Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/414166?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/414166?format=api", "purl": "pkg:maven/mysql/mysql-connector-java@5.1.10", "type": "maven", "namespace": "mysql", "name": "mysql-connector-java", "version": "5.1.10", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6964?format=api", "vulnerability_id": "VCID-64jf-vnpj-u7fk", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2692.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2692.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-2692", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77549", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77623", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77631", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77617", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-2692" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190423-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190423-0002" }, { "reference_url": "https://snyk.io/vuln/SNYK-JAVA-MYSQL-174574", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://snyk.io/vuln/SNYK-JAVA-MYSQL-174574" }, { "reference_url": "http://www.securityfocus.com/bid/107925", "reference_id": "107925", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:48Z/" } ], "url": "http://www.securityfocus.com/bid/107925" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1703402", "reference_id": "1703402", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1703402" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "cpuapr2019-5072813.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:48Z/" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2692", "reference_id": "CVE-2019-2692", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2692" }, { "reference_url": "https://github.com/advisories/GHSA-jcq3-cprp-m333", "reference_id": "GHSA-jcq3-cprp-m333", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jcq3-cprp-m333" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190423-0002/", "reference_id": "ntap-20190423-0002", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:48Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190423-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5568", "reference_id": "RHSA-2020:5568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5568" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/16710?format=api", "purl": "pkg:maven/mysql/mysql-connector-java@8.0.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7yak-bp2g-s3hb" }, { "vulnerability": "VCID-mm5k-xf1m-fbda" }, { "vulnerability": "VCID-u8c1-449f-7qfx" }, { "vulnerability": "VCID-x22p-qd85-hbar" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@8.0.16" } ], "aliases": [ "CVE-2019-2692", "GHSA-jcq3-cprp-m333" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-64jf-vnpj-u7fk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/181719?format=api", "vulnerability_id": "VCID-6zmh-83cx-6fa3", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00089.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00089.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2575.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2575.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2575", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.83163", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.83158", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.83167", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.83097", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2575" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2575", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2575" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2575", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-2575" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20150417-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20150417-0003" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20150417-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20150417-0003/" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3621", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3621" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212764", "reference_id": "1212764", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212764" }, { "reference_url": "https://github.com/advisories/GHSA-gc43-g62c-99g2", "reference_id": "GHSA-gc43-g62c-99g2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gc43-g62c-99g2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/385808?format=api", "purl": "pkg:maven/mysql/mysql-connector-java@5.1.35", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-64jf-vnpj-u7fk" }, { "vulnerability": "VCID-7yak-bp2g-s3hb" }, { "vulnerability": "VCID-hqef-xmma-zue7" }, { "vulnerability": "VCID-jrq4-25yz-ubfh" }, { "vulnerability": "VCID-kau8-d48b-e3hp" }, { "vulnerability": "VCID-r6yu-stdr-t3dj" }, { "vulnerability": "VCID-s9p1-kn2y-w3cu" }, { "vulnerability": "VCID-u8c1-449f-7qfx" }, { "vulnerability": "VCID-vmwb-jmqz-wqca" }, { "vulnerability": "VCID-x22p-qd85-hbar" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@5.1.35" } ], "aliases": [ "CVE-2015-2575", "GHSA-gc43-g62c-99g2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6zmh-83cx-6fa3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8475?format=api", "vulnerability_id": "VCID-7yak-bp2g-s3hb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2934.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2934.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-2934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.6415", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.64263", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.64266", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.64253", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-2934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2875", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2875" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2933" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2934" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851014", "reference_id": "1851014", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851014" }, { "reference_url": "https://security.gentoo.org/glsa/202105-27", "reference_id": "202105-27", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:00:45Z/" } ], "url": "https://security.gentoo.org/glsa/202105-27" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/", "reference_id": "4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:00:45Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "cpuapr2020.html", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:00:45Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "cpujan2022.html", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:00:45Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2934", "reference_id": "CVE-2020-2934", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2934" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4703", "reference_id": "dsa-4703", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:00:45Z/" } ], "url": "https://www.debian.org/security/2020/dsa-4703" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/", "reference_id": "MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:00:45Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:00:45Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4960", "reference_id": "RHSA-2020:4960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4961", "reference_id": "RHSA-2020:4961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5134", "reference_id": "RHSA-2021:5134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5134" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/432376?format=api", "purl": "pkg:maven/mysql/mysql-connector-java@5.1.49", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-64jf-vnpj-u7fk" }, { "vulnerability": "VCID-kau8-d48b-e3hp" }, { "vulnerability": "VCID-u8c1-449f-7qfx" }, { "vulnerability": "VCID-x22p-qd85-hbar" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@5.1.49" }, { "url": "http://public2.vulnerablecode.io/api/packages/458661?format=api", "purl": "pkg:maven/mysql/mysql-connector-java@8.0.