Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/mysql-connector-python@9.5.0-1?distro=sid
Typedeb
Namespacedebian
Namemysql-connector-python
Version9.5.0-1
Qualifiers
distro sid
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-22pw-wmqg-gke3
vulnerability_id VCID-22pw-wmqg-gke3
summary Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 6.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-21548
reference_id
reference_type
scores
0
value 0.00135
scoring_system epss
scoring_elements 0.3314
published_at 2026-04-21T12:55:00Z
1
value 0.00135
scoring_system epss
scoring_elements 0.33177
published_at 2026-04-18T12:55:00Z
2
value 0.00135
scoring_system epss
scoring_elements 0.33279
published_at 2026-04-02T12:55:00Z
3
value 0.00135
scoring_system epss
scoring_elements 0.33311
published_at 2026-04-04T12:55:00Z
4
value 0.00135
scoring_system epss
scoring_elements 0.33144
published_at 2026-04-07T12:55:00Z
5
value 0.00135
scoring_system epss
scoring_elements 0.33187
published_at 2026-04-08T12:55:00Z
6
value 0.00135
scoring_system epss
scoring_elements 0.3322
published_at 2026-04-09T12:55:00Z
7
value 0.00135
scoring_system epss
scoring_elements 0.33222
published_at 2026-04-11T12:55:00Z
8
value 0.00135
scoring_system epss
scoring_elements 0.33183
published_at 2026-04-12T12:55:00Z
9
value 0.00135
scoring_system epss
scoring_elements 0.33159
published_at 2026-04-13T12:55:00Z
10
value 0.00135
scoring_system epss
scoring_elements 0.33199
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-21548
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093881
reference_id 1093881
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093881
2
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_connector\/python:9.1.0_and_prior:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:mysql_connector\/python:9.1.0_and_prior:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_connector\/python:9.1.0_and_prior:*:*:*:*:*:*:*
3
reference_url https://www.oracle.com/security-alerts/cpujan2025.html
reference_id cpujan2025.html
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-22T17:53:03Z/
url https://www.oracle.com/security-alerts/cpujan2025.html
fixed_packages
0
url pkg:deb/debian/mysql-connector-python@9.2.0-1?distro=sid
purl pkg:deb/debian/mysql-connector-python@9.2.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-connector-python@9.2.0-1%3Fdistro=sid
1
url pkg:deb/debian/mysql-connector-python@9.5.0-1?distro=sid
purl pkg:deb/debian/mysql-connector-python@9.5.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-connector-python@9.5.0-1%3Fdistro=sid
aliases CVE-2025-21548
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-22pw-wmqg-gke3
1
url VCID-7xu8-ktjc-huhp
vulnerability_id VCID-7xu8-ktjc-huhp
summary 
Improper Access Control
Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Connectors accessible data as well as unauthorized access to critical data or complete access to all MySQL Connectors accessible data.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00044.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:56:24Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00044.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00053.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:56:24Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00053.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2435
reference_id
reference_type
scores
0
value 0.02601
scoring_system epss
scoring_elements 0.85639
published_at 2026-04-21T12:55:00Z
1
value 0.02601
scoring_system epss
scoring_elements 0.85642
published_at 2026-04-18T12:55:00Z
2
value 0.02601
scoring_system epss
scoring_elements 0.85637
published_at 2026-04-16T12:55:00Z
3
value 0.02728
scoring_system epss
scoring_elements 0.8594
published_at 2026-04-09T12:55:00Z
4
value 0.02728
scoring_system epss
scoring_elements 0.85948
published_at 2026-04-13T12:55:00Z
5
value 0.02728
scoring_system epss
scoring_elements 0.8593
published_at 2026-04-08T12:55:00Z
6
value 0.02728
scoring_system epss
scoring_elements 0.85953
published_at 2026-04-12T12:55:00Z
7
value 0.02728
scoring_system epss
scoring_elements 0.85955
published_at 2026-04-11T12:55:00Z
8
value 0.02728
scoring_system epss
scoring_elements 0.85912
published_at 2026-04-07T12:55:00Z
9
value 0.02728
scoring_system epss
scoring_elements 0.8591
published_at 2026-04-04T12:55:00Z
10
value 0.02728
scoring_system epss
scoring_elements 0.85893
published_at 2026-04-02T12:55:00Z
11
value 0.02728
scoring_system epss
scoring_elements 0.85881
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2435
