mend-for-github-com[bot] wants to merge 1 commit into
Open
Mend for GitHub.com / Mend Security Check
failed
May 26, 2026 in 14m 34s
Security Report
❌ New vulnerabilities:
| Vulnerability | Severity |  CVSS Score |
Vulnerable Library | Direct Library | Suggested Fix | Issue |
|---|---|---|---|---|---|---|
CVE-2023-22102Path to dependency file: /pom.xml Path to vulnerable library: /pom.xml Dependency Hierarchy: -> ❌ mysql-connector-j-8.0.33.jar (Vulnerable Library) |
 High |
8.3 | Direct mysql-connector-j-8.0.33.jar |
mysql-connector-j-8.0.33.jar | com.mysql:mysql-connector-j:8.2.0 | None |
✔️ Remediated vulnerabilities:
| Vulnerability | Vulnerable Library |
|---|---|
| CVE-2022-40152 | woodstox-core-5.0.3.jar |
| CVE-2020-2875 | mysql-connector-java-5.1.24.jar |
| CVE-2023-20863 | spring-expression-5.1.1.RELEASE.jar |
| CVE-2015-2575 | mysql-connector-java-5.1.24.jar |
| WS-2018-0629 | woodstox-core-5.0.3.jar |
| CVE-2025-48924 | commons-lang3-3.4.jar |
| CVE-2017-3586 | mysql-connector-java-5.1.24.jar |
| CVE-2025-41242 | spring-beans-5.0.7.RELEASE.jar |
| CVE-2023-34623 | jtidy-r938.jar |
| CVE-2020-15250 | junit-4.10.jar |
| CVE-2017-3589 | mysql-connector-java-5.1.24.jar |
| CVE-2017-3523 | mysql-connector-java-5.1.24.jar |
| CVE-2023-22102 | mysql-connector-java-5.1.24.jar |
| CVE-2023-44483 | xmlsec-2.1.4.jar |
| CVE-2023-20861 | spring-expression-5.1.1.RELEASE.jar |
| CVE-2022-22965 | spring-beans-5.0.7.RELEASE.jar |
| CVE-2020-2934 | mysql-connector-java-5.1.24.jar |
| CVE-2021-40690 | xmlsec-2.1.4.jar |
| CVE-2024-38808 | spring-expression-5.1.1.RELEASE.jar |
| CVE-2023-5072 | json-20180130.jar |
| CVE-2018-3258 | mysql-connector-java-5.1.24.jar |
| CVE-2022-45688 | json-20180130.jar |
| CVE-2022-22950 | spring-expression-5.1.1.RELEASE.jar |
| CVE-2022-21363 | mysql-connector-java-5.1.24.jar |
| CVE-2020-2933 | mysql-connector-java-5.1.24.jar |
| CVE-2022-22970 | spring-beans-5.0.7.RELEASE.jar |
| CVE-2019-2692 | mysql-connector-java-5.1.24.jar |
Base branch total remaining vulnerabilities: 56
Base branch commit: null
Total libraries scanned: 35
Scan token: 3cf5439b559c4ca1a9652de4f86be363
Loading