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mm5k-xf1m-fbda" }, { "vulnerability": "VCID-u8c1-449f-7qfx" }, { "vulnerability": "VCID-x22p-qd85-hbar" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@8.0.20" } ], "aliases": [ "CVE-2020-2934" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7yak-bp2g-s3hb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3474?format=api", "vulnerability_id": "VCID-hqef-xmma-zue7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3586.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3586.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3586", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74531", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74615", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74616", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74603", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3589", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3589" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3586", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3586" }, { "reference_url": "http://www.securitytracker.com/id/1038287", "reference_id": "1038287", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:34Z/" } ], "url": "http://www.securitytracker.com/id/1038287" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444406", "reference_id": "1444406", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444406" }, { "reference_url": "http://www.securityfocus.com/bid/97784", "reference_id": "97784", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:34Z/" } ], "url": "http://www.securityfocus.com/bid/97784" }, { "reference_url": "http://www.securityfocus.com/bid/97982", "reference_id": "97982", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:34Z/" } ], "url": "http://www.securityfocus.com/bid/97982" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "reference_id": "cpuapr2017-3236618.html", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:34Z/" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3857", "reference_id": "dsa-3857", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:34Z/" } ], "url": "http://www.debian.org/security/2017/dsa-3857" }, { "reference_url": "https://github.com/advisories/GHSA-pwh7-92h3-mqr6", "reference_id": "GHSA-pwh7-92h3-mqr6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pwh7-92h3-mqr6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/384898?format=api", "purl": "pkg:maven/mysql/mysql-connector-java@5.1.42", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-64jf-vnpj-u7fk" }, { "vulnerability": "VCID-7yak-bp2g-s3hb" }, { "vulnerability": "VCID-jrq4-25yz-ubfh" }, { "vulnerability": "VCID-kau8-d48b-e3hp" }, { "vulnerability": "VCID-r6yu-stdr-t3dj" }, { "vulnerability": "VCID-u8c1-449f-7qfx" }, { "vulnerability": "VCID-x22p-qd85-hbar" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@5.1.42" } ], "aliases": [ "CVE-2017-3586", "GHSA-pwh7-92h3-mqr6" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hqef-xmma-zue7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8460?format=api", "vulnerability_id": "VCID-jrq4-25yz-ubfh", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2875.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2875.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-2875", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0069", "scoring_system": "epss", "scoring_elements": "0.72281", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0069", "scoring_system": "epss", "scoring_elements": "0.72371", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0069", "scoring_system": "epss", "scoring_elements": "0.72377", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0069", "scoring_system": "epss", "scoring_elements": "0.72363", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-2875" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2875", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2875" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2933" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2934" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851019", "reference_id": "1851019", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851019" }, { "reference_url": "https://security.gentoo.org/glsa/202105-27", "reference_id": "202105-27", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:02:06Z/" } ], "url": "https://security.gentoo.org/glsa/202105-27" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/", "reference_id": "4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:02:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "cpuapr2020.html", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:02:06Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2875", "reference_id": "CVE-2020-2875", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2875" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4703", "reference_id": "dsa-4703", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:02:06Z/" } ], "url": "https://www.debian.org/security/2020/dsa-4703" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/", "reference_id": "MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:02:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:02:06Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4960", "reference_id": "RHSA-2020:4960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4961", "reference_id": "RHSA-2020:4961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5134", "reference_id": "RHSA-2021:5134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5134" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/432376?format=api", "purl": "pkg:maven/mysql/mysql-connector-java@5.1.49", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-64jf-vnpj-u7fk" }, { "vulnerability": "VCID-kau8-d48b-e3hp" }, { "vulnerability": "VCID-u8c1-449f-7qfx" }, { "vulnerability": "VCID-x22p-qd85-hbar" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@5.1.49" }, { "url": "http://public2.vulnerablecode.io/api/packages/391153?format=api", "purl": "pkg:maven/mysql/mysql-connector-java@8.0.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-64jf-vnpj-u7fk" }, { "vulnerability": "VCID-7yak-bp2g-s3hb" }, { "vulnerability": "VCID-mm5k-xf1m-fbda" }, { "vulnerability": "VCID-u8c1-449f-7qfx" }, { "vulnerability": "VCID-x22p-qd85-hbar" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@8.0.15" } ], "aliases": [ "CVE-2020-2875" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jrq4-25yz-ubfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5463?format=api", "vulnerability_id": "VCID-kau8-d48b-e3hp", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3258.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3258.