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2435
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2435
4
reference_url https://cwe.mitre.org/data/definitions/284.html
reference_id
reference_type
scores
url https://cwe.mitre.org/data/definitions/284.html
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/mysql/mysql-connector-python
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mysql/mysql-connector-python
7
reference_url https://security.netapp.com/advisory/ntap-20190118-0002
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190118-0002
8
reference_url https://security.netapp.com/advisory/ntap-20190118-0002/
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:56:24Z/
url https://security.netapp.com/advisory/ntap-20190118-0002/
9
reference_url http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:56:24Z/
url http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
10
reference_url http://www.securityfocus.com/bid/106616
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:56:24Z/
url http://www.securityfocus.com/bid/106616
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919820
reference_id 919820
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919820
12
reference_url https://security.archlinux.org/ASA-201902-21
reference_id ASA-201902-21
reference_type
scores
url https://security.archlinux.org/ASA-201902-21
13
reference_url https://security.archlinux.org/AVG-898
reference_id AVG-898
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-898
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vsphere:*:*
reference_id cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vsphere:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vsphere:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*
reference_id cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-2435
reference_id CVE-2019-2435
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-2435
20
reference_url https://github.com/advisories/GHSA-v5rq-w2xm-7g5f
reference_id GHSA-v5rq-w2xm-7g5f
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v5rq-w2xm-7g5f
fixed_packages
0
url pkg:deb/debian/mysql-connector-python@8.0.14-1?distro=sid
purl pkg:deb/debian/mysql-connector-python@8.0.14-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-connector-python@8.0.14-1%3Fdistro=sid
1
url pkg:deb/debian/mysql-connector-python@9.5.0-1?distro=sid
purl pkg:deb/debian/mysql-connector-python@9.5.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-connector-python@9.5.0-1%3Fdistro=sid
aliases CVE-2019-2435, GHSA-v5rq-w2xm-7g5f
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7xu8-ktjc-huhp
2
url VCID-8jek-ygjg-nyha
vulnerability_id VCID-8jek-ygjg-nyha
summary Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-21170
reference_id
reference_type
scores
0
value 0.0013
scoring_system epss
scoring_elements 0.32445
published_at 2026-04-21T12:55:00Z
1
value 0.0013
scoring_system epss
scoring_elements 0.325
published_at 2026-04-16T12:55:00Z
2
value 0.0013
scoring_system epss
scoring_elements 0.32479
published_at 2026-04-18T12:55:00Z
3
value 0.0013
scoring_system epss
scoring_elements 0.3259
published_at 2026-04-02T12:55:00Z
4
value 0.0013
scoring_system epss
scoring_elements 0.32626
published_at 2026-04-04T12:55:00Z
5
value 0.0013
scoring_system epss
scoring_elements 0.32449
published_at 2026-04-07T12:55:00Z
6
value 0.0013
scoring_system epss
scoring_elements 0.32497
published_at 2026-04-08T12:55:00Z
7
value 0.0013
scoring_system epss
scoring_elements 0.32525
published_at 2026-04-09T12:55:00Z
8
value 0.0013
scoring_system epss
scoring_elements 0.32529
published_at 2026-04-11T12:55:00Z
9
value 0.0013
scoring_system epss
scoring_elements 0.32491
published_at 2026-04-12T12:55:00Z
10
value 0.0013
scoring_system epss
scoring_elements 0.32465
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-21170
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077767
reference_id 1077767
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077767
2
reference_url https://www.oracle.com/security-alerts/cpujul2024.html
reference_id cpujul2024.html
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T13:39:15Z/
url https://www.oracle.com/security-alerts/cpujul2024.html
fixed_packages
0
url pkg:deb/debian/mysql-connector-python@9.0.0-1?distro=sid
purl pkg:deb/debian/mysql-connector-python@9.0.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-connector-python@9.0.0-1%3Fdistro=sid
1
url pkg:deb/debian/mysql-connector-python@9.5.0-1?distro=sid
purl pkg:deb/debian/mysql-connector-python@9.5.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-connector-python@9.5.0-1%3Fdistro=sid
