Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/mysql/mysql-connector-java@8.0.25

Type maven

Namespace mysql

Name mysql-connector-java

Version 8.0.25

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url VCID-4w4j-hadb-w3e6

vulnerability_id VCID-4w4j-hadb-w3e6

summary

Uncontrolled Resource Consumption
Vulnerability in the MySQL Connectors product of Oracle MySQL. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Connectors accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DoS) of MySQL Connectors.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2471.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2471.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-2471

reference_id

reference_type

scores

value	0.63823
scoring_system	epss
scoring_elements	0.9843
published_at	2026-04-21T12:55:00Z

value	0.63823
scoring_system	epss
scoring_elements	0.98411
published_at	2026-04-01T12:55:00Z

value	0.63823
scoring_system	epss
scoring_elements	0.98413
published_at	2026-04-02T12:55:00Z

value	0.63823
scoring_system	epss
scoring_elements	0.98416
published_at	2026-04-04T12:55:00Z

value	0.63823
scoring_system	epss
scoring_elements	0.98419
published_at	2026-04-07T12:55:00Z

value	0.63823
scoring_system	epss
scoring_elements	0.98422
published_at	2026-04-08T12:55:00Z

value	0.63823
scoring_system	epss
scoring_elements	0.98423
published_at	2026-04-09T12:55:00Z

value	0.63823
scoring_system	epss
scoring_elements	0.98426
published_at	2026-04-13T12:55:00Z

value	0.63823
scoring_system	epss
scoring_elements	0.98431
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-2471

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:15:14Z/

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:15:14Z/

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2020583
reference_id	2020583
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2020583

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-2471

reference_id

CVE-2021-2471

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-2471

reference_url

https://github.com/advisories/GHSA-w6f2-8wx4-47r5

reference_id

GHSA-w6f2-8wx4-47r5

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-w6f2-8wx4-47r5

reference_url	https://access.redhat.com/errata/RHSA-2022:0589
reference_id	RHSA-2022:0589
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0589

reference_url	https://access.redhat.com/errata/RHSA-2022:1013
reference_id	RHSA-2022:1013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1013

reference_url	https://access.redhat.com/errata/RHSA-2022:5532
reference_id	RHSA-2022:5532
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5532

reference_url	https://access.redhat.com/errata/RHSA-2022:5903
reference_id	RHSA-2022:5903
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5903

reference_url	https://access.redhat.com/errata/RHSA-2022:6407
reference_id	RHSA-2022:6407
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6407

fixed_packages

url pkg:maven/mysql/mysql-connector-java@8.0.27

purl pkg:maven/mysql/mysql-connector-java@8.0.27

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-e37q-8shh-v7aw

vulnerability	VCID-xap5-du1j-c7ed

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@8.0.27

aliases CVE-2021-2471, GHSA-w6f2-8wx4-47r5

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4w4j-hadb-w3e6

url VCID-e37q-8shh-v7aw

vulnerability_id VCID-e37q-8shh-v7aw

summary

Unknown Vulnerability
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21363.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21363.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-21363

reference_id

reference_type

scores

value	0.01012
scoring_system	epss
scoring_elements	0.77159
published_at	2026-04-21T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.77123
published_at	2026-04-09T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.7715
published_at	2026-04-11T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.77129
published_at	2026-04-12T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.77125
published_at	2026-04-13T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.77166
published_at	2026-04-16T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.77167
published_at	2026-04-18T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.77069
published_at	2026-04-02T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.77098
published_at	2026-04-04T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.77081
published_at	2026-04-07T12:55:00Z

value	0.01012
scoring_system	epss
scoring_elements	0.77113
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-21363

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-24T17:38:01Z/

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2047343
reference_id	2047343
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2047343

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-21363

reference_id

CVE-2022-21363

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-21363

reference_url

https://github.com/advisories/GHSA-g76j-4cxx-23h9

reference_id

GHSA-g76j-4cxx-23h9

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-g76j-4cxx-23h9

reference_url	https://access.redhat.com/errata/RHSA-2022:4623
reference_id	RHSA-2022:4623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4623

reference_url	https://access.redhat.com/errata/RHSA-2022:4918
reference_id	RHSA-2022:4918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4918

reference_url	https://access.redhat.com/errata/RHSA-2022:4919
reference_id	RHSA-2022:4919
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4919

reference_url	https://access.redhat.com/errata/RHSA-2022:4922
reference_id	RHSA-2022:4922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4922

reference_url	https://access.redhat.com/errata/RHSA-2022:5532
reference_id	RHSA-2022:5532
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5532

fixed_packages

url pkg:maven/mysql/mysql-connector-java@8.0.28

purl pkg:maven/mysql/mysql-connector-java@8.0.28

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-xap5-du1j-c7ed

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@8.0.28

aliases CVE-2022-21363, GHSA-g76j-4cxx-23h9

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e37q-8shh-v7aw

url

VCID-xap5-du1j-c7ed

vulnerability_id

VCID-xap5-du1j-c7ed

summary

Improper Access Control
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22102.json

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22102.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-22102

reference_id

reference_type

scores

value	0.03493
scoring_system	epss
scoring_elements	0.87608
published_at	2026-04-21T12:55:00Z

value	0.03493
scoring_system	epss
scoring_elements	0.87549
published_at	2026-04-02T12:55:00Z

value	0.03493
scoring_system	epss
scoring_elements	0.87562
published_at	2026-04-04T12:55:00Z

value	0.03493
scoring_system	epss
scoring_elements	0.87565
published_at	2026-04-07T12:55:00Z

value	0.03493
scoring_system	epss
scoring_elements	0.87584
published_at	2026-04-08T12:55:00Z

value	0.03493
scoring_system	epss
scoring_elements	0.8759
published_at	2026-04-09T12:55:00Z

value	0.03493
scoring_system	epss
scoring_elements	0.87601
published_at	2026-04-11T12:55:00Z

value	0.03493
scoring_system	epss
scoring_elements	0.87597
published_at	2026-04-12T12:55:00Z

value	0.03493
scoring_system	epss
scoring_elements	0.87594
published_at	2026-04-13T12:55:00Z

value	0.03493
scoring_system	epss
scoring_elements	0.87609
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-22102

reference_url

https://github.com/mysql/mysql-connector-j

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	8.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/mysql/mysql-connector-j

reference_url

https://github.com/mysql/mysql-connector-j/compare/8.1.0...8.2.0

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	8.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/mysql/mysql-connector-j/compare/8.1.0...8.2.0

reference_url

https://security.netapp.com/advisory/ntap-20231027-0007

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	8.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20231027-0007

reference_url

https://security.netapp.com/advisory/ntap-20231027-0007/

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T15:27:01Z/

url

https://security.netapp.com/advisory/ntap-20231027-0007/

reference_url

https://www.oracle.com/security-alerts/cpuoct2023.html

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	8.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T15:27:01Z/

url

https://www.oracle.com/security-alerts/cpuoct2023.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2256474
reference_id	2256474
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2256474

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-22102

reference_id

CVE-2023-22102

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	8.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-22102

reference_url

https://github.com/advisories/GHSA-m6vm-37g8-gqvh

reference_id

GHSA-m6vm-37g8-gqvh

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-m6vm-37g8-gqvh

fixed_packages

aliases

CVE-2023-22102, GHSA-m6vm-37g8-gqvh

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-xap5-du1j-c7ed

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@8.0.25

Package Instance