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-3258", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04126", "scoring_system": "epss", "scoring_elements": "0.88928", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.04126", "scoring_system": "epss", "scoring_elements": "0.88922", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.04126", "scoring_system": "epss", "scoring_elements": "0.88884", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-3258" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-3258", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-3258" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181018-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20181018-0002" }, { "reference_url": "http://www.securitytracker.com/id/1041888", "reference_id": "1041888", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:07Z/" } ], "url": "http://www.securitytracker.com/id/1041888" }, { "reference_url": "http://www.securityfocus.com/bid/105589", "reference_id": "105589", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:07Z/" } ], "url": "http://www.securityfocus.com/bid/105589" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1640615", "reference_id": "1640615", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1640615" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "reference_id": "cpuoct2018-4428296.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:07Z/" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "reference_url": "https://github.com/advisories/GHSA-4vrv-ch96-6h42", "reference_id": "GHSA-4vrv-ch96-6h42", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4vrv-ch96-6h42" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20181018-0002/", "reference_id": "ntap-20181018-0002", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:07Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20181018-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1545", "reference_id": "RHSA-2019:1545", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:07Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4366", "reference_id": "RHSA-2020:4366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4366" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/386286?format=api", "purl": "pkg:maven/mysql/mysql-connector-java@8.0.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-64jf-vnpj-u7fk" }, { "vulnerability": "VCID-7yak-bp2g-s3hb" }, { "vulnerability": "VCID-jrq4-25yz-ubfh" }, { "vulnerability": "VCID-mm5k-xf1m-fbda" }, { "vulnerability": "VCID-u8c1-449f-7qfx" }, { "vulnerability": "VCID-x22p-qd85-hbar" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@8.0.13" } ], "aliases": [ "CVE-2018-3258", "GHSA-4vrv-ch96-6h42" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kau8-d48b-e3hp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8474?format=api", "vulnerability_id": "VCID-r6yu-stdr-t3dj", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2933.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2933.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-2933", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.73163", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.73254", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.73256", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.7324", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-2933" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2875", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2875" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2933" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2934" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851022", "reference_id": "1851022", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851022" }, { "reference_url": "https://security.gentoo.org/glsa/202105-27", "reference_id": "202105-27", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:00:47Z/" } ], "url": "https://security.gentoo.org/glsa/202105-27" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/", "reference_id": "4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:00:47Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "cpuapr2020.html", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:00:47Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2933", "reference_id": "CVE-2020-2933", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2933" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4703", "reference_id": "dsa-4703", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:00:47Z/" } ], "url": "https://www.debian.org/security/2020/dsa-4703" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/", "reference_id": "MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:00:47Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:00:47Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4960", "reference_id": "RHSA-2020:4960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4961", "reference_id": "RHSA-2020:4961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4961" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/432376?format=api", "purl": "pkg:maven/mysql/mysql-connector-java@5.1.49", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-64jf-vnpj-u7fk" }, { "vulnerability": "VCID-kau8-d48b-e3hp" }, { "vulnerability": "VCID-u8c1-449f-7qfx" }, { "vulnerability": "VCID-x22p-qd85-hbar" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@5.1.49" } ], "aliases": [ "CVE-2020-2933" ], "risk_score": 1.0, "exploitability": "0.5", "weighted_severity": "2.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r6yu-stdr-t3dj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3475?format=api", "vulnerability_id": "VCID-s9p1-kn2y-w3cu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3589.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3589.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3589", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37541", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3773", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37743", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37719", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3589" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3589", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3589" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.7", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:S/C:N/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3589", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3589" }, { "reference_url": "http://www.securitytracker.com/id/1038287", "reference_id": "1038287", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:31Z/" } ], "url": "http://www.securitytracker.com/id/1038287" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444407", "reference_id": "1444407", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444407" }, { "reference_url": "http://www.securityfocus.com/bid/97836", "reference_id": "97836", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:31Z/" } ], "url": "http://www.securityfocus.com/bid/97836" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "reference_id": "cpuapr2017-3236618.html", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:31Z/" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3857", "reference_id": "dsa-3857", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:31Z/" } ], "url": "http://www.debian.org/security/2017/dsa-3857" }, { "reference_url": "https://github.com/advisories/GHSA-cjcf-wm2p-59h5", "reference_id": "GHSA-cjcf-wm2p-59h5", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cjcf-wm2p-59h5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/384898?format=api", "purl": "pkg:maven/mysql/mysql-connector-java@5.1.42", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-64jf-vnpj-u7fk" }, { "vulnerability": "VCID-7yak-bp2g-s3hb" }, { "vulnerability": "VCID-jrq4-25yz-ubfh" }, { "vulnerability": "VCID-kau8-d48b-e3hp" }, { "vulnerability": "VCID-r6yu-stdr-t3dj" }, { "vulnerability": "VCID-u8c1-449f-7qfx" }, { "vulnerability": "VCID-x22p-qd85-hbar" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@5.1.42" } ], "aliases": [ "CVE-2017-3589", "GHSA-cjcf-wm2p-59h5" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s9p1-kn2y-w3cu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/149408?format=api", "vulnerability_id": "VCID-u8c1-449f-7qfx", "summary": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22102.