aliases CVE-2024-21170
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8jek-ygjg-nyha
3
url VCID-fyqu-rhnh-ckgk
vulnerability_id VCID-fyqu-rhnh-ckgk
summary Unspecified vulnerability in the MySQL Connector component 2.1.3 and earlier and 2.0.4 and earlier in Oracle MySQL allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Connector/Python.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5598
reference_id
reference_type
scores
0
value 0.00304
scoring_system epss
scoring_elements 0.5371
published_at 2026-04-21T12:55:00Z
1
value 0.00304
scoring_system epss
scoring_elements 0.53687
published_at 2026-04-13T12:55:00Z
2
value 0.00304
scoring_system epss
scoring_elements 0.53725
published_at 2026-04-16T12:55:00Z
3
value 0.00304
scoring_system epss
scoring_elements 0.53729
published_at 2026-04-18T12:55:00Z
4
value 0.00304
scoring_system epss
scoring_elements 0.53602
published_at 2026-04-01T12:55:00Z
5
value 0.00304
scoring_system epss
scoring_elements 0.53627
published_at 2026-04-02T12:55:00Z
6
value 0.00304
scoring_system epss
scoring_elements 0.53655
published_at 2026-04-04T12:55:00Z
7
value 0.00304
scoring_system epss
scoring_elements 0.53622
published_at 2026-04-07T12:55:00Z
8
value 0.00304
scoring_system epss
scoring_elements 0.53674
published_at 2026-04-08T12:55:00Z
9
value 0.00304
scoring_system epss
scoring_elements 0.53672
published_at 2026-04-09T12:55:00Z
10
value 0.00304
scoring_system epss
scoring_elements 0.53721
published_at 2026-04-11T12:55:00Z
11
value 0.00304
scoring_system epss
scoring_elements 0.53704
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5598
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url http://www.securitytracker.com/id/1037050
reference_id 1037050
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T17:49:04Z/
url http://www.securitytracker.com/id/1037050
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841677
reference_id 841677
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841677
4
reference_url http://www.securityfocus.com/bid/93653
reference_id 93653
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T17:49:04Z/
url http://www.securityfocus.com/bid/93653
fixed_packages
0
url pkg:deb/debian/mysql-connector-python@2.1.5-1?distro=sid
purl pkg:deb/debian/mysql-connector-python@2.1.5-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-connector-python@2.1.5-1%3Fdistro=sid
1
url pkg:deb/debian/mysql-connector-python@9.5.0-1?distro=sid
purl pkg:deb/debian/mysql-connector-python@9.5.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-connector-python@9.5.0-1%3Fdistro=sid
aliases CVE-2016-5598
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fyqu-rhnh-ckgk
4
url VCID-hcw3-ymdx-pfas
vulnerability_id VCID-hcw3-ymdx-pfas
summary 
MySQL Connector/Python connector takeover vulnerability
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python).  Supported versions that are affected are 9.0.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-21272
reference_id
reference_type
scores
0
value 0.00915
scoring_system epss
scoring_elements 0.75845
published_at 2026-04-02T12:55:00Z
1
value 0.00915
scoring_system epss
scoring_elements 0.75927
published_at 2026-04-21T12:55:00Z
2
value 0.00915
scoring_system epss
scoring_elements 0.7594
published_at 2026-04-18T12:55:00Z
3
value 0.00915
scoring_system epss
scoring_elements 0.75938
published_at 2026-04-16T12:55:00Z
4
value 0.00915
scoring_system epss
scoring_elements 0.759
published_at 2026-04-13T12:55:00Z
5
value 0.00915
scoring_system epss
scoring_elements 0.75906
published_at 2026-04-12T12:55:00Z
6
value 0.00915
scoring_system epss
scoring_elements 0.75925
published_at 2026-04-11T12:55:00Z
7
value 0.00915
scoring_system epss
scoring_elements 0.75902
published_at 2026-04-09T12:55:00Z
8
value 0.00915
scoring_system epss
scoring_elements 0.75889
published_at 2026-04-08T12:55:00Z
9
value 0.00915
scoring_system epss
scoring_elements 0.75857
published_at 2026-04-07T12:55:00Z
10
value 0.00915
scoring_system epss
scoring_elements 0.75877
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-21272
1
reference_url https://github.com/mysql/mysql-connector-python
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mysql/mysql-connector-python
2
reference_url https://github.com/mysql/mysql-connector-python/commit/e6b927af06e8a85bd3754f602df96a5592b4558c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/mysql/mysql-connector-python/commit/e6b927af06e8a85bd3754f602df96a5592b4558c
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-21272
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-21272
