Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/mysql-connector-python@8.0.32
Typepypi
Namespace
Namemysql-connector-python
Version8.0.32
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version9.1.0
Latest_non_vulnerable_version9.1.0
Affected_by_vulnerabilities
0
url VCID-a738-ctkd-f3b4
vulnerability_id VCID-a738-ctkd-f3b4
summary 
Uncontrolled Ressource Consumption
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DoS) of MySQL Connectors as well as unauthorized update, insert or delete access to some of MySQL Connectors accessible data and unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality, Integrity and Availability impacts).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21971.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21971.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-21971
reference_id
reference_type
scores
0
value 0.00143
scoring_system epss
scoring_elements 0.346
published_at 2026-04-02T12:55:00Z
1
value 0.00143
scoring_system epss
scoring_elements 0.34542
published_at 2026-04-16T12:55:00Z
2
value 0.00143
scoring_system epss
scoring_elements 0.34627
published_at 2026-04-04T12:55:00Z
3
value 0.00143
scoring_system epss
scoring_elements 0.34494
published_at 2026-04-07T12:55:00Z
4
value 0.00143
scoring_system epss
scoring_elements 0.34537
published_at 2026-04-08T12:55:00Z
5
value 0.00143
scoring_system epss
scoring_elements 0.34566
published_at 2026-04-09T12:55:00Z
6
value 0.00143
scoring_system epss
scoring_elements 0.34568
published_at 2026-04-11T12:55:00Z
7
value 0.00143
scoring_system epss
scoring_elements 0.34529
published_at 2026-04-12T12:55:00Z
8
value 0.00143
scoring_system epss
scoring_elements 0.34505
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-21971
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://www.oracle.com/security-alerts/cpuapr2023.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:38:46Z/
url https://www.oracle.com/security-alerts/cpuapr2023.html
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2196673
reference_id 2196673
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2196673
5
reference_url https://www.oracle.com/security-alerts/cpujul2023.html
reference_id cpujul2023.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:38:46Z/
url https://www.oracle.com/security-alerts/cpujul2023.html
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-21971
reference_id CVE-2023-21971
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-21971
7
reference_url https://security.netapp.com/advisory/ntap-20230427-0007/
reference_id ntap-20230427-0007
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:38:46Z/
url https://security.netapp.com/advisory/ntap-20230427-0007/
8
reference_url https://security.netapp.com/advisory/ntap-20230427-0010/
reference_id ntap-20230427-0010
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:38:46Z/
url https://security.netapp.com/advisory/ntap-20230427-0010/
fixed_packages
0
url pkg:pypi/mysql-connector-python@8.0.33
purl pkg:pypi/mysql-connector-python@8.0.33
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hcw3-ymdx-pfas
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mysql-connector-python@8.0.33
aliases CVE-2023-21971
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a738-ctkd-f3b4
1
url VCID-hcw3-ymdx-pfas
vulnerability_id VCID-hcw3-ymdx-pfas
summary 
MySQL Connector/Python connector takeover vulnerability
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python).  Supported versions that are affected are 9.0.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-21272
reference_id
reference_type
scores
0
value 0.00915
scoring_system epss
scoring_elements 0.75857
published_at 2026-04-07T12:55:00Z
1
value 0.00915
scoring_system epss
scoring_elements 0.75938
published_at 2026-04-16T12:55:00Z
2
value 0.00915
scoring_system epss
scoring_elements 0.759
published_at 2026-04-13T12:55:00Z
3
value 0.00915
scoring_system epss
scoring_elements 0.75906
published_at 2026-04-12T12:55:00Z
4
value 0.00915
scoring_system epss
scoring_elements 0.75925
published_at 2026-04-11T12:55:00Z
5
value 0.00915
scoring_system epss
scoring_elements 0.75902
published_at 2026-04-09T12:55:00Z
6
value 0.00915
scoring_system epss
scoring_elements 0.75889
published_at 2026-04-08T12:55:00Z
7
value 0.00915
scoring_system epss
scoring_elements 0.75845
published_at 2026-04-02T12:55:00Z
8
value 0.00915
scoring_system epss
scoring_elements 0.75877
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-21272
1
reference_url https://github.com/mysql/mysql-connector-python
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mysql/mysql-connector-python
2
reference_url https://github.com/mysql/mysql-connector-python/commit/e6b927af06e8a85bd3754f602df96a5592b4558c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mysql/mysql-connector-python/commit/e6b927af06e8a85bd3754f602df96a5592b4558c
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-21272
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-21272
4
reference_url https://www.oracle.com/security-alerts/cpuoct2024.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T20:31:30Z/
url https://www.oracle.com/security-alerts/cpuoct2024.html
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085297
reference_id 1085297
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085297
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_connector\/python:9.0.0_and_prior:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:mysql_connector\/python:9.0.0_and_prior:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_connector\/python:9.0.0_and_prior:*:*:*:*:*:*:*
7
reference_url https://github.com/advisories/GHSA-hgjp-83m4-h4fj
reference_id GHSA-hgjp-83m4-h4fj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hgjp-83m4-h4fj
fixed_packages
0
url pkg:pypi/mysql-connector-python@9.1.0
purl pkg:pypi/mysql-connector-python@9.1.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/mysql-connector-python@9.1.0
aliases CVE-2024-21272, GHSA-hgjp-83m4-h4fj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hcw3-ymdx-pfas
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/mysql-connector-python@8.0.32