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22102.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22102", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03493", "scoring_system": "epss", "scoring_elements": "0.87915", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.03493", "scoring_system": "epss", "scoring_elements": "0.87917", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.03493", "scoring_system": "epss", "scoring_elements": "0.8791", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.03493", "scoring_system": "epss", "scoring_elements": "0.87869", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22102" }, { "reference_url": "https://github.com/mysql/mysql-connector-j", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "8.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/mysql/mysql-connector-j" }, { "reference_url": "https://github.com/mysql/mysql-connector-j/compare/8.1.0...8.2.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "8.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/mysql/mysql-connector-j/compare/8.1.0...8.2.0" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22102", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "8.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22102" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231027-0007", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "8.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20231027-0007" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256474", "reference_id": "2256474", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256474" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2023.html", "reference_id": "cpuoct2023.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "8.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T15:27:01Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2023.html" }, { "reference_url": "https://github.com/advisories/GHSA-m6vm-37g8-gqvh", "reference_id": "GHSA-m6vm-37g8-gqvh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m6vm-37g8-gqvh" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231027-0007/", "reference_id": "ntap-20231027-0007", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T15:27:01Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231027-0007/" } ], "fixed_packages": [], "aliases": [ "CVE-2023-22102", "GHSA-m6vm-37g8-gqvh" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u8c1-449f-7qfx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3468?format=api", "vulnerability_id": "VCID-vmwb-jmqz-wqca", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3523.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3523.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3523", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01646", "scoring_system": "epss", "scoring_elements": "0.82386", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01646", "scoring_system": "epss", "scoring_elements": "0.82451", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01646", "scoring_system": "epss", "scoring_elements": "0.82457", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01646", "scoring_system": "epss", "scoring_elements": "0.82447", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3523" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3523", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3523" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:S/C:P/I:P/A:P" }, { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3523", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3523" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444759", "reference_id": "1444759", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444759" }, { "reference_url": "http://www.securityfocus.com/bid/97982", "reference_id": "97982", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:40Z/" } ], "url": "http://www.securityfocus.com/bid/97982" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "reference_id": "cpuapr2017-3236618.html", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:40Z/" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3840", "reference_id": "dsa-3840", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:40Z/" } ], "url": "http://www.debian.org/security/2017/dsa-3840" }, { "reference_url": "https://github.com/advisories/GHSA-2xxh-f8r3-hvvr", "reference_id": "GHSA-2xxh-f8r3-hvvr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2xxh-f8r3-hvvr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/386087?format=api", "purl": "pkg:maven/mysql/mysql-connector-java@5.1.41", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-64jf-vnpj-u7fk" }, { "vulnerability": "VCID-7yak-bp2g-s3hb" }, { "vulnerability": "VCID-hqef-xmma-zue7" }, { "vulnerability": "VCID-jrq4-25yz-ubfh" }, { "vulnerability": "VCID-kau8-d48b-e3hp" }, { "vulnerability": "VCID-r6yu-stdr-t3dj" }, { "vulnerability": "VCID-s9p1-kn2y-w3cu" }, { "vulnerability": "VCID-u8c1-449f-7qfx" }, { "vulnerability": "VCID-x22p-qd85-hbar" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@5.1.41" } ], "aliases": [ "CVE-2017-3523", "GHSA-2xxh-f8r3-hvvr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vmwb-jmqz-wqca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/169596?format=api", "vulnerability_id": "VCID-x22p-qd85-hbar", "summary": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21363.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21363.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21363", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73766", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73676", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73751", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73767", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21363" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047343", "reference_id": "2047343", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047343" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "cpujan2022.html", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-24T17:38:01Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21363", "reference_id": "CVE-2022-21363", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21363" }, { "reference_url": "https://github.com/advisories/GHSA-g76j-4cxx-23h9", "reference_id": "GHSA-g76j-4cxx-23h9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g76j-4cxx-23h9" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4623", "reference_id": "RHSA-2022:4623", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4623" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4918", "reference_id": "RHSA-2022:4918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4919", "reference_id": "RHSA-2022:4919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4919" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4922", "reference_id": "RHSA-2022:4922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5532", "reference_id": "RHSA-2022:5532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6813", "reference_id": "RHSA-2022:6813", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6813" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/18737?format=api", "purl": "pkg:maven/mysql/mysql-connector-java@8.0.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-u8c1-449f-7qfx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@8.0.28" } ], "aliases": [ "CVE-2022-21363", "GHSA-g76j-4cxx-23h9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x22p-qd85-hbar" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/mysql/mysql-connector-java@5.1.10" }