4
reference_url https://www.oracle.com/security-alerts/cpuoct2024.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T20:31:30Z/
url https://www.oracle.com/security-alerts/cpuoct2024.html
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085297
reference_id 1085297
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085297
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_connector\/python:9.0.0_and_prior:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:mysql_connector\/python:9.0.0_and_prior:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_connector\/python:9.0.0_and_prior:*:*:*:*:*:*:*
7
reference_url https://github.com/advisories/GHSA-hgjp-83m4-h4fj
reference_id GHSA-hgjp-83m4-h4fj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hgjp-83m4-h4fj
fixed_packages
0
url pkg:deb/debian/mysql-connector-python@9.1.0-1?distro=sid
purl pkg:deb/debian/mysql-connector-python@9.1.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-connector-python@9.1.0-1%3Fdistro=sid
1
url pkg:deb/debian/mysql-connector-python@9.5.0-1?distro=sid
purl pkg:deb/debian/mysql-connector-python@9.5.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-connector-python@9.5.0-1%3Fdistro=sid
aliases CVE-2024-21272, GHSA-hgjp-83m4-h4fj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hcw3-ymdx-pfas
5
url VCID-ntdx-3evm-vkcw
vulnerability_id VCID-ntdx-3evm-vkcw
summary 
Privilege Escalation
Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3590
reference_id
reference_type
scores
0
value 0.00067
scoring_system epss
scoring_elements 0.20773
published_at 2026-04-21T12:55:00Z
1
value 0.00067
scoring_system epss
scoring_elements 0.20824
published_at 2026-04-01T12:55:00Z
2
value 0.00067
scoring_system epss
scoring_elements 0.20974
published_at 2026-04-02T12:55:00Z
3
value 0.00067
scoring_system epss
scoring_elements 0.21032
published_at 2026-04-04T12:55:00Z
4
value 0.00067
scoring_system epss
scoring_elements 0.20746
published_at 2026-04-07T12:55:00Z
5
value 0.00067
scoring_system epss
scoring_elements 0.20825
published_at 2026-04-08T12:55:00Z
6
value 0.00067
scoring_system epss
scoring_elements 0.20886
published_at 2026-04-09T12:55:00Z
7
value 0.00067
scoring_system epss
scoring_elements 0.20901
published_at 2026-04-11T12:55:00Z
8
value 0.00067
scoring_system epss
scoring_elements 0.20858
published_at 2026-04-12T12:55:00Z
9
value 0.00067
scoring_system epss
scoring_elements 0.20806
published_at 2026-04-13T12:55:00Z
10
value 0.00067
scoring_system epss
scoring_elements 0.20796
published_at 2026-04-16T12:55:00Z
11
value 0.00067
scoring_system epss
scoring_elements 0.20788
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3590
1
reference_url https://github.com/mysql/mysql-connector-python
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/mysql/mysql-connector-python
2
reference_url http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:30Z/
url http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
3
reference_url http://www.securityfocus.com/bid/97840
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:30Z/
url http://www.securityfocus.com/bid/97840
4
reference_url http://www.securitytracker.com/id/1038287
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:30Z/
url http://www.securitytracker.com/id/1038287
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861511
reference_id 861511
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861511
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:connector\/python:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:connector\/python:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:connector\/python:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-3590
reference_id CVE-2017-3590
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:P/A:N
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
3
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-3590
8
reference_url https://github.com/advisories/GHSA-2cf3-g243-hhfx
reference_id GHSA-2cf3-g243-hhfx
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2cf3-g243-hhfx
fixed_packages
0
url pkg:deb/debian/mysql-connector-python@2.1.6-1?distro=sid
purl pkg:deb/debian/mysql-connector-python@2.1.6-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-connector-python@2.1.6-1%3Fdistro=sid
1
url pkg:deb/debian/mysql-connector-python@9.5.0-1?distro=sid
purl pkg:deb/debian/mysql-connector-python@9.5.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-connector-python@9.5.0-1%3Fdistro=sid
aliases CVE-2017-3590, GHSA-2cf3-g243-hhfx
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ntdx-3evm-vkcw
