{"affected":[{"ecosystem_specific":{"binaries":[{"mysql-connector-java":"9.3.0-160000.1.1"}]},"package":{"ecosystem":"openSUSE:Leap 16.0","name":"mysql-connector-java","purl":"pkg:rpm/opensuse/mysql-connector-java&distro=openSUSE%20Leap%2016.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"9.3.0-160000.1.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for mysql-connector-java fixes the following issues:\n\n- Upgrade to Version 9.3.0\n  - CVE-2025-30706: Fixed Connector/J vulnerability (bsc#1241693)\n  - Updatable ResultSet fails with 'Parameter index out of range'.\n  - Fixed Resultset UPDATE methods not checking validity of ResultSet.\n  - DatabaseMetaData clean up.\n  - Fixed implement missing methods in DatabaseMetaDataUsingInfoSchema.\n  - Fixed procedure execution failing when the parameter name contains escape character.\n  - Fixed allow only Krb5LoginModule in Kerberos authentication.\n  - Fixed EXECUTE on CallableStatement resulting in ArrayIndexOutOfBoundsException.\n  - Mysql connector use an uneffective way to match numericValue.\n  - Fixed parameter index validation not proper in CallableStatement\n","id":"openSUSE-SU-2025-20089-1","modified":"2025-11-26T08:12:25Z","published":"2025-11-26T08:12:25Z","references":[{"type":"ADVISORY","url":null},{"type":"REPORT","url":"https://bugzilla.suse.com/1241693"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-30706"}],"related":["CVE-2025-30706"],"summary":"Security update for mysql-connector-java","upstream":["CVE-2025-30706"]}