6
url VCID-pnb6-fu96-qbc3
vulnerability_id VCID-pnb6-fu96-qbc3
summary Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-21090
reference_id
reference_type
scores
0
value 0.00269
scoring_system epss
scoring_elements 0.50432
published_at 2026-04-21T12:55:00Z
1
value 0.00269
scoring_system epss
scoring_elements 0.50451
published_at 2026-04-16T12:55:00Z
2
value 0.00269
scoring_system epss
scoring_elements 0.50455
published_at 2026-04-18T12:55:00Z
3
value 0.00269
scoring_system epss
scoring_elements 0.50378
published_at 2026-04-02T12:55:00Z
4
value 0.00269
scoring_system epss
scoring_elements 0.50406
published_at 2026-04-04T12:55:00Z
5
value 0.00269
scoring_system epss
scoring_elements 0.50356
published_at 2026-04-07T12:55:00Z
6
value 0.00269
scoring_system epss
scoring_elements 0.5041
published_at 2026-04-08T12:55:00Z
7
value 0.00269
scoring_system epss
scoring_elements 0.50403
published_at 2026-04-09T12:55:00Z
8
value 0.00269
scoring_system epss
scoring_elements 0.50444
published_at 2026-04-11T12:55:00Z
9
value 0.00269
scoring_system epss
scoring_elements 0.50421
published_at 2026-04-12T12:55:00Z
10
value 0.00269
scoring_system epss
scoring_elements 0.50407
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-21090
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077767
reference_id 1077767
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077767
2
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_connectors:8.3.0_and_prior:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:mysql_connectors:8.3.0_and_prior:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_connectors:8.3.0_and_prior:*:*:*:*:*:*:*
3
reference_url https://www.oracle.com/security-alerts/cpuapr2024.html
reference_id cpuapr2024.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-01T21:15:25Z/
url https://www.oracle.com/security-alerts/cpuapr2024.html
fixed_packages
0
url pkg:deb/debian/mysql-connector-python@9.0.0-1?distro=sid
purl pkg:deb/debian/mysql-connector-python@9.0.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-connector-python@9.0.0-1%3Fdistro=sid
1
url pkg:deb/debian/mysql-connector-python@9.5.0-1?distro=sid
purl pkg:deb/debian/mysql-connector-python@9.5.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-connector-python@9.5.0-1%3Fdistro=sid
aliases CVE-2024-21090
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pnb6-fu96-qbc3
7
url VCID-wsv2-95bs-kkdw
vulnerability_id VCID-wsv2-95bs-kkdw
summary Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Connectors accessible data. CVSS 3.1 Base Score 4.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-30714
reference_id
reference_type
scores
0
value 0.00224
scoring_system epss
scoring_elements 0.45087
published_at 2026-04-21T12:55:00Z
1
value 0.00224
scoring_system epss
scoring_elements 0.45136
published_at 2026-04-18T12:55:00Z
2
value 0.00224
scoring_system epss
scoring_elements 0.45085
published_at 2026-04-02T12:55:00Z
3
value 0.00224
scoring_system epss
scoring_elements 0.45107
published_at 2026-04-04T12:55:00Z
4
value 0.00224
scoring_system epss
scoring_elements 0.4505
published_at 2026-04-07T12:55:00Z
5
value 0.00224
scoring_system epss
scoring_elements 0.45102
published_at 2026-04-09T12:55:00Z
6
value 0.00224
scoring_system epss
scoring_elements 0.45125
published_at 2026-04-11T12:55:00Z
7
value 0.00224
scoring_system epss
scoring_elements 0.45092
published_at 2026-04-12T12:55:00Z
8
value 0.00224
scoring_system epss
scoring_elements 0.45094
published_at 2026-04-13T12:55:00Z
9
value 0.00224
scoring_system epss
scoring_elements 0.45143
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-30714
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103396
reference_id 1103396
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103396
2
reference_url https://www.oracle.com/security-alerts/cpuapr2025.html
reference_id cpuapr2025.html
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:08:18Z/
url https://www.oracle.com/security-alerts/cpuapr2025.html
fixed_packages
0
url pkg:deb/debian/mysql-connector-python@9.3.0-1?distro=sid
purl pkg:deb/debian/mysql-connector-python@9.3.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-connector-python@9.3.0-1%3Fdistro=sid
1
url pkg:deb/debian/mysql-connector-python@9.5.0-1?distro=sid
purl pkg:deb/debian/mysql-connector-python@9.5.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-connector-python@9.5.0-1%3Fdistro=sid
aliases CVE-2025-30714
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wsv2-95bs-kkdw
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/mysql-connector-python@9.5.0-1%3Fdistro=sid